Home > Charlotte, Cyber Security, Gaming, Hacking, Technology > Social Engineered/Tricked by a Six Year Old.

Social Engineered/Tricked by a Six Year Old.

Originally, I posted this on Facebook  10/30/2016 as a note, but thought it would have a home here too.

My iPhone was hacked last night, it wasn’t by the Russians, the Jester, or Feds, but Charlotte. She used a technique called social engineering. Here is the story.
Recently, I put a password on the iPhone and this bothers Charlotte when she wants to play Flappy Bird. I know she has been watching me put the password in. Earlier in the day, she figured out after weeks of watching me. So, I gave her the phone and told her “prove it.” She entered the correct password and got access. So, I changed the password and told her so. Fast forward to the evening.

Charlotte and I are watching the Cubs game. She casually asked if “Trick-or-Treating time was from 4 pm to 10 pm?”. I said “No that seems early, let me check my phone.” I reach for the phone and type the in the password, proceed to ineffectively search for the information. I tell respond to her that I believe the times are “6 pm to 8 pm, like it had been in the past.”

Thinking about it, I ask her, “You weren’t interested in Trick-or-Treat times, were you? You just wanted to watch as I put the password into the phone?” She responded honestly. She was correct in reciting the password back to me.

A few things were happening here. First, she knew I would reach for the phone to find the information. I always do this, recent searches include: “Alec Guinness,” “Parkour,” “Duvet,” and “Napoleon Dynamite.” She knew my tendency or habit to just go online and search. Second, she knew the previous password wasn’t too sophisticated, because she was able to learn it over time. Like many of the passwords we use, it wasn’t for the record the it was “111222.” A better password might have been “121212” or “238391” or at least something a little tricky. Easy passwords to remember are often easy ones to crack.

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: