1 hour 31 minutes
If you're gonna be utilizing this strategy, you want to make sure that you profile the audience using specific social engineering techniques,
these techniques of really important to ensure that you get the right type of volunteer.
So let's go through the questions one by one on our explained the rationale behind it.
So question one. Sit down. If you have never done anything silly before,
this is a great question because it's an ice breaker.
There were some people in the audience that will look at this and go. There is no way in the world that I'm going to volunteer. It also allows you to create a little bit humor within the presentation itself. Because, let's face it, we've all done something silly in our lifetime. But if somebody is going to sit down at this point, you don't want them as a volunteer
in the first place.
Because if they believe that they haven't done anything silly, chances are they're not gonna be very social
more importantly than not gonna have a lot off activity on their social media profiles. And finally, there is a very high risk that if you do pick this person, they're going to say no, I don't want to volunteer for fear of embarrassing themselves.
Let's go on to question number two.
Sit down. If you don't have a Facebook account, this is a really important question because most people have a Facebook account.
When you profile the audience,
most of them will have not only a Facebook account, but they'll also have the Facebook app installed on this smart device.
If they don't have a Facebook account, you want to eliminate these people straight away. Most people don't realize it, but they post sensitive information about themselves that we can then pick up and use for identity theft in our presentation. So if they don't have a Facebook account,
we can't get access to this information
easily. The third question ties in quite nicely in here is, Well, sit down. If you don't post regularly on Facebook, we want somebody that is really active on Facebook, and this is really important because the more active they are, there is a greater chance that they're going to be posting information about themselves
that maybe they shouldn't have
I their address or their date of birth, which is the information that we're looking for
for question, for its exactly same. We're repeating steps two and three. But when now, asking for Instagram accounts, Twitter accounts, Google Plus accounts, Snapchat linked in and Pinterest.
By now we should have whittled down the audience to maybe a dozen, maybe 20 people, maybe 50 people, depending on how large the audiences to start off with.
Now we start to go further into our social engineering questions.
Sit down. If you know all of your Facebook friends
again, this is super important because we know that people that will befriend anyone and everyone, whether it be to gain a bonus in the game or something similar like that or they just want to be really, really social on or really, really active on social media.
We want these types of people.
We don't want somebody that has a closed Facebook environment. I only posted their friends and nobody else. They lock everything down. We want somebody that is really, really open.
If you still got some people that are standing up, you wanna whittle it down to one or two people. So the next question is have never entered an online contest.
This may reduce some people But chances are everybody was still keep standing up. The next question. Have never set up an online dating profile?
This is an interesting question here because people get embarrassed about admitting to the fact that they have set up an online dating profile again. What we're trying to do here is we're trying to find somebody that is social, doesn't mind still laughing at themselves and, more importantly,
will volunteer for the identity hack presentation.
If you get stuck at this point and you've still got quite a few people, you've got to follow up questions. I've found that by asking Question Number eight. Almost everybody sits down have never been on an online dating. Most people don't want to admit the fact that day have been on an online date, too.
Strangers in the audience.
The final question, if you need to use it, is do not want to volunteer because again, we don't want somebody that doesn't want to volunteer, because then we don't have a presentation.
So let's go through some of the tips and tricks.
The 1st 1 and this is really super important is be aware of people wanting their 15 minutes of fame There are some people out there that just want to be on the stage of whether it's to make a fool themselves or whether it's to try and outsmart you, because I think that their information is unhittable
and that leads on to the second part here. There may be some people within the audience, and I come across this in pretty much
every single audience where they think that they are on hackable. So we need to utilize the profiling questions that I stated before to really wait them out.
The more socially active the volunteers, the better
in my experience and I've done over 100 of these presentations. In my experience, I've found that people aged between 18 to 30 are the most active group on social media.
Maur. Importantly, these people have not really thought about the type of information they're posting about themselves as well as their friends on social media, which is what we want.
As of stated before the online dating, questions would usually narrow down the volunteers to a few people so used this last.
If you still have a few volunteers, ask for their night
what I recommend that you do here is that you pick the most unusual name as your first preference. The more common the name, the harder it may be to find the person. Where is the more obscure the name? It can be very easy to really identify that person very quickly,
If you’re looking to enter any field in cybersecurity, you’ll want to learn the basics ...
2 CEU/CPE Hours Available
Certificate of Completion Offered
Certified Information Systems Security Professional (CISSP) 2021
CISSP is the basis of advanced information assurance knowledge for information security professionals. Often referred ...
16 CEU/CPE Hours Available
Certificate of Completion Offered