Happy Friday Watchers!
Last week I mentioned some of the wild things I saw at DEF CON. But the one that stuck with me was the social engineering capture the flag (ctf) competition.
Social engineering is just a fancy word for scamming. A lot of the high profile “hacks” you hear about in the media are actually social engineering attacks. A hacker will research somebody, then call customer support for multiple companies, piecing together enough info to get into their accounts.
Capture the flag is the standard for a hacking competition. Information or files are planted in a system and contestants have to hack in and retrieve them.
But the social engineering ctf is a little different. Contestants are given a real company to research. Then on the day of the competition they’re placed in a soundproof booth and make live calls to real people. Their goal is to get as much information from the people on the other end as possible in 20 minutes. The whole thing is broadcast to a room of 700 people.
It was wild to watch. The first few people mostly got hung up on, but then the experts were up… I left with the distinct impression that they could have walked away with anything they wanted. If you’re interested in learning more hit reply or check out the Security through Education
Cheers from Charleston ✌️
P.S. Shout out to my buddy Clay
(whose article I included last week) for the closest guess of how much money We Work has lost this year. The answer is $690 MILLION DOLLARS. Wut.