This article is part of the
Mr. Robot Wiki
Mr. Robot's World
Social engineering is a psychological strategy used to manipulate individuals into revealing information about themselves or committing acts that can later be exploited. In information security, social engineering is used as part of elaborate cons or hacks to gather needed information. There are a series of techniques that a threatening individual, known as a threat actor, can use to exploit a victim's vulnerabilities. When effective, these techniques induce victims to reveal details about themselves, including passwords, credit card numbers, social security number or other similar personal information.
Mr. Robot, known for its accuracy and level of detail, included several of these techniques, generally used by fsociety. Action is typically preceded by research; threat actors require information about their mark before they can exploit them. Not all uses of social engineering and the hacks that accompany them are successful.
Social Engineering in Mr. Robot
Social engineering strategies used in Mr. Robot include:
- Pretexting: Pretexting is a technique where threat actors present themselves over the telephone or in person as representatives of organizations such as banks, government agencies, insurance companies or other businesses with seemingly legitimate business with the victim in order to gain access to passwords, credit card numbers, or similar personal information. Because the mark feels they can trust the caller, they give up information that should be kept secure, and can later be exploited by the actor. Elliot uses pretexting to gather information about Christa Gordon's lover, Michael Hansen, eventually discovering he is not who he claims to be.(“eps1.0_hellofriend.mov”) Similarly, Elliot creates the pretext that he wants a tour as a means to get into Steel Mountain. In this case, he has researched Bill, the man who will lead the tour, and his original supervisor, intending to exploit their vulnerabilities. When the original plan goes wrong, Mobley and Romero quickly research Bill's new supervisor, creating a scenario that causes her to leave and let Bill do the tour.(“eps1.3_da3m0ns.mp4”)
- Baiting: Baiting uses disks or USB devices upload malware allowing he threat actor to gain access to a victim's computer. Disks may be left in clear view, with an enticing label; the victim picks it up, curious, inserts it into their machine, and the malware takes over. Windows machines, which have an auto-run capability, are particularly vulnerable to media obtained through baiting, and will be compromised as soon as the device is inserted. Cisco, Darlene's some-time boyfriend, is introduced when selling a CD on the street, conveniently on Ollie and Angela's path to work. Ollie buys the CD, inserts it in his PC, and the malware that gives him access install itself. This gives Cisco access to not only his, but Angela's personal records, which he exploits over several episodes.(“eps1.1_ones-and-zer0es.mpeg”) Later, when Elliot must break Vera out of prison, Darlene drops USB drives with malware on them in the prison parking lot in an attempt to gain access to workers' computers. This attempt failed: the prison's internal security software closes off the access Elliot gains.(“eps1.5_br4ve-trave1er.asf”)
- Phishing: Similar to pretexting, threat actors create seemingly real e-mails, using company logos and important-sounding or threatening language to request information such as credit card numbers, passwords or account numbers. Phishing e-mails generally warn the consumer that there is a problem with their account, threatening to freeze or close it if action isn't taken. Critically, these e-mails frequently include a link where the victim can fix whatever problem the e-mail identifies, but which takes them to the threat actor's site. Phishing e-mails originate from questionable accounts that sound legitimate, have generic greetings and/or signatures, and often contain grammar or spelling errors that give them away. Phishing has become a widespread cyber-threat in recent years, particularly with reports of cyber attacks frequently in the media.