Hello there, I'm Volker !
Next september I'll be starting the last year of my Master's degree in Fiability and Information Security in Marseille. I'm passionate about social engineering, offensive security and red team stuff.
Since April I work as a pentester/offensive security operator with multiple ongoing missions, notably some physical assessments.
Apart from work I also participate in CTFs : I finished 8th at CTF OSINT YogoshaESD, 2nd/1214 as a student (6/2063 in general ranking) at DG'hAck and with my team Root Root we finished 4th at CyberThreatForce CTF. I'm also a member of the HackInProvence association and I try to participate as much as I can to event like SecSea 2019, Barbhack 2020 and soon 2021.
Hack the planet !

The speaker's profile picture


Mechanisms of influence : a short guide to social engineering

Nowadays, the majority of cyber attacks involves a social engineering component: a fraudulent email leading to the exposure of an information system to a ransomware, an external person posing as an employee in order to steal sensitive information, etc. Social engineering is a very effective way for attackers to achieve their goals, but how do they go about it? And most importantly, why does it work so well? What psychological mechanisms are used to initiate a successful social engineering attack?

In this conference we will begin by explaining the "Investigate-Hook-Play-Exit" model, then we will talk about the psychological tools of social engineering: various cognitive biases, Korman's self-consistency theory, reciprocity, etc. We will also study techniques for establishing contact, elicitation, as well as the principle of reverse sting. Through case studies, this conference has two main objectives: to serve as a working basis to use social engineering in an offensive context and (above all) to raise awareness in order to limit the impact of social engineering on the safety of information systems.