2024-12-14 –, Track 3
There are thousands of scamming and phishing attacks performed every day. It is one of the most lucrative and profitable forms of hacking, involving the manipulation of humans. But how do criminals reach their victims? What are their techniques? And can anyone be hacked? The answer is yes, and I will show you the process of how to achieve that.
You will hear two stories of crime: the story of a kidnapped daughter and the story of a fake DJ. In these stories, we will explore key techniques that, when implemented correctly, can provide a blueprint for hacking anyone.
Preparation of a Hack: Identifying the right victim and their weaknesses. This section of the talk outlines simple steps for uncovering a target's vulnerabilities that can be exploited. We will dive into how to evaluate time, effort, and reward like a true criminal.
The Attack: The process and closure. What techniques work and how to keep the victim engaged. As we will see, these techniques are straightforward and can be applied to any victim profile.
The Reward: What is the reward, and what happens if a financial transaction is involved? This section will emphasize that the hack is often the easier part. Cleaning the money requires seasoned criminals.
The talk will address a broader question: What can we, as cybersecurity professionals, do, and has our approach been wrong? The talk will conclude by analyzing different types of attackers because if we do not understand the psychology of the criminal, the techniques we employ to protect targets will continue to be insufficient.
Dita is a former offensive cybersecurity consultant, now working as a social engineering consultant and therapist under her BrainHacker brand. Her long-term interest in technology and the human mind ultimately led her to venture into the field of cybersecurity. Her knowledge of hacking and human behavior inspired her to explore how companies and individuals are hacked in real life and what techniques criminals tend to implement.