Social Engineering Gets a Big Jewel Heist


It just goes to show, sometimes the simple things are the most effective. A box of chocolates can defeat all the most hi-tech security systems if you add a little charm.

21 million Euros of diamonds, that’s one hell of a catch.

A thief has evaded one of the world’s most expensive hi-tech security systems, and made off with €21m (£14.5m) worth of diamonds – thanks to a secret weapon rarely used on bank staff: personal charm.

In what may be the biggest robbery committed by one person, the conman burgled safety deposit boxes at an ABN Amro bank in Antwerp’s diamond quarter, stealing gems weighing 120,000 carats. Posing as a successful businessman, the thief visited the bank frequently, befriending staff and gradually winning their confidence. He even brought them chocolates, according to one diamond industry official.

Sounds like a long term operation, very slickly done indeed!

Mr Claes said of the thief: “He used no violence. He used one weapon -and that is his charm – to gain confidence. He bought chocolates for the personnel, he was a nice guy, he charmed them, got the original of keys to make copies and got information on where the diamonds were.

“You can have all the safety and security you want, but if someone uses their charm to mislead people it won’t help.”

My dear friend, education is the key..not more locks and bolts.

Source: Independent UK

Posted in: Social Engineering


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


5 Responses to Social Engineering Gets a Big Jewel Heist

  1. madmax April 25, 2007 at 3:38 pm #

    This just goes to show that even hitech technology can be overcome by exploiting the weakest link in the system i.e. the person factor

    SOCIAL ENGINEERING RULES!!!

  2. Motoma April 26, 2007 at 6:30 pm #

    Just like to point out the ending of the story:

    http://www.dallasnews.com/sharedcontent/dws/news/world/stories/041707dnintdiamonds.2f29182.html

  3. Konpaku June 4, 2007 at 8:06 am #

    the jinx shirt may be a joke, but its true

    “Social Engineering.. because there is no patch for stupidity”

  4. J. Lion February 14, 2008 at 1:16 am #

    Even if technology change, social engineering never gets old.

  5. eM3rC February 14, 2008 at 3:53 am #

    Like Albert Einstein said “There are two things which have no limit, the universe and human stupidity. I am still unsure about the formal.”

    I find it amazing that he was able to do this. You would think of the entire bank staff that someone would have been a little suspicious and a background check or something.

    Quick question.
    What would he be able to do with the diamonds? Sell them on the black market? Its not like he can walk into a jewelry shop and use his charm to sell millions of dollars worth of diamonds.