Review - The Social Engineering Game

Posted 22. March 2021. 1 min read.

The Social Engineering Game was created by Nixu Cybersecurity for practicing social engineering scenarios to help people to be more resistant and aware of social engineering attacks. Setup is easy, you just need to download, print and cut up the game cards, and read through the instructions. 45 minutes should be enough for a single round of the game, but you’d ideally want about an hour and a half for two rounds so each member of the pair can try each role. Each set of printed cards can support up to 6 pairs (12 people), but you could run with more people just by printing out more copies. Most of our team found this quite fun, but it did vary a bit between individuals – mostly those that didn’t understand the rules well found it less fun, so getting the up front explanation right is important.

Gameplay

The group splits up into pairs, then takes turns playing attacker and victim. The victim picks a random occupation and personality, then creates a fake social footprint of publicly available information about the imaginary victim. The attacker chooses an attacker role and mission, “investigates” the victim’s social footprint, then they run through a simulated encounter.

Setup

• Download – https://www.nixu.com/blog/free-social-engineering-playing-cards
• For each pair print & cut 1 x Instructions, 2 x Victim Sheets, 2 x Attacker Sheet
• For the group print & cut 1 x Card Set

Tips

• Read the instructions thoroughly so you can explain the game well.
• Acting / full on roleplaying is optional. Just roll with whatever people are comfortable with.

I am the Chief Technology Officer at Blueshift, a small remote-first software company in Australia. This blog is my outlet for some of the many thoughts that spill over from my day to day work. 🤯