Tag Archives: morality credits

Influence, Manipulation and Social Engineering

Marketing, Reviews and Commentary, , , , , , , , , , , , , , , , , , , , , , , ,

My final exam for Social Engineering class is due at 5 pm on Friday. When I’m answering questions, it’s useful to write as though I’m explaining the concepts to a general audience. I’m going to publish these answers on this blog as I write them, before they are turned in and graded, to keep me on track to work long enough to explain completely but not so long that I run out of time and skimp on the last couple of questions (that’s what happened at the midterm exam!). A lot of people have been asking me what Social Engineering is since I’ve been in this class. I do think it’s something everyone needs to know about as part of life skills so I’ll explain the best I can. Enjoy!

Q. Discuss the art and method of Influence and Manipulation.

First I’ll define the terms according to Christopher Hadnagy, author of our textbook “Social Engineering: The Science of Human Hacking”.

Social Engineering – “Social engineering is any act that influences a person to take an action that may or may not be in his or her best interests” (Hadnagy 7).

Influence – “Getting someone to want to do what you want them to do” (Hadnagy 123).

Manipulation – “Getting someone to do what you want them to do” (Hadnagy 151).

Social engineering is part art and part science, and method is where they come together (Hadnagy 157). Hadnagy brings up cooking as an example of a pursuit that combines art and science to create a satisfactory outcome. Gardening and aquatic animal keeping are a couple of my pursuits that are similar – science knowledge is needed to keep the organisms alive, and artistry helps make the environments harmonious and attractive. There are certain needs the organisms have that must be met but I have choices in what colors I can have, quantities, how I arrange the elements, how much splashing or bubbling do I want to create a soothing sound, and other aesthetic choices that affect the total presentation.

Part of the science of SE is framing and elicitation (Hadnagy 158). Framing is how someone dynamically reacts to a situation based on life experience and internal makeup (Hadnagy 159-160). Depending on the reaction you want, artistry helps to create an approach to the frame that is appropriate to achieve the objective. Social Engineers may be called on to create characters and costumes, choose words, use props, practice acting skills, storytelling and other creative enhancements. Preparation and practice are important, as is the ability to adjust to changing situations.

Elicitation is getting a target to volunteer information (Hadnagy 168). In order to cultivate the target to be open and trusting enough to share, artistry will again be used in a planned way as well as dynamically as conversation progresses. A social engineer might plan a scenario ahead of time or create one just by observing a target. Methods such as Ego Appeals, Mutual Interest, Deliberate False Statements, displays of Knowledge and the Use of Questions are methods Social Engineers can use to subtly direct the interaction (Hadnagy 168-182). There is art in how these methods are used, and also in choosing embellishments such as the above mentioned characters, costumes, props, etc.

Q. How are each applied to a social engineering plan?

Influence – Cialdini’s Six Principles of Influence are as follows (ChangingMinds.org):

Reciprocity: Obligation to repay.” Both wanted and unwanted gifts will create an urge to reciprocate, but if we appeal to what the target really values, we will get a greater concession in return. Gifts don’t have to be material things – good feelings in the target aroused by gifts of compliments and humor are also effective (Hadnagy 125-128).

Consistency and Commitment: Need for personal alignment.” We have a powerful drive to meet commitments because the consistency of ideals and behavior gives us a feeling confidence and strength. I’m adding my own assumption here that this may not apply to people with psychopathy and personality disorders (“Psychopathy”). You can appeal to the urge for internal consistency in other people by getting them to agree to a small request initially then a larger one later. Victimizers use your integrity and need to make your actions match your beliefs as a weapon against you. Keeping this in mind might help us to know when it’s ok to change our minds about a commitment that is no longer serving us. Consistency and commitment can also be good defenses against attacks, since that is a good protection against people looking for examples of hypocrisy as a Social Engineering weapon against us.

Social Proof: The power of what others do.” When we are unsure about what is safe or acceptable we often look at the behavior of others as a guide (Hadnagy 149-150).

Liking: The obligations of friendship.” Hadnagy explains different meanings of the word “like”. We tend to like people who are “like” us in some way, that we see as a member of our tribe, and we “like” people who we think like us (Hadnagy 146-148).

Authority: We obey those in charge.” Possessing actual authority or knowledge gives a Social Engineer more confidence to act with authority, but faking it, implying it or transferring it by seeming to associate with a genuine authority will work also (Hadnagy 140-141).

Scarcity: We want what may not be available.” We can be Social Engineered to respond to a perceived or real scarcity of goods, sale prices, time or any kind of resources (Hadnagy 134-136).

Manipulation

Hadnagy lists 6 principles of manipulation (Hadnagy 153):

  1. “Increased susceptibility.”

2. “Environmental control.”

3. “Forced reevaluation.”

4. “Removal of power.”

5. “Punishment.”

6. “Intimidation.”

It’s not an accident that these tactics are synonymous with types of abuse, emotional and sometimes even physical. Abusers abuse because they want the power and control it gives them (Davenport). It isn’t only individuals who might try to abuse us – organizations can do it too. I’ve written passionately and repeatedly on this subject in my class assignments, as you know, and in other writings, because of my theory that we as a culture tend to give far too much trust to institutions that have devoted vast research and resources to manipulate, and yes, abuse.

Q. What is the difference between the two?

Hadnagy’s definitions of influence and manipulation are nearly the same in terms of wording. In both cases, the social engineer wants the target to take an action that the social engineer wants. In an influence situation, the target wants to go along with the engineer (Hadnagy 151). That is a very slight difference, and Hadnagy acknowledges that not all will agree with his chosen definitions. When I first read “How to Win Friends and Influence People” by Dale Carnegie, a friend of mine didn’t want me to read it because in his words “It teaches you how to manipulate people”. My reply to him was my interpretation of a couple of the points I thought Carnegie was trying to make – the transactions and deals you make should benefit both parties, and whatever social techniques you use to get the results you want should be sincere (Winkelmann “My Opinion of…”).

I think Hadnagy is of a similar opinion. Manipulators don’t care about the feelings or well-being of the target, and the interaction will not be remembered fondly by the target (Hadnagy 151, 153). That’s detrimental to getting future business. In Hadnagy’s case, since part of his job is to educate clients, negative feelings interfere with the learning process and are to be avoided. I think he and Carnegie would agree that it is more important for both parties to come out of an interaction both feeling good about it than for the SE to “win” the transaction by getting the better of the target.

Of course many social engineers don’t mind harming the target, or they fully intend to harm the target – that’s when their actions become manipulation. For example the same male friend who was uneasy about me reading “How to Win Friends and Influence People” used manipulation on me and another woman to try to keep us from becoming friends. All three of us were part of a group that was going on a week long backpacking and camping trip. In preparation, he told me she didn’t like me and told her I didn’t like her. So for the first day of the trip we avoided each other. Due to the way the tents worked out, we were forced to share one the first night and weren’t happy about it. The next day we both had the same thought. “She’s not so bad.” We both decided to confide in each other what the male (now former) friend had told us. We had a good laugh and became best friends until she passed away in 2003. I was Maid of Honor at her wedding!

Q. Which method is more effective (give examples of circumstances/settings to be applied)?

I think it depends a lot on the circumstances. For example, if your goal is to have a productive future relationship with a target, you will take their welfare and emotions into account so that they associate you with a pleasant experience and are open to be influenced by you because they “like” you, as Cialdini teaches. If you plan to just use and discard the target when they are no longer needed, you don’t have to consider their well-being at all.

The archetype of the “snake oil salesman” is depicted in a music video I loved and watched a lot when I was a teenager, “Say Say Say” by Paul McCartney and Michael Jackson. The protagonists are con artists who travel from town to town in a wagon selling a bogus “strength potion”. They use pre-planned pretexts, such as a script and audience plants to Social Engineer the people in a town into buying a lot of the fake potion. By the time the customers realize it’s no good, the con artists are long gone and in another town sporting a different identity. When the law catches up to them, they use a distraction to evade (Giraldi). As long as they can get away quickly enough, they are not accountable and don’t have to make a good product. They only have to create the impression long enough to get the money.

Paul and Linda McCartney and Michael Jackson portraying Social Engineers of the manipulative variety

Here is a personal example of when I experienced manipulation in an airport when being solicited for a donation. A man greeted me and offered me a free paperback copy of a vegetarian cookbook. I love to cook and I love vegetables so I said “sure, thanks” and took it. I was young and this was my first time encountering this particular SE situation in an airport so was not looking for it and not prepared with defenses. The man said “Aren’t you going to give a donation?” I thought a moment and gave him a dollar. He said that isn’t enough. I was not pleased about being manipulated, so I said “I think that’s pretty good for a free book. If you disagree, you can have it back and I’ll take back the dollar”. He just looked disgusted and waved me away. I was not unhappy about giving a dollar for the book, even though it’s not something I sought out. But I love recipe books, so a free book or a dollar book, either was fine with me. But I would have balked at any more than that. Neither of us was concerned about ever seeing each other again, so it was a very low stakes situation. Since he had correctly concluded he had gotten all he was ever going to get out of me, he didn’t bother to be civil one second longer than was productive.

The larger and more powerful an organization or individual is, the more they can insulate themselves from backlash caused by self-serving, fraudulent, unkind or unfair manipulations of people. For example last summer there were large corporations taking out television ads that put their brand in a good light, showing warm and positive scenes of how they were helping their employees and customers cope with the pandemic. News stories about those brands were sometimes in direct contrast to the images in the ads. Organizations can use their money and power to “buy” morality credits by performing certain good deeds and publicizing them or just artfully appearing to. In the “Say Say Say” video we see that the fictional con artists give their ill-gotten gains to an orphanage and stop to entertain the kids, so the viewers of the video will root for them (Giraldi). This tactic works in real life too.

Marketing and Public Relations are subsets of Social Engineering, according to Hadnagy’s definition. If organizations don’t even do good deeds but claim they want to someday, or are generally in favor of good things for society and they’d love it if YOU would do them, that is enough to counteract actual corporate hypocrisy in some situations (Chen 487-490, 517-518). Influential people and organizations have the money and power to buy a lot of Marketing and PR, so they are potentially not as accountable as the less powerful. For example, from years of selling art supplies online, with Amazon being one of the platforms I sold on, I’m personally acquainted with how Amazon treats people with no power and only the most infinitesimal trace of usefulness. Admittedly already skeptical about their corporate culture, I am not the only one to ponder the disconnect between Amazon’s paid feel-good ads and news stories about how workers are treated (Barrickman and Smith). In a paper I wrote last fall about Corporate Social Responsibility and Irresponsibility I speculated about the meaning behind the amounts of corporate public donations to social justice causes by Netflix, WalMart and Amazon (Winkelmann “Corporate Social Responsibility…”). Do these amounts reflect genuine commitment to the causes, a branding technique, the amount of resources available, or the amount of morality credits they feel they need to buy to compensate for their actual activities?

A malicious Social Engineer might intend to not only evade accountability, but plan to leave the target in a weakened condition as part of the strategy. Sometimes the goal is not merely profit but total defeat of the enemy.

Works Cited

Barrickman, Nick and Patrick Smith. “Amazon violates its own health and safety rules in COVID-19 coverup.” World Socialist Web Site, 2020, www.wsws.org/en/articles/2020/08/05/amzn-a05.html. Accessed 10 May 2021.

ChangingMinds.org. “Cialdini’s Six Principles of Influence”. Changing Works, 2002-2021, changingminds.org/. Accessed 16 March 2021.

Chen, Zhifeng, et al. “Corporate Social (Ir)Responsibility and Corporate Hypocrisy: Warmth, Motive and the Protective Value of Corporate Social Responsibility.” Business Ethics Quarterly, vol. 30, no. 4, Oct. 2020, pp. 486–524. EBSCOhost, doi:10.1017/beq.2019.50. Accessed 28 September 2020.

Davenport, Barrie. “61 Devastating Signs Of Emotional Abuse In A Relationship.” Live Bold and Bloom, 2021, liveboldandbloom.com/02/relationships/signs-of-emotional-abuse/. Accessed 11 May 2021.

Giraldi, Bob, director. “Say Say Say.” YouTube, Paul McCartney and Michael Jackson, uploaded by Giraldi Media, 1983, www.youtube.com/watch?v=aLEhh_XpJ-0. Accessed 10 May 2021.

Hadnagy, Christopher. Social Engineering: The Science of Human Hacking. John Wiley & Sons, Inc. 2018.

“Psychopathy.” Psychology Today, 2021, www.psychologytoday.com/us/basics/psychopathy. Accessed 11 May 2021.

Winkelmann, Carolyn Hasenfratz. “My Opinion of What Marketing is About”. Carolyn Hasenfratz Design. 2020. www.chasenfratz.com/wp/my-opinion-of-what-marketing-is-about/. Accessed 10 May 2021.
— “Corporate Social Responsibility and Irresponsibility”. Carolyn Hasenfratz Design. 2020. www.chasenfratz.com/wp/corporate-social-responsibility/. Accessed 11 May 2021.

Corporate Social Responsibility and Irresponsibility

Marketing, Reviews and Commentary, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Here is some more of my homework for Strategic Comminications class at Webster University. The topic of Corporate Social Responsibility is one that we have addressed several times. Here is one of my writing assignments followed by some of my online discussion posts offered as food for thought.

Corporate Social Responsibility and Irresponsibility

“Cuties” is a film recently added to the network Netflix that director Maïmouna Doucouré claims is “social commentary against the sexualization of young children” (Sandler). Enough people were either offended by the topic of the film or the marketing of the film to organize petitions, boycotts and the hashtag campaign #CancelNetflix (Sandler). Netflix did in fact experience a higher number of cancellations than usual in September 2020 as a result of what some interpret as the normalization of pedophilia and child porn (Sandler). In the long term, will the reputation of Netflix be harmed permanently?

Findings in the paper “Corporate Social (Ir)Responsibility and Corporate Hypocrisy: Warmth, Motive and the Protective Value of Corporate Social Responsibility” suggest that the negative backlash against Netflix will be short-lived (Chen 486–524). Sometimes the same firms engage in acts that are perceived as both Corporate Social Responsibility (CSR) and Corporate Social Irresponsibility (CSI) (Chen 486-487).

Netflix believes that showing the film “Cuties” is an act of CSR because it exposes and criticizes the sexualization of children, even though enough former viewers to create a noticeable spike in cancellations believes they have displayed CSI instead (Sandler). Netflix formerly employed actor Kevin Spacey to star in their original series “House of Cards” which was very popular and profitable for Netflix (Czarnecki). Netflix lost millions by firing Spacey to demonstrate support for the #metoo movement, but gained a great deal of good will from the public in return (Czarnecki).

It seems logical to assume that it is important to try to avoid the appearance of corporate hypocrisy – the difference between the perception of the values a firm vs. it’s actions. Is Netflix going to be judged as engaging in corporate hypocrisy, and therefore suffer in reputation? According to authors Chen et al in “Corporate Social (Ir)Responsibility and Corporate Hypocrisy: Warmth, Motive and the Protective Value of Corporate Social Responsibility”, hypocrisy does not always do harm to firms (Chen 487-490).

One factor that insulates a corporation against negative effects on its reputation is the perception of warmth (Chen 490). By accepting a significant financial loss to mitigate the “House of Cards” scandal (Czarnecki), Netflix raised their perception of corporate warmth to a great degree by promoting others interests above its own (Chen 490). In addition Netflix is “… a company that’s reinvented itself from being a tech-based internet-content-delivery machine to a creator of world-class content. Those two things combined have translated into an unprecedented reputational gain” (Czarnecki). Is there a rational reason for people to feel warm emotions toward a provider of entertainment as opposed to some other product or service? A paper by Eduard Sioe-Hao Tan suggests why that might indeed be the case (Tan 45). “A lay person’s understanding of what it means to entertain somebody involves being amusing or giving pleasure, activities associated with being a good host to a guest.” The entertainer may be considered responsible for voluntarily rendering a personal service to the viewer (Tan 45).

The perception of competence is another attitude that can mitigate CSI in the minds of stakeholders (Chen 490). Amazon is a company that is considered very competent but lacks the emotional connection enjoyed by it’s book-selling rival Barnes & Noble which connected with shoppers emotions by associating physical bookstores with nostalgic values (Czarnecki). Now that Amazon has evolved beyond just a delivery system of entertainment and is also in competition with Netflix as a producer of original entertainment content, the battle over viewer’s emotions will be interesting to observe. At a time when the spotlight is on racial injustice to a greater degree than is normal, Amazon and Netflix both made donations to organizations working toward racial equality (Hessekiel). Amazon donated 10 million, and Netflix donated 1 million. The amounts could reflect the resources available to each company for such expenditures, the awareness by Amazon that it needs to buy moral credits more than Netflix does, or perhaps some combination of the two. In that light, what is the meaning of WalMart donating 100 million?

Speaking of morality credits, another strategy that a firm can use to protect itself against harm to its reputation is to express aspirational messages of what it would like to do, or about the kind of society it would like to promote. The message of having certain values will give the corporation moral credits even if its behavior doesn’t always back up what it preaches (Chen 487-490). Whether a corporation’s behavior is always consistent or not, a strong investment in CSR does seem to have a protective effect on any future transgressions, intentional or accidental (Chen 517-518).

Works Cited

Chen, Zhifeng, et al. “Corporate Social (Ir)Responsibility and Corporate Hypocrisy: Warmth, Motive and the Protective Value of Corporate Social Responsibility.” Business Ethics Quarterly, vol. 30, no. 4, Oct. 2020, pp. 486–524. EBSCOhost, doi:10.1017/beq.2019.50. Accessed 28 September 2020.

Czarnecki, Sean, “Netflix tops the list for best corporate reputation.” PR Week, 2019, www.prweek.com/article/1580994/netflix-tops-list-best-corporate-reputation. Accessed 28 September 2020.

Hessekiel, David. “Companies Taking A Public Stand In The Wake Of George Floyd’s Death.” Forbes, 2020, www.forbes.com/sites/davidhessekiel/2020/06/04/companies-taking-a-public-stand-in-the-wake-of-george-floyds-death/#4e3e52d47214. Accessed 28 September 2020.

Sandler, Rachel. “Netflix Sees Spike In Cancellations Over ‘Cuties’ Backlash, Analytics Firm Says.” Forbes.Com, Sept. 2020, p. N.PAG. EBSCOhost, search.ebscohost.com/login.aspx?direct=true&db=buh&AN=145929254&site=ehost-live&scope=site. Accessed 28 September 2020.

Tan, EduardSioe-Hao. “Entertainment Is Emotion: The Functional Architecture of the Entertainment Experience.” Media Psychology, vol. 11, no. 1, Feb. 2008, pp. 28–51. EBSCOhost, doi:10.1080/15213260701853161. Accessed 28 September 2020.

Some of my comments on Corporate Social Responsibility and Facebook

“My view of Facebook is that they are mainly supplying a platform for people to use as they want, with spaces for advertising. Of course there are some extreme things that get banned. Sometimes I think the bans are fair and sometimes I don’t. One thing I have noticed is that they put a voting badge in the interface so you can quickly check your status or register. Let me try it right now…

Ok I noticed they spelled my name wrong on the paper I got back from the election board, so I’m going to have to look it up under the misspelled name. The voting button leads to a voting information page hosted by Facebook which has links to the usual stuff that any web page that is put up for public information would have – how to register, what are the requirements, what are the deadlines, etc. Kind of similar to what a lot of information sites put up about COVID-19 or any other important issue. It’s good for democracy (I know we have a democratic republic) for as many people to vote as possible who are eligible, so that is an example of CSR.

Another feature I like about Facebook is that you can do searches on advertising regardless of whether it’s an ad that would be shown to you normally, and see who paid for it. That helps a lot with transparency.

It’s my opinion that Facebook is not inherently good or bad, like with most things it’s what you do with it that makes your life better or worse. The people at the top running it can be good or bad and the decisions they make do affect people. I think there is potential for abuse and with any platform or any media we have to be informed about how it works and insist on transparency to keep it in check. I am very interested in media literacy and how it can help protect us. I agree with people who say that too much use is not that healthy, and I think that about TV and a lot of other things too. There are a lot of things that can be a good tool used mindfully and purposefully, including food, something which I’m using more mindfully lately with beneficial effect. As we keep learning in this field of study, we all think we are better at determining how to use media than other people, which means other people think they know better than us how to use it safely. I do worry about us serving media rather than media serving us.”

grocery_pickup_093020

“Speaking of voting, got these in my Walmart grocery pickup bag last night. It’s been awhile since I got a free sample. I like free samples and I like the voter registration encouragement. I tried texting the number and it works. When you get to the page on your mobile device, it gives you English and Spanish options. The data comes from https://www.ballotready.org/ and the card is branded with WalMart and the Consumer Action network. The Consumer Action Network is here – https://www.consumeractionnetwork.org/.

I looked at the web page for the Consumer Action Network and the issues they are involved with currently seem to mostly be based on beer and liquor sales and how to make it easier for consumers to buy beer and liquor. What do you think led to this particular partnership?

https://phone2action.com/  is involved in the technical part of the process.

I like getting the freebie of the reusable cleaning cloth. It’s good promotion for the product and always fun to try out a free product sample. Is the product good for the environment? There is enough info on the package to research it.

I was unable to get the QR code to work. It might be printed too small to work with my phone.

I’ve been uploading a lot of images to Facebook to move them from my phone to a computer for editing. With my technology setup at the moment it’s a fast way to do it and sometimes gets a discussion going in my feed. So I put my commentary that I’m writing here with the photo in Facebook. Since I was either mentioning voting in my text, or the image had to do with voting, an algorithm popped up in Facebook with a link to the voting information center that they put together. So – both Facebook and Walmart and a lot of people are very invested in voting. I could not detect any political partisanship in either campaign. I’ve always thought that everyone who could vote, should. And try to participate in civic duties and civic activities whenever possible. The government chapter we read in our textbook has some things to say related to this.”

“Also interesting is the choice of graphic on the voting drive card. It sends a specific message to people who know the origin of that type of image, and there are things in it that would resonate with people just because of the elements it contains even if they don’t know the history.”