It’s Not All About “Me” by Robin Dreeke
Last week I taught a class on Digital Forensics. During the introduction I told my students I do social engineering and the students had clearly an interest in the topic. Instead of writing up a list of recommended reading I decided to make a little write up and tell you why I think this book is worth reading.
About The Author
I heard about this book while listening to the social-engineering podcast. The author, Robin Dreeke, was at the time the book came out an experienced trainer in interpersonal skills at the FBI and head of the Behavioral Analysis Program.
The idea is simple a social engineer needs to build a relationship which he or she will use to make the target take an action that may or may not be in her or his interest.
Relationships consist of a couple of components. First you build a rapport, then you build trust and finally you work to compliance. Although this is a very “theoretical” breakdown we can sometimes speak of going from ‘never spoken to’ to ‘complete compliance’ in a matter of minutes.
10 basic techniques
So how does building rapport work? Well basically there are 10 universal techniques. I encourage to notice them around you. You will use certain techniques already and others are used against you. We ask you of course to use this with no malicious intent in mind.
Establishing Artificial Time Constraints
The first technique is a classic. We are naturally aware that time is a scarce resource so you can’t hand it out like candy. By using language in which you present yourself respectful of somebody’s time you will yield more likely success that somebody will engage with you.
Body language is a very important topic in human communication since we determine through body language if somebody is actually a potential threat or not. It is thus important to understand the behavior of your body and how our body language is perceived by another party.
Body language goes a lot further but I will discuss that in another blogpost.
Slower Rate of Speech
Speech is more than what you say; it is also how you say your words. The best example that comes to mind is the French language. Depending on how you pronounce a sentence, the sentence is perceived as a statement or a question.
Slowing down your speech rate makes you sound like a late night FM station DJ. It takes practice to get to that smooth voice.
Sympathy or Assistance Theme
The sympathy or assistance theme are classics in that sense that you ask if you can get help from the person you target or you express sympathy for a situation the person is in.
The circumstances are “light” in the sense of “Can you hold my book because I need to check the time”.
The favorite topic of every human being is themselves. When you take an interest in that human being and learn to not talk about yourself we call this ego suspension. Ego suspension is a very important skill to learn.
Once you get a person speaking the issue becomes to break off the conversation in a sense you can go back to that person again.
Validation of Others
Validation is the classic “look mommy, look what I can do”. Human beings like to be complimented. There is a little caveat you must pay attention to, that is to compliment action or something not involving the person (for example clothes).
Although we know compliments are just compliments and we want to think we are not affected by them, we simply are.
There are 3 main techniques to do this:
- active listening
- validation of thoughts and opinion
An important concept to grasp is that you do not need to agree with somebody but you do recognize their side.
Ask How? When? and Why?
How, when and why are questions every journalist asks when interviewing people. These questions help you to create a coat hanger for any conversation.
As you have probably noticed stories stop after a while, which means as a social engineer we need to stimulate people to keep talking.
There are 6 basic techniques to elicit more information:
- minimal encourages (“uhu”, “i see|understand”)
- reflective question (repetition of the last 3 words with the right intonation)
- emotional labeling
- pauses (keeping quiet for 4 seconds after the person has pronounced the last word)
Quid Pro Quo
Quid pro quo is offering a bit of information. “A third party reference” is often a good conversation starter because the reference gives you some common ground to start with.
Reciprocity is one of the hardest things to resist. When people give you something the desire to give something back is strong.
There does not have to be a correlation between the gift and the gift’s economical value. Robin Dreeke describes an example of breath mints and hand sanitizer as a gift.
Every engagement with another being has an agenda. This means you have a desired outcome or objective.
When the objective isn’t met we can hold grudges or our feelings are hurt. Emotional detachment as described in stoicism is important because that means you can come back to the target with another proposal.
Why do I recommend this book?
Even if you are not into social engineering I recommend reading this book. One way it will make you a have better conversations and the other way is that you can start noticing patterns when people have used these techniques against you.
The book also contains a number of exercise which are really handy to start building a skill set.