ETTS™ Framework

The Email Threat Training System™ is learning framework that provides employees with a structured understanding of the risks they face within their email world. Stage 1. The Viewers Reality (Where their beliefs live)The first part of establishing the viewers reality is to simply state the problem that email or even SMS, has. That being you… Continue reading ETTS™ Framework

I socially engineered a social engineer. Here’s how.

Whilst I knew I had put a lot of thought into my pranks, as I edged closer to the infosec industry I did think the ‘prank’ label might not be doing me any favors. I’d gone with ‘EMAIL PRANKSTER’ as it was literally descriptive and added a clown horn to what I was doing, which… Continue reading I socially engineered a social engineer. Here’s how.

Inbox Hypnotism™

It was back in 2017; whilst I was co-writing an article with Dr Ian Levy, the Technical Director at the NCSC, that I first used the term ‘inbox hypnotism’. It seemed to perfectly describe the symbiotic state someone lost within their emails slips into, as their subconscious takes greater responsibility for peripheral processes. Being ‘In… Continue reading Inbox Hypnotism™

Authentic tales from my time as a social engineer + lessons I’ve learnt as a email security professional.

After social engineering my way into the inboxes of White House staff and Banking CEOs I then went to work in email security — it was very much the fairy tail ending. For 3 years I manipulated BEC (Business Email Compromise) cyber-criminals into revealing specific intelligence which was then passed on to global financial institutions… Continue reading Authentic tales from my time as a social engineer + lessons I’ve learnt as a email security professional.