Cloud Hosting

As I enter my fourth year in the social engineering world, I have been reflecting on what Ive learned so far. A million different things go through my mind, from setting upphishing campaigns, to how you need to wear steel-toed boots while dumpster diving. But what stands out most are the lessons Ive learned from those around me. Ive learned so much from my mentors, peers, and students. This newsletter is going to recap some of the lessons that have been at the core of everything Ive done these last few years.

This is what my boss said to me as he volunteered me to make a livevishingcall in front of 300 people. Lets just say I was a little nervous. If he ever reads this paragraph, I will deny itbut, not only was that experience good for me, it also proved the benefit this phrase can have. Putting yourself in new, and potentially uncomfortable, situations helps you grow. Over the last few years, I have tried countless new things: vishing, phishing, OSINT,social engineering onsite jobs, and more. I never started out being comfortable with any of these things (I may or may not have had a slight phobia of being on the phone when I started herethat can be our secret). Over time, though, and with experience, I have learned so many new skills. Im not saying to go make a vishing call in front of hundreds of people but maybe try pushing yourself in some small way. You may end up being pleased with the outcome.

No one likes to fail at a task. Sometimes its going to happen, and thats ok. You should all have read my first phishing email! Yikes. It was like a bad chapter from a lengthy book. I still remember that email, though, because I failed so miserably at my first attempt. Id say the lessons I learned from that failure made it more valuable than had I aced my first try. Of course, no one wants to fail all the time. But sometimes, we end up learning more from those moments.

At our Masters Level Social Engineering (MLSE) class, I was tasked with supporting the phishing team. I was able to do this when it came to the tools we were using, but some of the teams had technical skills way beyond my own. At one point, one team was doing something beyond my technical knowledge. Instead of continuing with their task, they brought me over and explained what exactly it was they were doing. Their humility in this, teaching who was supposed to be their support, really impressed me. It also helped me realize that its alright to not have a grasp on every aspect of the industry. Youre constantly learning.

My friends in the Deaf community would always tell me if you dont understand what Im saying, dont do the Deaf nod. Just ask. In other words, dont feel like you always have to pretend you understand what is going on. Youll benefit more from asking those around you and learning what you can. This team at MLSE helped reinforce this lesson for me.

As I read back through this article and make tweaks here and there, it has hit me just how many amazing people Ive met in this industry. Their thirst for learning has increased my ownand theres so much more to learn! These few lessons are just some of those that have really left a lasting impression on me. Ive gotten out of my comfort zone, failed a few times, and learned so much from those around me. I cant wait to see what the next 3 years bring.

Written by: Shelby Dacko

Images:https://media.istockphoto.com/photos/always-be-ready-when-business-comes-calling-picture-id1144585582?k=20&m=1144585582&s=612612&w=0&h=E5rMzJnMYfuix3bEw3EUdMQQ9GUXjps6MYBpwA6QYD0=https://www.floome.com/wp-content/uploads/2020/03/7-istock67205561large.jpg

*** This is a Security Bloggers Network syndicated blog from Security Through Education authored by Social-Engineer. Read the original post at: https://www.social-engineer.org/newsletter/my-first-three-years-in-the-social-engineering-world/

Originally posted here:

My First Three Years in the Social Engineering World - Security Boulevard