Mauro Verderosa

Getting under the skin: The Social Engineering techniques

What is the one security vulnerability that can't be patched? The human. Learn the psychological tricks attackers use to bypass your best defenses.

Getting under the skin: The Social Engineering techniques
#1about 7 minutes

The 1978 heist that pioneered social engineering

Stanley Mark Rifkin exploited procedural manuals and used pretexting to steal millions from a bank without any technical hacking.

#2about 3 minutes

Understanding the five main motivations for cybercrime

Cyber attacks are driven by distinct goals, including financial gain, business competition, political influence, ideology, or simple curiosity.

#3about 5 minutes

What social engineering is and its real-world impact

Social engineering is the psychological manipulation of people to divulge information, as seen in major breaches at companies like RSA and Sony.

#4about 7 minutes

An overview of common social engineering attack techniques

Attackers use various methods like pretexting, phishing, baiting, and tailgating to trick victims into compromising security.

#5about 2 minutes

Psychological triggers that make social engineering effective

Attacks succeed by exploiting human emotions and cognitive biases such as authority, guilt, panic, desire, and greed.

#6about 4 minutes

Deconstructing real-world phishing and vishing attacks

A simple phishing email is analyzed for pressure tactics, followed by a vishing example where an attacker impersonates a spouse to gain account access.

#7about 5 minutes

Understanding the complete social engineering attack lifecycle

A successful attack follows distinct phases, from initial reconnaissance and scanning to lateral movement, data exfiltration, and finally covering tracks.

#8about 6 minutes

A step-by-step case study from Mr. Robot

An elaborate attack demonstrates how gathering small, public details from social media and real-world observation leads to a full account compromise.

#9about 5 minutes

Key takeaways and defenses against social engineering

The most effective defense against social engineering is continuous employee training and fostering a security-aware culture to patch the human vulnerability.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Malware campaigns, cloud latency, and government IT theft
01:06 MIN

Malware campaigns, cloud latency, and government IT theft

Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre

Crypto crime, EU regulation, and working while you sleep
01:15 MIN

Crypto crime, EU regulation, and working while you sleep

Fake or News: Self-Driving Cars on Subscription, Crypto Attacks Rising and Working While You Sleep - Théodore Lefèvre

Prompt injection as an unsolved AI security problem
07:39 MIN

Prompt injection as an unsolved AI security problem

AI in the Open and in Browsers - Tarek Ziadé

Playing a game of real or fake tech headlines
04:17 MIN

Playing a game of real or fake tech headlines

WeAreDevelopers LIVE – You Don’t Need JavaScript, Modern CSS and More

Preventing exposed API keys in AI-assisted development
03:45 MIN

Preventing exposed API keys in AI-assisted development

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Comparing the security models of browsers and native apps
05:01 MIN

Comparing the security models of browsers and native apps

Developer Time Is Valuable - Use the Right Tools - Kilian Valkhof

Shifting from traditional CVs to skill-based talent management
05:17 MIN

Shifting from traditional CVs to skill-based talent management

From Data Keeper to Culture Shaper: The Evolution of HR Across Growth Stages

The security challenges of building AI browser agents
06:33 MIN

The security challenges of building AI browser agents

AI in the Open and in Browsers - Tarek Ziadé

Featured Partners

Related Videos

See all videos
The attacker's footprint2:08:06

The attacker's footprint

Antonio de Mello & Amine Abed

Skynet wants your Passwords! The Role of AI in Automating Social Engineering31:19

Skynet wants your Passwords! The Role of AI in Automating Social Engineering

Wolfgang Ettlinger & Alexander Hurbean

Cracking the Code: Decoding Anti-Bot Systems!57:47

Cracking the Code: Decoding Anti-Bot Systems!

Fabien Vauchelles

Programming secure C#/.NET Applications: Dos & Don'ts33:29

Programming secure C#/.NET Applications: Dos & Don'ts

Sebastian Leuer

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?27:36

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?

Tino Sokic

Typed Security: Preventing Vulnerabilities By Design58:19

Typed Security: Preventing Vulnerabilities By Design

Michael Koppmann

You can’t hack what you can’t see29:34

You can’t hack what you can’t see

Reto Kaeser

Thinking Differently - How to Make Money from Cyber Attacks & Cheats24:46

Thinking Differently - How to Make Money from Cyber Attacks & Cheats

Tom Tovar

Related Articles

View all articles
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?

From learning to earning

Jobs that call for the skills explored in this talk.