How I Rob Banks

Follow FC as he steals from the world’s most secure banks and government facilities—without breaking a single law

In How I Rob Banks: And Other Such Places, renowned ethical hacker and social engineer FC delivers a gripping and often hilarious discussion of his work: testing the limits of physical bank security by trying to “steal” money, data, and anything else he can get his hands on. In the book, you’ll explore the secretive world of physical assessments and follow FC as he breaks into banks and secure government locations to identify security flaws and loopholes.

The author explains how banks and other secure facilities operate, both digitally and physically, and shows you the tools and techniques he uses to gain access to some of the world’s most locked-down buildings. You’ll also find:

• Strategies you can implement immediately to better secure your own company, home, and data against malicious actors
• Detailed photos, maps, and drawings to bring to life the unbelievable true stories contained inside
• An inside and candid look at a rarely examined industry through the eyes of one of its most respected penetration testers

A can’t-miss account of real-life security exploits perfect for infosec pros, including red and blue teamers, pentesters, CIOs, CISSPs, and social engineers, How I Rob Banks also belongs in the hands of anyone who loves a great Ocean’s 11-style story pulled straight from the real world.

Foreword xv

Introduction xvii

Chapter 1: What Is Social Engineering? 1

Chapter 2: 330 Cameras 4

Chapter 3: Expensive Doesn’t Mean Secure 7

Chapter 4: The Trolley Problem 12

Chapter 5: High (Street) Security 17

Chapter 6: The Psychology of Stairs 19

Chapter 7: The Broken Arm Ruse 21

Chapter 8: Crown Jewels Are Not Always Shiny 24

Chapter 9: This Is My Office Now 27

Chapter 10: How to Use a Pen to Hack Any Door 31

Chapter 11: My First Kidnapping 34

Chapter 12: I Needed a New Computer 40

Chapter 13: Building My Own Office 43

Chapter 14: Letter of Authority 47

Chapter 15: Astute Manager 49

Chapter 16: I Can’t Fly a Helicopter 51

Chapter 17: Doppelgangers Exist 54

Chapter 18: Stealing the Keychain 56

Chapter 19: It’s Dangerous to Go Alone. Take This! 59

Chapter 20: The Gold Bar 63

Chapter 21: Plush Carpets 68

Chapter 22: Clean(er) Access 71

Chapter 23: What We Do in the Shadows 73

Chapter 24: What Do I Know about Diamonds? 77

Chapter 25: How to Crack a Safe 80

Chapter 26: Find a Safe Space 88

Chapter 27: Well, That Was Unexpected 92

Chapter 28: Opening a Door on Security 95

Chapter 29: How to Tailgate an Opaque Door 98

Chapter 30: The Guard Who Was Too Polite 100

Chapter 31: The Swan Effect 102

Chapter 32: What’s in the Box? 105

Chapter 33: How to Bypass an Elevator Security System 107

Chapter 34: The Loading Bay 109

Chapter 35: The Escort 111

Chapter 36: The Staircase 114

Chapter 37: How to Bypass PIR Detectors 116

Chapter 38: ATMs 121

Chapter 39: Open Windows 124

Chapter 40: Security on a String Budget 127

Chapter 41: How to Bypass Padlocks 131

Chapter 42: Padlocked Gates 134

Chapter 43: The Security of Glass 138

Chapter 44: Trading Places 142

Chapter 45: How to Bypass Keypads 145

Chapter 46: E- Waste 148

Chapter 47: Fourteen Desktop PCs 151

Chapter 48: Spy Gadgets 155

Chapter 49: How to Steal Fingerprints 158

Chapter 50: Five Banks a Week 162

Chapter 51: Finding Out Too Much 165

Chapter 52: Needle in a Haystack 168

Chapter 53: Stealing a Purse and Keys 172

Chapter 54: How to Pick Locks 174

Chapter 55: The Porn Cupboard 179

Chapter 56: The Apartment Across the Way 182

Chapter 57: Magazine Shoot 186

Chapter 58: Double Trouble 189

Chapter 59: Fake ID 191

Chapter 60: Impersonation 195

Chapter 61: How Maglocks Work 199

Chapter 62: Personal Escort 202

Chapter 63: My Favorite Door 205

Chapter 64: Microwave Fences 208

Chapter 65: Discarded Passes 211

Chapter 66: Bypassing Speed Lanes 214

Chapter 67: The Case of the Angry Man 217

Chapter 68: Let’s Play Doctors 220

Chapter 69: That’s for Me! 225

Chapter 70: How to Use a Snickers Bar 231

Chapter 71: Taking the Bus to Work 233

FC is a renowned ethical hacker and social engineer with over 20 years’ experience working in the field of information security. He has worked for major high street banks in the UK and Europe, FTSE100 companies, several government agencies, and security forces. He’s a frequent speaker at corporate events, security conferences, universities, and schools around the world.

In How I Rob Banks, veteran ethical hacker and social engineer FC delivers a gripping and astonishing account of his work testing the limits of physical security. You’ll follow him as he finds security weaknesses, walks through open doors that should be guarded and locked, and provides proof to his employers that crooks can see through their security like clear glass.

FC’s candid stories show the power of understanding human nature and the value you’ll gain from becoming more observant such as:

• The best time of day to get someone to shout their building security code loud enough for everyone in the street to hear
• What’s hiding in plain sight in the fire evacuation maps in every large building
• The reactions you may get on returning a gold bullion bar removed from a highly-secure vault

Some stories seem so elaborate that they could have only been leftovers from an Ocean’s Eleven script — including the lengthy planning done in a hotel room. In others you’ll see the value of quick thinking as FC improvises his way through a fake security badge that is unfortunately also expired. Whether you’re a security professional or just interested in the creativity and daring FC’s exploits require, How I Rob Banks will educate you, entertain you, and keep you turning the pages to see what’s next.

Discover the outrageous world of physical security testing at some of the world’s most locked-down institutions

How I Rob Banks is an extraordinary, often hilarious, and almost unbelievable account of intrigue and espionage from one of the world’s foremost ethical hackers and pentesters. In the book, you’ll follow FC as he tests the limits of physical security in the banks, companies, and government agencies who hire him to “break into” their own facilities and “steal” money, data, and anything else he can get his hands on.

The author explains how banks and other highly secure facilities operate—both at the digital and physical levels—and demonstrates the tools and techniques he uses to fool the people and systems dedicated to keeping other people’s hands off your valuable property and sensitive data.

Along the way, you’ll find strategies you can use to better secure your own company, home, and data, as well as detailed photos, maps, and drawings that bring to life the incredible true stories of one of the globe’s most accomplished security professionals.

How I Rob Banks is a candid, firsthand account of real-life security exploits guaranteed to fascinate infosec pros, social engineers, pentesters, CIOs, and anyone else craving a gripping story pulled right out of the real world.