The most vulnerable part of any secure information system is the human at the controls. Secure passwords, strong encryption, and stringent protocols are all worthless if that human can be coerced to give away the keys to the kingdom. The techniques of attacking a system through the human are collectively known as social engineering. While most of us don’t use social engineering in our day-to-day jobs, anyone can fall victim to it, so it’s always good to see this stuff in action. Some of the best examples of social engineering come from unlikely places. One of those is [Matthew Pitman].
[Matt] is one of those people we all hope we never to meet in real life. He’s a repo man. For those not familiar with the term, [Matt] is the guy who comes to pick up your car, boat or other asset when you fall behind on your loan payments. Generally, these repossession agents are contractors, working for the bank or loan agency who holds the loan on the collateral. As you might expect, no one is happy to see them coming.
[Matt] uses plenty of high-tech gadgetry in his line of work, everything from GPS tracking devices to drones. He calls his tow truck the Repo Ninja, and the interior is decked out with an internet connection, laptop, and tons of cameras. Even so, his greatest asset is social engineering. His 26 years of experience have taught him how to work people to get what he needs: their cars.