Professional social engineers use various techniques to leverage communication fundamentals to their advantage. However, do you have to be a social engineer to use these techniques yourself? Absolutely not! In fact, these building blocks can prove useful to anyone looking to improve their communication skills. Let’s look at a couple of techniques that are instrumental to vishing, and how they can be applied in everyday life.
Ego suspension is considered one of the most powerful ways to build rapport. It can be defined as putting other’s wants, needs, and perceptions of reality ahead of your own. Robin Dreeke says that this is “the hardest technique but, without a doubt, is the most effective.” The reason ego suspension is difficult to put into practice, and the reason it is so effective are one in the same; we all like to be correct.
This technique is arguably easier to use while vishing than in everyday life. Why? While working, it is not our job to be right; it is our job to get the information we have been hired to obtain. In day-to-day life, however, ego suspension can conflict directly with how we want others to see us; as intelligent and in control. For that reason, it is natural for many of us to fight against ego suspension and to vie for our opinions and thoughts to be heard; especially if it’s on a topic we are knowledgeable about. What happens if we reframe our thinking, though? If you can successfully suspend your ego to influence the conversation in the way you want it to go, that, in and of itself, puts you in control.
Example and Applications
In Chris Hadnagy’s book, “Human Hacking: Win Friends, Influence People, and Leave Them Better Off for Having Met You,” he discusses the time when Ronald Regan was running for president. Many criticisms were circling at the time due to Reagan’s age. Rather than deny, defend, and attack those making these comments, however, Reagan chose to employ ego suspension. Hadnagy states, “While debating another candidate for president…he began his opening comments with the famous line: ’I will not make age an issue of this campaign. I am not going to exploit, for political purposes, my opponent’s youth and inexperience.’ A quip like that got everyone laughing, including his opponent, instantly building rapport.”
Every human seeks connection and acceptance, no matter the form. Non-judgmental validation can fulfill that need. Think back to a time when you spoke to someone who did not agree with your viewpoint on a matter. Likely, one of two things happened. One, the individual asserted their opinions and thoughts without listening to or acknowledging yours. Or, two, the individual listened to you, validated your opinions, and presented their own in a respectful way. Most of us will have experienced both outcomes at one time or another. Which one left you feeling better for having talked with that individual? It’s safe to say that we all prefer the latter outcome.
If we strive to employ non-judgmental validation in our conversations, it will always work to our benefit. Even if you don’t end up with the exact outcome you were striving for, you will have left that individual feeling better for having met you. Leaving someone feeling happy to have interacted with you will be a benefit to you both in your work and personal life. As a social engineer, it will help your target feel more comfortable with you and shore up trust. Similarly, validating other’s thoughts and opinions in your daily life is going to make you someone that people enjoy speaking to.
Example and Applications
Knowing that non-judgmental validation works, and employing it, are two different things. Robin gave an amazing example of ego suspension in an interview. Imagine that you are in a team meeting. “If the leader of the team asks one of the members about how they would start a project, the leader might consider first validating the idea. Then, as a follow-up the leader says something like, ‘That’s interesting Karen, how did you come up with that?’ Or, the leader might say, ‘I’d like to explore that idea some more. Jim, what do you think some challenges might be?’ The key is to first validate the idea in some way. If you quickly agree without exploring the idea with an open-ended question, then you have a greater chance of sounding patronizing and losing the trust and rapport with the team.”
Try this for yourself. In the next conversation you have, try practicing non-judgmental validation in one of the following three ways:
- Listen actively
- Demonstrate thoughtfulness
- Validate their thoughts and opinions
Mastering both ego suspension and non-judgmental validation can prove useful no matter who you are. Throughout the next few days, try challenging yourself to intentionally apply them in every conversation you have. Note the outcome and emotional state of both yourself and the individual you spoke to afterwards. Intentionally utilizing these techniques will help them become more natural to you. Before you know it, you will have successfully added these techniques to your conversation repertoire!
Human Hacking Conference 2021
Join SECOM trainers Curt Klump and Shelby Dacko at The Human Hacking Conference in the SE Pentest Track to learn more about vishing techniques, as well as how to employ them as a professional Social Engineer. The Social Engineering Pentest workshop is a three-day course. Day one focuses on OSINT, day two focuses on vishing, and day three focuses on phishing.