How To Social Engineer Safely.
You may not realize It, but everything you do In life has some element of risk Involved to a certain degree. Be It crossing the road to grab something to eat from your local convenience store thereby potentially getting hit by a car, or simply working out at the gym and sustaining a back Injury with a slipped disc, you cannot control the Inevitable but you can certainly minimize your exposure to dangers that lie ahead by formulating effective precautionary measures. The same applies when social engineering entities "In every capacity and on every scale". In fact, due to the nature of SEing, the probability of your plan of attack backfiring or In the worst-case scenario, having a lawsuit on your hands due to performing acts via fraudulent means, Is more likely than not. As such, It's paramount that you, as the SE'er, prepare and Implement strategies to help keep your social engineering activities In a safe and controlled environment.
For the purpose of this article, I will refer to "company manipulation and exploitation", whereby representatives are tricked Into Issuing refunds and replacements for Items that the SE'er has either already purchased, or did not have to begin with. The consequences of obtaining goods Illegally, are quite serious, hence you must have a plan In place prior to executing each and every SE. Now It's way beyond the scope of this guide to cater for everyone's needs on an Individual basis, but what I have done, Is provide my recommendations based on general terms, thus you can use It as a point of reference when putting together your SEing methods and attack vectors. To avoid congestion and keep things simple, I've documented everything In point form with each listing being pretty much self-explanatory. I reiterate that this pertains to SEing online stores, such as Amazon, John Lewis, Logitech and so forth. I've also Included a few points that relate to "best practice" when SEing.
Recommended Safety & Best Practice Measures:
- Use a mature/aged account.
- Do not SE the same store In close timing.
- Do not use the same method many times In succession.
- Do not perform too many chargebacks.
- Keep PayPal disputes/claims to a minimum.
- Never falsify police reports.
- Do not befriend the carrier driver.
- Always base your method against the nature of the Item.
- Use a communication gateway you're confident with.
- Be In control of the SE from beginning to end.
- Do not always SE high value Items.
- Make a few legit purchases In between SEs.
- Set a price limit and stick to It.
- If you're new to SEing, start with food Items.
- Research your target If you're unfamiliar with their terms.
- Take as much time as you need to formulate your method.
- Only use chargebacks when all else fails.
- Keep your SEs to yourself and don't trust anyone online.
- Always have a positive attitude with every SE.
- Be realistic about the Item and Its respective method.
- Always end the SE on a good note.
- Change every Identifiable detail when creating new accounts.
- Use a drop house/address with advanced replacements
- Do not get your neighbors Involved when using the DNA.
- Always have a backup plan In place, such as PayPal dispute/claims.
- Take a break from SEing every so often.
- Do not keep targeting the same company.