From street corners to pulpits to malicious social engineers, someone is always pleading for your help. Every form of media is splashed with others asking for you to give money or time to a particular cause or person or group of people. Humans display a predisposition to help others in need. Malicious social engineers understand this and readily employ the sympathy/assistance theme to build rapport with people and get what they need and want. Panhandlers, preachers, celebrity charities, and the malevolent all use this as a way to elicit a desired response from others.
The world is becoming more interconnected and the volume of media and its outlets continue to proliferate. People have an ever-increasing number of avenues from which to seek help. Certain websites and online services make assistance from complete strangers a normal and commonplace practice. Money can now be sent to the needy in an instant.
The Positive Side
As a positive, this is extremely useful for the sick, impoverished, and displaced. As a negative, some people will always exploit others, and sympathy is a very effective tool for theft. A large percentage of scams involve some sort of rapport building whether that is online, in person, or over the phone. Trust is important in the delivery of a scam and a sympathy/assistance theme is very effective in lowering the guard of potential targets.
Social engineers should explore this theme as a powerful method in developing rapport which, in turn, leads to more effective influence over people and situations. The FBI’s Robin Dreeke outlines the utility of rapport in communication and conversation in this article from the FBI website.
The Double Edge of Sympathy
Sympathy is a double-edged sword, as most clearly evinced by humanity’s willingness to help others in legitimate need while simultaneously exposing human vulnerabilities. Con artists and scammers will continue to exploit this facet of human nature to the extent that we must all be conscious of the power contained in a sympathetic plea.
We never promote losing this quality or becoming so paranoid that helping others is not important. We promote critical thinking skills both in our pentesting services and in our training classes. By teaching your employees to think before, during, and after acting, a company can help mitigate the effects of attacks that play on the human desire to react to sympathetic pleas.
