Church of the Hacked

My vocation is in the field of Information Security, and much of my education has centered on learning about systems and how they are exploited. What that means in common English is how a device has a flaw, and how that flaw can be used to force information out of it. Examples of such devices that are most commonly attacked are computers, cell phones, or people. In my undergrad work in the field of Psychology, I studied the human animal and what made them tick. My favorite undergrad class by far was social psychology, where I studied how a human’s behavior can be modified based on external stimuli. My grad work in Information Security delved deeper into how a human is targeted and coerced to modify its behavior based on the actions of a hacker in what is known as “social engineering”. For those wondering how one progresses from a Bachelors Degree in Psychology to a Masters in Information Security, it’s actually a more logical transition than you might think.

I’m gonna get your stuff!

It is this human device that is most commonly “hacked” and used by others to get at their stuff. Early on in my career, my team was featured in a television commercial from a local technical school touting their Information Security program. In that commercial, I provided what I consider a truly epic statement that “there will always be the bad guy – there will always be someone out there, trying to get your stuff.” Though I still get teased about the matter-of-fact delivery, that phrase has always been true, and most likely always will be.

What strikes me is how easily we humans are typically duped by the “bad guy” found within religious organizations. And that bad guy is most certainly after “your stuff.” I wrote in an earlier blog about how places of worship are a very common target for hackers because of the belief systems the members tend to hold. Now I’d like to help identify what stuff the bad guys are usually after in a religious organization:

Money. Are you coerced to tithe or give generously? Are you promised a huge return on your “seed money” investment? Are verses such as Malachi 3:8 used to increase your giving to the church? You’ve been hacked.

Time. Are you coerced to attend Sunday School more regularly? Are you guilted because your church attendance is not up to par with other people? Are you made to feel like you’re being selfish or ungodly if you would rather get more shut-eye instead of going to the 6:00 AM Men’s Prayer Meeting? Are you called out from the pulpit (directly or indirectly) if you have to leave the service before the sermon is over? You’ve been hacked.

Physical Contact. Have you witnessed the grooming process – either directly, or indirectly? Has your concept of “normal” gradually been shifted, until you’ve either been groped, inappropriately touched, or even sexually abused – and been led to believe that was “ok” or “normal”? Do you feel obligated to hug someone of the opposite gender because you’re in church, even if you feel like they linger way too long or press their body up against you? You’ve been hacked.

Emotional Support. Have you spent time with someone who wants more from you emotionally than you feel comfortable providing? Have you become the continuous shoulder to cry on for others? Do people continually withdraw from your emotional bank, without ever depositing back in? Do others reciprocate when you listen to their problems? Have you fallen victim again and again to emotional vampires who suck the life out of you? You’ve been hacked.

Information. Do you grow tired of the phone calls or texts or emails from a congregant who just want to check in or pray with you, but then they grill you for details about your personal life? Do you feel obligated to answer the door when someone of another religious denomination (you know of whom I speak) knocks long enough, and asks to talk? When walking by “that table” at the store or at the mall loaded with religious pamphlets, do you feel obligated to respond if someone makes eye contact or asks you a question? You’ve been hacked.

The list could go on and on of what “stuff” you have that others want. Interestingly enough, the list of how they get your “stuff” is pretty fixed and unchanging. What I’ve learned after over 25 years of studying human behavior is these techniques on how to hack people are the same, and used by others regardless of whether they are a telemarketer, computer hacker, salesperson, sexual predator, or even an abusive pastor with good intentions. We (myself included) fall for them again and again because we let our guard down and fail to recognize we are being hacked. We often think that a “house of worship” is always guaranteed to be safe. This is absolutely not a guarantee, as thousands of abused believers and ex-believers can attest.

The Logical Progression of Human Hacking

Welcome to church of the hacked!

There are a few generally agreed upon steps to hacking. And though some organizations and textbooks may expand upon this list or name them differently, they are:

Reconnaissance: gaining information about a target by using active (that is, directly interfacing with the target) or passive (gathering information through sources apart from the target) techniques. The hacker will do their homework, and learn all they can about the pool of potential targets. This is where the sexual predator looks around the congregation for the awkward teenage girl. This is where the telemarketer uses an auto-dialer to call each number in a range, waiting to hear a human voice. This is where the spiritually abusive pastor does their homework about the congregants – are they gullible sheep? This is where the computer hacker finds valid email addresses of company employees from their website. This is where the physically abusive man will scan dating sites for single moms.

Scanning: gaining information about a target directly, in order to identify specific opportunities to take advantage of the target. The hacker gets more specific by testing the defenses and noting the response they get from the target. This identifies specific weaknesses in a specific target. This is where the sexual predator casually puts their arm around a specific teenage girl, to see how they respond. This is where the telemarketer tells you that your computer has a virus, and they can help you fix it, if you go to their website. This is where the spiritually abusive pastor makes a deliberate comment from the pulpit about how much they enjoy learning at the 9:30 AM Sunday School. This is where the computer hacker looks on the network for an unpatched computer. They are looking for a specific response, indicating there is a target that can be taken advantage of. This is where the physically abusive man will casually belittle his date for her choice in clothing.

Gaining Access: this is where the hacker actually takes advantage of the target. The hacker uses all of the information gathered through the previous steps, and actually uses a specific bait on the hook to catch the fish. This is where the sexual predator drives the specific teenage girl home from youth group, and coerces her for a kiss good night. This is where the telemarketer gets you to sign up for their service (real or imaginary) and gets your credit card information. This is where the spiritually abusive pastor preaches on how each church member should give a minimum of 10% of their base salary (before tax!) to the church, or they will be cursed for robbing God, knowing people will then give more money. This is where the computer hacker walks you through visiting their website to “fix your computer’s virus”, and gains remote control over your computer. This is where the physically abusive man will raise his voice and charge towards her, using his size to intimidate her into submission.

Maintaining Access: this is where the hacker ensures they can continue hacking the target. This is much like a deer tick latching on, so as to keep harvesting that steady flow of blood. This is where the sexual predator tells the teenage girl he will gladly drive her home after each youth group meeting. This is where the telemarketer adds your credit card information into a system that routinely makes small charges (that are less noticeable) on your credit card. This is where the spiritually abusive pastor routinely “checks up” on the spiritual health of the congregation to make sure they continue giving at least 10% of their base salary to the church. This is where the computer hacker disables your antivirus so it can’t see it has the hacker’s back door virus running. This is where the physically abusive man will say he is sorry that he lost his temper, and buy her flowers to convince her to stay… or worse yet, threatens her to prevent her from leaving.

Clearing Tracks: this is where the hacker erases the traces and evidence that the victim has been taken advantage of. The victim can’t see the signs and symptoms, so they remain ignorant that they are in trouble. This is where the sexual predator tells the teenage girl they share a special secret bond that no one else should know about. This is where the telemarketer changes the transaction titles to something vague and nondescript so they don’t arouse suspicion on your bill. This is where the spiritually abusive pastor gaslights the congregants that of course he wasn’t saying that someone’s value or worth comes from giving more – they must have misunderstood what the pastor was saying. This is where the computer hacker deletes your system logs and renames the virus something nondescript like MicrosoftWord.exe so you don’t recognize that it’s running. This is where the physically abusive man will isolate her from her friends and family so she doesn’t realize she is in an abusive relationship. Understand this is by no means an exhaustive list – so many times, “Clearing Tracks” is covered by gaslighting across the board by all types of narcissistic abusers.

Being aware of the tricks and techniques of a hacker will help you identify and avoid being taken advantage of or harmed. Believe me when I say these tactics and techniques are universally chosen because they work. Remember – you have to be on your guard, every single time. Unfortunately, a hacker only has to get lucky once. They have the advantage, and know during the first step of Reconnaissance whether they have found a victim somewhere that they can take advantage of with minimal effort.


“You therefore, beloved, since you know this beforehand, beware lest you also fall from your own steadfastness, being led away with the error of the wicked”

2 Peter 3:17, New King James

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s