Social Engineering Gets a Big Jewel Heist

The New Acunetix V12 Engine


It just goes to show, sometimes the simple things are the most effective. A box of chocolates can defeat all the most hi-tech security systems if you add a little charm.

21 million Euros of diamonds, that’s one hell of a catch.

A thief has evaded one of the world’s most expensive hi-tech security systems, and made off with €21m (£14.5m) worth of diamonds – thanks to a secret weapon rarely used on bank staff: personal charm.

In what may be the biggest robbery committed by one person, the conman burgled safety deposit boxes at an ABN Amro bank in Antwerp’s diamond quarter, stealing gems weighing 120,000 carats. Posing as a successful businessman, the thief visited the bank frequently, befriending staff and gradually winning their confidence. He even brought them chocolates, according to one diamond industry official.

Sounds like a long term operation, very slickly done indeed!

Mr Claes said of the thief: “He used no violence. He used one weapon -and that is his charm – to gain confidence. He bought chocolates for the personnel, he was a nice guy, he charmed them, got the original of keys to make copies and got information on where the diamonds were.

“You can have all the safety and security you want, but if someone uses their charm to mislead people it won’t help.”

My dear friend, education is the key..not more locks and bolts.

Source: Independent UK

Posted in: Social Engineering


Latest Posts:


SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.
Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.


5 Responses to Social Engineering Gets a Big Jewel Heist

  1. madmax April 25, 2007 at 3:38 pm #

    This just goes to show that even hitech technology can be overcome by exploiting the weakest link in the system i.e. the person factor

    SOCIAL ENGINEERING RULES!!!

  2. Motoma April 26, 2007 at 6:30 pm #

    Just like to point out the ending of the story:

    http://www.dallasnews.com/sharedcontent/dws/news/world/stories/041707dnintdiamonds.2f29182.html

  3. Konpaku June 4, 2007 at 8:06 am #

    the jinx shirt may be a joke, but its true

    “Social Engineering.. because there is no patch for stupidity”

  4. J. Lion February 14, 2008 at 1:16 am #

    Even if technology change, social engineering never gets old.

  5. eM3rC February 14, 2008 at 3:53 am #

    Like Albert Einstein said “There are two things which have no limit, the universe and human stupidity. I am still unsure about the formal.”

    I find it amazing that he was able to do this. You would think of the entire bank staff that someone would have been a little suspicious and a background check or something.

    Quick question.
    What would he be able to do with the diamonds? Sell them on the black market? Its not like he can walk into a jewelry shop and use his charm to sell millions of dollars worth of diamonds.