Hacking Humans

Social Engineering works because we're human.
A flood of misinformation and fake news.
Gaming pro athletes online.
Playing on kindness.
Separating fools from money.
Phone scams, phantom employees and sitting Ducks.
Presidential prank, pensioner pilfered.
Think like an attacker.
Nothing up my sleeve.
Luring unsuspecting money mules.
Focus, technology, and training fight phishing.
Sometimes less is more.
Telling the truth in a dishonest way.
Red teaming starts with research.
Real estate transactions in the crosshairs.
Influence versus manipulation.
Stringing along a scammer.
Kidnappers, robots and deep fakes.
Easier to trick than to hack.
Information is the life blood of social engineering.
Waste my time and I'll waste yours back.
Fear, flattery, greed and timing.
Scams are fraud and fraud is crime.
Human sources are essential.
CEOs can be the weakest link.
Be very aware of your desire to be right.
Bringing trust to a trustless world.
A pesky problem that doesn't go away.
Truth emerges from the clash of ideas.
At some point you're probably going to have to do some running.
Trained humans are your strongest link.
Prisoners have nothing but time.
Opening your eyes to the reality in which we live.
The excitement of tricking someone wears off quickly.
Make it seem like the real answer is impossible to know.
The trauma is multifactored.
Stop and think before you click that link.
Delivering yourself to a kidnapper.
Don't assume younger people get it.
When we rush we make bad decisions.
Kids are a great target.
Pick a persona to match the goal.
Girl Scouts empowering cyber security leaders.
Scammers have no ethics whatsoever.
I have been practicing honesty and truthfulness my whole life.
Let's play, "Covered by cyber insurance — true or false?"
Twitter bots amplifying divisive messages.
A data-driven approach to trust.
Live at KB4CON 2019.
People aren't perfectly rational.
Be willing to admit you don't know everything.
The best way to break in is to walk through the front door.
Just because I trusted you yesterday doesn't mean I trust you today.
The knowledge / intention behavior gap.
Be wary of all emails.
Encore — Separating fools from money.
Know and spot the patterns.
The skills gap disconnect.
Looking after Dad.
Images are the language of the brain.
Positive pretexting on the rise.
Swamping search results for reputation management.
Backups backups backups.
Securing your SMS.
Think before you post.
An ethical hacker can be a teacher.
Algorithms controlling truth in our society.
The usefulness of single sign on.
The ultimate hacking tool.
Don't trust ransomware to tell you its real name.
The fallacy of futility.
The ability to fundamentally deceive someone.
Don't dismiss the fraudsters.
The Malware Mash!
When you are the target, objectivity is gone.
Skepticism is the first step.
Security has to be friendly.
I really wanted that shed.
If you didn't ask for it don't install it.
Managing access and insider threats.
Telling The Truth In A Dishonest Way - Rebroadcast
Leading by example and positive reenforcement.
Ransomware is a reality.
Life in the (second) age of pirates.
Flipping the script.
They had no idea.
I wouldn't want my computer to be disappointed.
Fake news and misplaced trust.
Hi, I'm trying to steal your money.
The art of cheating.
Don't go looking for morality here.
Winking emoji.
Disinformation vs. misinformation.
Paging Dr. Dochterman.
Shedding light on the human element.
Even famous people get scammed.
They're getting smart, but we're getting smarter.
Wallet inspector.
Passwords are the easiest things to steal.
Exploiting our distractions. 
Every day you're a firefighter.
How scammers fill the gap.
HH Extra - Happy 100 shows!
Wearing a mask in the Oval Office.
Seniors and millennials more alike than people think.
Presenting: Ask more people to dance. - Career Notes
Taking a selfie with your ID.
It can happen to anybody.
Close in your pajamas.
Because they deserve the money!
Send me money so I know you are real.
A little dose of skepticism.
Never think of security as a destination.
Be the custodian of your own digital identity.
Ignore the actor, focus on the behavior.
NMAP (noun) [Word Notes]
Flying under the radar.
Zero-day (adjective) [Word Notes]
Many times it is less sophisticated than we think.
man trap (noun) [Word Notes]
Take a deep breath.
social engineering (noun) [Word Notes]
It's evolving rapidly and getting more furious by the minute.
penetration test (noun) [Word Notes]
The story is what gets people in.
cross-site scripting (noun) [Word Notes]
Your information is already on the Dark Web.
The Bombe (noun) [Word Notes]
It's human nature.
credential stealing (verb) [Word Notes]
Cookies make for some tasty phishing lure.
phishing (verb) [Word Notes]
Don't click any button...even the 'No' button.
darknet (noun) [Word Notes]
Use a Dance Dance Revolution floor lock for your data centers.
rogue access point (noun) [Word Notes]
What is true and important versus what is the spin.
anagram (noun) [Word Notes]
New consequences, extortion and cyber insurance.
The Malware Mash!
David Sanger on the HBO documentary based off his book, "The Perfect Weapon". [Special Edition]
business email compromise or BEC (noun) [Word Notes]
Too good to be true.
remote access Trojan or RAT (noun) [Word Notes}
Ransomware: Statistically, it's likely to happen to anybody.
Network Detection and Response (NDR) (noun) [Word Notes]
shadow IT (noun) {Word Notes]
The public's expectations are changing.
port mirroring (noun) [Word Notes]
Encore: Wearing a mask in the Oval Office and the art of deception.
smishing (SMS phishing) (noun) [Word Notes]
Network Time Protocol (NTP) attack (noun) [Word Notes]
Going behind the scenes and preventing social engineering in financial institutions.
Virtual Private Network (VPN) (noun) [Word Notes}
cyber threat intelligence (CTI) (noun) [Word Notes]
The landscape has shifted for holiday shopping to online.
identity theft (noun) [Word Notes]
Phishing lures that may be in your inbox soon, and how to deal "left of bang."
tactics, techniques and procedures (TTPs) (noun) [Word Notes]
rootkit (noun) [Word Notes]
Encore: Separating fools from money. [Hacking Humans]
deep packet inspection (DPI) (noun) [Word Notes]
Encore: Don't go looking for morality here. [Hacking Humans]
fuzzing (noun) [Word Notes]
Unix (noun) [Word Notes]
Combating growing online financial fraud.
greyware (noun) [Word Notes]
As B2C interactions shift online, call centers become new fraud vector.
Daemon (noun) [Word Notes]
Targeted phishing campaigns and lottery scams abound.