Up to this point, the chapter has taken you deeper into the mind and psychology of a human being. From the ability to read microexpressions, you have become a mind reader. It is now time to dive further and understand how social engineers maliciously use microexpressions to further their attack.

There are two main methods in which microexpressions are used during attacks, which are as follows:

• The first one is to evoke certain emotions
• The second one is to determine when a target is being deceptive

The first method of bringing out emotions was to some degree covered in the discussion of the seven expressions. What was not covered in-depth was the fact that it is possible to manipulate the emotions of a human being. Research was undertaken by Li, Zinbarg, Boehm, and Paller where volunteers were given a film to watch and their facial expressions recorded every 1/25 of a second. At the end of the study, it was found that almost all the volunteers expressed a similar emotion as that which was in the film. This is a form of human brain hacking as a social engineer can cleverly plant some emotions in a victim's brain just by displaying some emotions. This is best referred to as neuro-linguistic programming (NLP), which will be covered in one of the following sections.

Evoking certain emotions is useful for a social engineering attack as it overcomes certain challenges humans are taught. In a company, a social engineer may walk in with a thumb drive that has certain malware with the sole intention of getting that malware into the company's network. The social engineer may approach the receptionist with a sad expression, claim to be coming in for an interview but his resume was lost and thereby request for the receptionist to kindly print another one for him. The emotion he chooses to wear is very important. Sadness is easily transferred and it evokes empathy. Due to this, the receptionist will reluctantly take the flash disk, insert it into a company computer and print the resume with the hope of alleviating the suffering of the potential employee. The end goal will have been achieved; the malware in the thumb drive will have moved into the organizational network. For each different scenario, a social engineer will pick the most applicable expression to influence a target in order to accomplish his or her goal. It is the same way that the adverts discussed earlier for donations to suffering kids work. The advertisers make sure that one gets to see the images of the poor, hopeless, and malnourished children. After these are displayed, the brain is made emotional and ready to comply with the request to help these kids. Even though not everyone will contribute, the advert will affect the emotional states of most people. This is the powerful nature of microexpressions and they can easily be used to allow social engineers to perform extensively malicious actions.

Due to the severity of the use of microexpressions as weapons in social engineering, it is best if you learned of some mitigation at this point. Employees must be made aware of such cunning tricks as the one discussed. They must be taught how to respect the organizational security policy at all times. Even when moved, they should give priority to the whole organization as compared to the will of a single person. In the theoretical example of the receptionist, it is likely that the malware in the thumb drive infected all the computers in the organization, deleted some data, damaged some files, caused millions of dollars to be lost, and led to the termination of many jobs. Therefore, employees must always bear this in mind. They must be taught how to doubt their own emotions as they can be manipulated by malicious people. A response such as, In as much as I would like to help you, the security policy forbids what you are requesting, but you can take a minute to visit the nearby cyber café and have your resume printed. Should I inform HR that you will be late by a few minutes? This is all it takes to save a whole organization from languishing due to a cyberattack. This is the perfect reply to thwart the social engineering attack and at the same time remove blame from the receptionist. Having that clarified, we can comfortably move on to the second method of using microexpressions.

The second method is that microexpressions can be used to detect deception. It is very important for a social engineer to tell whether a response from a target is truthful or not. Microexpressions are just part of the techniques used by social engineers to detect deceptive responses. They are normally supplemented by other techniques which confirm whether or not a target is lying. There are other things that come with lies; contradictions, hesitation, behavioral changes, and gestures. We shall view each of these.