The Message That Lowers Your Guard

Social engineering rarely looks like an attack. It looks like a compliment. 

The opening message in this campaign was short, polished, and professional. It thanked the target for connecting, praised their “extensive experience,” mentioned a cryptocurrency “staking platform,” and asked for nothing more than a brief conversation. 

The recruiter’s opening message. The recipient’s name is redacted. 

Look closely and you can see the engineering. Each element is designed to build momentum without tripping alarms: 

• Personalized greeting — uses your name and connection context to signal legitimacy. 

• Flattery — compliments your experience to build goodwill and lower your defenses. 

• Vague opportunity — interesting enough to engage, unclear enough to avoid scrutiny. 

• Small commitment — it asks only for a “brief conversation,” which is easy to say yes to. 

There’s no link to click, no attachment, no urgency. That’s deliberate. The goal of the first message isn’t to attack — it’s to build rapport so that the later step, the malicious coding challenge, feels like a natural part of the process. 

That’s also why this bypasses a lot of traditional defenses. A well-crafted message can sail past your technical controls and land directly in a candidate’s inbox. Which means the people most exposed are often the ones outside your security stack entirely: job seekers, and employees quietly exploring a new role. 

Candidate guidance is simple: be careful what you install. Treat unexpected coding challenges, take-home projects, and tooling requests as potentially hostile until the company, domain, and opportunity are independently verified. The message is built to feel routine — and that is exactly why it works. 

 

Go deeper 

Part 3 of our human supply chain series. Read the full analysis in the LMG Security whitepaper at LMGsecurity.com (Resources), and hear Tom and Sherri on the Cyberside Chats episode, “Damaged Goods: When Your New Hire Is Already Compromised.”