The Beginner's Guide To Social Engineering.
When you first came across the term "social engineering", or perhaps you're reading this without any prior knowledge, most likely you hit a Google search to see exactly what It entails. Most online sources will return similar results, with quite a few copying the work of others- which doesn't help when trying to Identify Its real meaning. Furthermore, you'll find that the majority of websites, barely scratch the surface with their definitions. For Instance, one of the leading security firms named Kaspersky, defines SEing as (quote): "Social engineering is a form of techniques employed by cybercriminals designed to lure unsuspecting users into sending them their confidential data, infecting their computers with malware or opening links to infected sites".
Whilst this Is true to some degree, by no means does It come close to what's Involved In the art of human manipulation. Now If you're new to the scene, whereby you're planning to start your career In the social engineering sector, you'd be predominantly focusing on how to obtain confidential Information and probably looking at ways to Infect the devices of unsuspecting users. It's certainly not limited to this alone! As a beginner, "It's of the utmost Importance to build your foundation with the right Ingredients", therefore you'll have all the tools you need to advance through the stages of eventually becoming an expert In exploiting the human firewall.
So as a newbie, where do you start? I've been asked this question countless times and to this day, I still receive an Influx of messages requesting the very same thing. As such, I've decided to write this "beginners guide to social engineering", with the objective of covering every angle to not only get you on the right track, but also allow you to eventually pursue your tasks on your own- with minimal to no help from others. What you're about to read, "starts from the very beginning" and will progressively provide you with the skill set to formulate your own methodologies with Incredible ease. I will try and keep this as brief as possible. So without further delay, let's get started.
The True Meaning Of Social Engineering:
Before you begin, "It's Imperative to have a full understanding of the definition of social engineering". To the contrary of what you read online that defines social engineering as Information gathering and Infecting computers, the true meaning Is: "Manipulating the person on the other end Into performing an action they're not supposed to do". Be It convincing your doctor to give you a medical certificate for time off work when you're not sick to begin with, or grabbing the full name & date of birth of a given person by calling and pretending to be a rep from their Internet service provider, they all relate to one thing- "social engineering".
The "result" of a social engineering attack, Is Irrelevant. It's "what's used" to achieve the result that's of significance. For Instance, you may have successfully refunded a cell phone from Amazon, or gained access to a restricted building by having an employee hold the door for you. The "result" In both these scenarios, Is obviously different but "what was used" ("manipulation") to achieve the result, Is classed as "social engineering". So be sure to keep this In mind.
Familiarize Yourself With Social Engineering Terms:
When you first begin to blend In with communities who're actively discussing social engineering, you will find a lot of terms being posted In their abbreviated form. It could be on an Internet forum or via chat on Discord- they're all the same In how they present themselves. It's paramount to know what each abbreviation means, and precisely what It relates to. Why? Well, let's say you've posted a thread on a forum requesting assistance with an Item you're trying to social engineer. Sometime later, a member replies with: 'I've "SEd" them before and another "SE'er" I know was also successful, so use the "DNA" or "partial" method'.
The operative abbreviations are "SEd", "SE'er", "DNA" and "partial". As a beginner, you'd have no clue as to what these denote and as a result, will be totally confused with trying to Interpret and reply to the post. It will take time to familiarize yourself with each and every term, but you must make a start the moment you get Into the social engineering sector. You will definitely also need a reference point to lookup each term, and Google will not be of any help- It simply doesn't Index these type of keywords. I've created an article on my other blog here that defines every term, so keep It at your disposal and use It as the need comes to hand.
Read Posts And Their Replies:
On the grounds that you've just registered on a message board (forum) and It has a dedicated social engineering section, one of the first things to do as a beginner, Is to sift through posts and read what other members have experienced but be selective with the nature of the posts. For example, the last thing you need, Is to be mislead by someone who has replied with a recommendation that's completely Incorrect. Although It can be difficult to determine what's right and wrong, "a member with high reputation and Is very active In the social engineering section for many months or perhaps years", Is generally considered a good source of Information.
Also read every reply- this will give you a good Indication of each step taken when social engineering a company or a particular entity and If It succeeded, you can use It as a template when the time comes to perform your very own SE. Obviously you will not remember everything you've read, hence be sure to document your findings In point form on your PC, or a writing pad. There's no rush whatsoever, so take your time and only move onto the next post, when you've fully understood the one you've just read.
Don't Be Afraid To Ask Questions:
A lot of beginners are somewhat hesitant to create a thread on a forum (or chat via Discord), requesting assistance- namely because they're not really sure how to word their post/message, and probably feel a little embarrassed due to their lack of knowledge. Don't be! If you're part of a caring and understanding community, they'll have no hesitation to help you In every way possible. On the other hand, If you're receiving replies that're Intimidating and try to belittle you, then you're not In the right place- get out and find a board/forum that's bound together with a strong and unconditional relationship between all members.
As with the topic above this, there's no way that you'll remember every bit of assistance given, so save the most relevant replies. A good way to do this, Is to simply take a screenshot and name the file according to the nature of Its content. As such, you can Instantly locate and Identify It and use It as a point of reference as needed. Over time, you will have enough tools and resources to begin your career In social engineering, which brings me to my next point.
Research Your Target:
Now that you're at the stage of taking on the art of human manipulation on your own, It's very Important to have a strategy In place with "how you plan to tackle every SE that comes your way". You cannot perform (what I call) a "blind SE", whereby you dive Into It without having any Idea what you're up against. The first port of call before you even begin to think about the type of method you'll be using, Is to "research your target", by getting as much detail as possible about how they operate from an Internal standpoint.
For Instance, let's say you'll be SEing an online company by using the "missing Item method" for an SSD that's light enough to warrant Its success. Due to the nature of the method, It's vital to establish who's responsible for loss of goods during transit- "you" or the "company". As a result, you'd navigate to their terms & conditions- with the objective of conclusively Identifying precisely who It Is. What If It's the consumer, meaning yourself? Well, you'd simply opt for another method!
If you didn't have these details and went ahead with the SE, then It would've failed. Clearly, you can see the advantage of Information gathering right from the get-go, and the Impact It has In determining the direction of where the SE Is heading. Unless you've SEd the same company many times already, make It a priority to research their terms before selecting and moving forward with your method. Speaking of which, let's checkout how to effectively apply your method.
Select The Method You're Confident With:
When social engineering a particular Item, there are so many methods to choose from and for the most part, each one Is based on the Item Itself, namely It's weight and dimensions. In other words, you cannot "box a company" with something that weighs 10 Kg, and Is around 90 x 70 x 70 cm In size- It's just too big and too heavy. Now If you're comfortable with the box method but cannot find a suitable Item to SE, don't just select any method that comes to mind. I always recommend to opt for one that you're very confident In formulating and ultimately, executing It against your target.
Every method Is the backbone of the SE, thus It's crucial to get It right In Its entirety. And the only way you're going to do this, Is "If you have all the confidence In the world to not only formulate It accordingly, but to also make changes effectively along the way". Here's an example of what I'm referring to In terms of lack of confidence. Some SE'ers, Inclusive of the most experienced, do not like using the "DNA" (Did Not Arrive) method, purely due to the possibility of the carrier driver paying them a visit and asking questions about the delivery. In this Instance, the slightest bit of doubt can affect their ability to plan, judge and prioritize their decision-making with the DNA, which will most likely cause the entire SE to fail.
So the message Is pretty clear- If the method that you've selected Is causing some form of negativity, and Impacts on your capacity to plan your SE, choose another one. When your thought process flows with minimal to no hesitation at all, then you know that the method you're using, Is In fact suited to your level of confidence. To help you along the way, please refer to my article here. It documents a number of methods, and how they should be used to carry out the SE successfully. Given you have this all under control, the next step Is to "prepare your SE", so we'll have a look at that now.
Take All The Time You Need To Prepare Your SE:
Unlike attending work everyday, whereby you must set your alarm clock each morning to force you out of bed and arrive at your office at precisely 9:00 am, the same does not apply when preparing every element of your SE. It's completely different to when you've already executed your attack, and actively Involved (for example) In online live chat or In conversation over the phone- "both require Instant responses there and then". You cannot put a representative on hold for a couple of days, and resume the call thereafter! Preparing your SE, does not Involve anything of the sort. That Is, there Is no time frame nor the need to rush Into formulating It with the method you've chosen.
Preparing your SE, consists of "applying all the Information (that you've gathered when you've researched the company's terms and conditions), to the method that you will be using to execute your attack against your target". It's really as simple as that, but you MUST have the perfect plan- as this will determine whether your SE will succeed or fail. I reiterate, be sure to take your time and cross-check every detail, and when you're satisfied that you've left nothing to chance, you can make a start to social engineer the company In question. So as a beginner, where do you actually kick off your SE? I have the perfect recommendation as per below.
Begin By SEing Food Items:
Now that you're at the point of finally hitting the SE on your own, I'd say It's very safe to assume that you'd want to try a company on a medium to large scale, and perhaps grab the latest IPhone or maybe the nice 27 Inch computer monitor from HP. Relax! This will eventually come as your experience expands. The worst thing a beginner SE'er can do, Is try to SE big right from the get-go, only to find that It failed and as such, their confidence level significantly diminished. As a starting point, I strongly suggest to "select a consumable Item- basically anything relative to food or drink". Such Items, are the easiest to SE and have a very high success rate.
Almost every company has a satisfaction guarantee on their product, which makes an SE'ers job a lot easier. To take advantage of this, simply saying that "you felt extremely sick after eating (or drinking) the product", Is almost guaranteed to work each and every time. Why? Well, companies take health & safety very seriously and the last thing they need, Is a law suit on their hands due to their product causing a long-term medical condition. Because of the health & safety side of things, they'd rather comply with the SE'ers request for a full refund or replacement. When you've completed your first successful SE, hit a few other food Items. This will build your confidence level and In due course, you can target any high value Items of preference.
Whilst this Is quite a lengthy article, my objective Is to guide you right from the raw state of having very little to no Idea of what social engineering Involves, to the point of formulating and executing your SE all on your own. Moreover, you may not have realized It, but I've built your foundation In readiness to pursue your social engineering career from a beginner, to the advanced. This Is not something that you need to pre-plan, but rather It will come naturally as you succeed from one SE to the next. Given every SE'er Is different with their learning capacity, feel free to manipulate any part of this article according to your personal environment and needs.