Speaking around the world about social engineering one question comes up almost every time.

Why is social engineering so successful?

A key success factor in a targeted attack is good research, knowing the target and how to manipulate them.

I have been gathering and analysing intelligence on people, places and companies for many years now. It is something that feels ingrained in my DNA. You don’t need NSA level access to get a wealth of information on someone these days. You just need social media and an inquisitive side to your personality.

This story is a walk-through of a profile I recently built up of an ordinary UK citizen who thought she was on top of her social media. She was very surprised at how big and how detailed her online footprint was. The message is simple; Do you know what is out there about you?

Introducing Simone

Recently at a conference I got chatting to a guest who worked in fashion retail. Let’s call her Simone for the purposes of this story. She proclaimed that she was very security conscious with her online persona and had in fact won an award at a corporate getaway for

“Employee least likely to be hacked” .

This definitely sounded like a challenge, and she was soon “persuaded” to ask me to build an intelligence profile on her. I accepted immediately! I was confident that we would get a lot more information on her than she thought possible. Here is the story.

All I knew about Simone Rogers was the name of the company she worked for, the rough area of the country she lived in and her face, having met her in person. We haven’t got time to cover everything we found and how we found it in this article but here are a few highlights.