Human Beings are stupid by default ! Human Stupidity never fails to amaze any one. We do very very stupid things, unknowingly of-course. This article is about how hackers or any one can tap into the human mind and take advantage of it in every way possible, usually called exploitation. This is either taught or some have this talent by birth for example people like Kevin Mitnick.
Before writing this blog post I just read a tweet on my Twitter Bot that “… do not worry about the Facebook cancellation email” , usually sent by hackers, to fool the innocent Facebook users in giving off their username/password to the hacker. It kept me thinking that why does this happen , why do people fall prey to such scams ! Even if they are technical or not ,they fall for it.Why does this happen?
For an introduction, I would like to say that usually this happens because the hackers know your weaknesses and by you I mean every body. Hackers exploit these weaknesses to gain username/passwords and other information, usually called Social Engineering ! This talent can be weaponized and used to overthrow governments, start wars, financial gain etc. Once this talent is weaponized and used, it is called Psychological Warfare.
Psychological Warfare is actually mind games on steroids ! The applications and scope of Psychological warfare is broader to an exponential level. Now I would tell you the process of psychological warfare used by hackers, a shopkeeper, Governments, Military etc .
Exploiting Human Selfishness
Human beings are very selfish ! Once a great man , who is my teacher as well as a very good friend argued that human beings are very selfish ! They do nothing selflessly and I was against the argument and gave many valid points as loving my family or my parents, giving stuff in charity etc so how is it not a selfless act, I don’t get any thing in return. He smiled and said, doing charity helps your conscience to be at peace. You love your parents because it gives you satisfaction. You don’t do any thing that doesn’t give you satisfaction, hence its selfish at some level. Well my point being is that human beings are selfish. Every one has created his/her world around him/her and they just want to gain any thing and every thing from it.
Coming back to the topic , to how this is exploited. A simple example, every one likes free stuff, a hacker throws a USB flash disk on your door step or in your lawn, one would definitely pick it up and bring it home, well from a hacker’s perspective , any virus lurking in the usb will be executed and the computer would get infected and the usernames and passwords for your facebook , yahoo , hotmail etc would fly off to the hacker. Now in the second example as I mentioned earlier , the current scam for facebook cancellation message in the inbox . Why is everybody clicking on the link and getting hacked? Now here is a thought process that would start in my mind if I didn’t know about this , as soon as I would get this message I would say ” Niaah dude , its so fake ! ” and close the message window. Then after an hour or so I would think , what if the message was legit ! I mean what ever any one is saying , they didn’t get this message, I did!!! My Facebook account would be deleted, and I would be in loss ! The hell with it, I just have to goto the link and get it over with. After that I go onto the link and get hacked happily , but who cares atleast I saved my account from cancellation, so what if I got hacked but at least it would not get cancelled.
I hope my dear readers got the Idea !
Exploiting The Human Ego
You must have heard the sentence, ” I am right !! “! Me , Me , Me , I don’t care who you are and what your saying, I am right 100 percent. You must have seen your Bosses , Elder siblings , Teachers, etc, giving these statements. Now what is the best way to turn a no to a yes, in a Boss’s case ? You say : “Sir you are the best boss ever, what ever you say is right but if , though I don’t know much compared to you. Your knowledge is much more, but if you could accept blah blah blah , it would be great. I so want your input in this blah blah ! With out your input this blah blah is nothing. Please accept this !! ” There is a 80 Percent chance, No would change to a Maybe and 60 percent chance that No would change into a YES !!! Every one loves an Ego boost !
Hacking an account using social engineering and this technique.
Phase 1 :
Chat with your victim , for a while , and find a common subject. Once that is done , start the conversation about any controversial thing but never start giving the comments , for example : say .. ” I don’t know what this country is coming to , or what this school is coming to ! ” If the guy is a musician , say something that there aren’t many bands in the school and the whole music scene is getting destroyed and I think your band is the best there is ! The word flattery should come to mind ! and then you will notice the guy would start giving his comments, because every one has problems , no one is happy with what he has . Just listen to what he says and just say :” Yeh! man exactly ” etc ..
Phase 2 :
Take his email address , skype etc and him up ! Befriend him to a point where he starts trusting you. Then once done start the social engineering attacks. Install a Trojan onto his pc , and the list goes on !!
See how a little ego boost helped you gain valuable information. The scope of this blog is restricted to the hacker attacks. This can very easily be applied in real world , with real problems.
Intercepting and Messing with the Thought Process
Every one has his own thought process. If you say A in a room of three people, all three people sitting in the room will start thinking of some thing different. The point is to make them think the same thing as to what you are thinking. This is usually achieved when one doesn’t give time to think and bombards ones own thoughts onto the people listening.
When ever a group of people come into a room , or a classroom , they have their own thoughts . Naturally the human brain is in defensive state and the people in the room do not grasp or accept at first, what the teacher is saying. The key is to get to their level and talk about some thing of interest. Human mind has a vulnerability ! To explain that I would give an example : If two people are sitting in a room and a third person is telling his point of view about A Topic , the other two wont accept at first , but ass soon as he finds a common ground , say C , now they talk about C for 10 minutes. The brain naturally put its guard down , and the weakness is that after that every one would agree on Topic A and also any other Topic !!! So one has to make a common base, the rest is all easy.
The second way to mess with the thought process is not to be that desperate to convince ! Once that happens , if any one listens to what you say , no matter how absurd , will first refute the logic but when they will notice that the argument that you are giving is suggestive but not desperate , they will accept it eventually ! Human mind requires time to process the input.
Exploiting the Lack of Concentration
Every one loves their own thing. For example if one person likes reading love stories , he/she would have zero concentration if they read or are forced to read a sci-fi story. Now this is the thing that the hackers exploit . For example for an English professor , if there is no poetry then its useless. Now if she gets an inbox message by say the hacker , posing that he is from Facebook etc and the message is so long , with authentic logos and every thing ofcourse , she would skip every thing and goto the end ,where there would be a link to the hacker’s page and boom , the English professor got , as they say “pwned!”
Lack of concentration is a major factor for these attacks to be so successful.
These were some examples of the Human Weaknesses that are exploited during a Psychological Warfare. I did not mention how to over throw governments etc because for that I would have to write a whole book ! As this blog is related to Hacking and Security thus I had to stay in scope.