Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Social engineering goes to the movies

Joan Goodchild | March 30, 2012
If you fall for a social engineer's trickery, it's embarrassing.

If you fall for a social engineer's trickery, it's embarrassing.

As long as it's happening to someone else, though, it can make for great cinema.

Security experts John Sileo and Chris Hadnagy gave us examples of some of their favorite social engineering scenes as portrayed in film. These movies offer an entertaining way to understand how social engineering works.

Matchstick Men

Con men Roy (Nicholas Cage) and Frank (Sam Rockwell) start their scam by calling victims and trying to selling them water filtration systems for hundreds of dollars. The same system is available for just $50 in a store. While working the phones, the two employ many classic social engineering moves, such as passing the phone from Frank to Roy who poses as Frank's boss, giving the operation more credibility.

From there, the two head to a victim's home where they pose as federal agents and inform the victim they have been scammed by the water filtration con. But, they say, if the victim will just sign a form that gives them authorization to withdraw money from the victim's bank account, they might just be able to track down the thieves. Of course the victim's bank account is then emptied, and the small water filtration price leads to a much bigger take for Frank and Roy.

There are many more surprises along the way, but, as Hadnagy said, he doesn't "want to give a spoiler... but this movie is about a scam wrapped in an social engineering gig wrapped in a con. It is a twister and really good."

Ferris Bueller's Day Off

An adept and charming con man at just 17, Ferris Bueller (Matthew Broderick) doesn't want to go to school one day and pulls out all kinds of social engineering scams in order to take the day off without consequences. He manages to get his friends Cameron and Sloane in on playing hooky, too.

In a memorable scene, Cameron calls school principal Mr. Rooney, pretending to be Sloane's father and asking that Sloane be dismissed because her grandmother has died. Rooney, initially thinking it is another one of Ferris Bueller's pranks, is rude to the caller. But when Ferris places a call on the other line to Mr. Rooney, Rooney realizes the first caller is not Ferris and panics--assuming that caller must indeed be Sloane's father. Sloane is then released for the day.

"He used the technology of day to his advantage," explained Sileo. "Although the technology has changed, the techniques social engineers use really haven't. Utilizing people's ignorance, pretexting, pretending to be someone you aren't&mdashthese are all techniques that have all been around for years."

The Thomas Crown Affair


1  2  3  Next Page 

Sign up for Computerworld eNewsletters.