As I enter my fourth year in the social engineering world, I have been reflecting on what I’ve learned so far. A million different things go through my mind, from setting up phishing campaigns, to how you need to wear steel-toed boots while dumpster diving. But what stands out most are the lessons I’ve learned from those around me. I’ve learned so much from my mentors, peers, and students. This newsletter is going to recap some of the lessons that have been at the core of everything I’ve done these last few years.

“Get Comfortable Being Uncomfortable”

This is what my boss said to me as he volunteered me to make a live vishing call in front of 300 people. Let’s just say I was a little nervous. If he ever reads this paragraph, I will deny it…but, not only was that experience good for me, it also proved the benefit this phrase can have. Putting yourself in new, and potentially uncomfortable, situations helps you grow. Over the last few years, I have tried countless new things: vishing, phishing, OSINT, social engineering onsite jobs, and more. I never started out being comfortable with any of these things (I may or may not have had a slight phobia of being on the phone when I started here…that can be our secret…). Over time, though, and with experience, I have learned so many new skills. I’m not saying to go make a vishing call in front of hundreds of people… but maybe try pushing yourself in some small way. You may end up being pleased with the outcome.

It’s OK to Fail

No one likes to fail at a task. Sometimes it’s going to happen, and that’s ok. You should all have read my first phishing email! Yikes. It was like a bad chapter from a lengthy book. I still remember that email, though, because I failed so miserably at my first attempt. I’d say the lessons I learned from that failure made it more valuable than had I aced my first try. Of course, no one wants to fail all the time. But sometimes, we end up learning more from those moments.

Learn from Those Around You

At our Masters Level Social Engineering (MLSE) class, I was tasked with supporting the phishing team. I was able to do this when it came to the tools we were using, but some of the teams had technical skills way beyond my own. At one point, one team was doing something beyond my technical knowledge. Instead of continuing with their task, they brought me over and explained what exactly it was they were doing. Their humility in this, teaching who was supposed to be their support, really impressed me. It also helped me realize that it’s alright to not have a grasp on every aspect of the industry. You’re constantly learning.

My friends in the Deaf community would always tell me “if you don’t understand what I’m saying, don’t do the “Deaf nod”. Just ask.” In other words, don’t feel like you always have to pretend you understand what is going on. You’ll benefit more from asking those around you and learning what you can. This team at MLSE helped reinforce this lesson for me.

A Lasting Impression

As I read back through this article and make tweaks here and there, it has hit me just how many amazing people I’ve met in this industry. Their thirst for learning has increased my own…and there’s so much more to learn! These few lessons are just some of those that have really left a lasting impression on me. I’ve gotten out of my comfort zone, failed a few times, and learned so much from those around me. I can’t wait to see what the next 3 years bring.

Written by: Shelby Dacko


This entry was posted in Uncategorized and tagged .

Leave a Reply

Your email address will not be published. Required fields are marked *