Having successfully social engineered my way into the inboxes of White House staff and Banking CEOs, I then took my intense curiosity off into the world of email security. For 3 years I manipulated BEC (Business Email Compromise) cyber-criminals into revealing specific intelligence which was passed on to global financial institutions and law enforcement agencies.… Continue reading Authentic tales from my time as a social engineer + lessons I’ve learnt as a email security professional.
Inbox Hypnotism™
It was back in 2017; whilst I was co-writing an article with Dr Ian Levy; the Technical Director at the NCSC, that I first used the term ‘inbox hypnotism™’. It seemed to perfectly describe the symbiotic state someone lost within their emails slips into, as their subconscious takes greater responsibility for peripheral processes. Being; ‘In… Continue reading Inbox Hypnotism™
My Wall Street phishing trip
Fast trying to rationalise my targetting of Barclays Bank, and the Bank of England; I felt a trip across the pond was in order. It brought with it more challenges – time zone differences; subtle language variations etc. Lloyd Blankfein was the first US Banking CEO that my OSINT stumbled across, and that seemed as… Continue reading My Wall Street phishing trip
Spear phishing the White House. Twice.
To me it seemed the most natural thing in the world. That once I’d concluded my pranking spree on Wall Street, and in lieu of a reply from Fort Knox (seriously) I would turn my sights towards email’s golden goose egg: the White House. An iconic symbol of global dominance and security, I reasoned that… Continue reading Spear phishing the White House. Twice.