Social engineering stories have captured attention on the silver screen for years, including one of the oldest forms of the social engineer: the con man. Moviegoers revel in the suspense and clever trickery, and are divided only by either their affinity for the bad guy, or their desire to see the perpetrator caught. Remember, these con men do not just exist as characters on the screen, they are also real-life attackers looking to exploit us as end users. Preying on vulnerabilities in our software or details contained in computer systems, these con men use their own interesting techniques to steal credit card information (and other personal information) from unsuspecting people!

Let’s look at just a few of the examples of social engineering feats adorning the big screen.

(PS… Spoiler alert!!)

Catch Me If You Can

Famous real world con man, or social engineer, Frank Abagnale, Jr., played by Leonardo DiCaprio, successfully posed as a Pan Am pilot, doctor, and prosecutor to avoid paying for services, as well as to perpetrate check fraud to the tune of $2.5 million in the mid sixties.

Tom Hanks plays the FBI agent Carl Hanratty, Frank’s pursuer, capture, and eventual coworker and friend. Frank ends up working with the FBI to identify bank fraud, and currently runs a successful security consulting services firm.

Live Free or Die Hard

In this movie, Justin Long and Bruce Willis’s characters are in need of transportation, and Bruce Willis’ character offers to hotwire the car they jump into. Justin Long’s character, who is a computer hacker, social engineers the call center for the vehicle’s monitoring system and convinces the call center employee that his father is having a heart attack and needs the car to be started remotely. He successfully bypasses the requirement for a password by feigning an emergency, and avoids a remote shut down should the car detect Willis’ hotwire attempt.

James Bond

This popular series is known for the main character’s social engineering exploits and remarkable gadgetry. Throughout the movies, objects are more than they appear, such as his ubiquitous Rolex watch with anything from a laser to bullet-deflecting electromagnets built in. Bond’s adversaries fall prey to his seemingly innocuous and every day items, which give the infamous Agent 007 just enough advantage to tip the scales in his favor.

Usual Suspects

Kevin Spacey plays a presumably minor role in a convoluted tale about an enigmatic criminal named Keyser Soze. Spacey’s character is supposedly helping a US Customs agent capture Soze through his confession. It is revealed at the end of the film, however, that Spacey’s character is actually Soze, and he cleverly fabricated the entire tale for the agent on the spot using queues from around the agent’s office as names and places.

Ferris Bueller’s Day Off

In this classic film, Ferris social engineers his parents in order to stay home from school. He and his best friend then social engineer the principal to dismiss Ferris’s girlfriend from school, as well. The parents and principal are duped, leading the high schoolers to a day of mischief in Chicago. While the principal has his doubts, Ferris’s sister saves the day when the principal attempts to break into the house to prove that Ferris is pulling the wool over everyone’s eyes.

These are just a few examples, there many other classics- such as Sneakers, Hackers, and Matchstick Men.

Want to learn how to avoid falling victim to social engineering attacks?

Take a sneak peak of our PCI Essentials learning program.  Specifically, take look at our “Avoiding Social Engineering” module- it covers how to recognize attacks and how to defend yourself against attackers looking to steal your credit card data!

PCI Essentials comprises 10 highly interactive modules, each focusing on a specific area of cardholder and information security. The training is designed to address all of the security awareness topics needed for compliance with the training requirements of PCI DSS.

Get the Newsletter

Every two weeks we'll send you our latest articles along with usable insights into the state of software security.

Posts by Topic

View Full Topic List