Latest Social Engineering Posts

Avoid Involving Others When SE'ing

 



Do Not Get Anyone Involved During Your SEing Attack.

Each and every social engineer will experience some degree of difficulty during their attack vector, regardless of how long they've been actively Involved In the art of human hacking, and the nature of the entities they've hit over a given duration. Depending on their competency In effectively handing the task at hand, some SE'ers do It with minimal hassle, whilst others seek help by posting a thread In the community they're registered with, or communicate In real-time on an online chat service such as Discord. All discussions predominantly remain within the confines of their respective environment, which ensures that the SE'ers Intentions are not associated with anyone over the Internet. It's all well and good when simply asking for assistance and the social engineer "purely handles his attack himself thereafter", however many SE'ers get other people Involved, and for the most part, without their knowledge which Is one of the biggest mistakes they can make. You'll see what I mean shortly.

As a social engineer yourself, you'd be well aware of the risks Involved when manipulating the person on the other end of the conversation to credit your account with ex-amount of funds, or to dispatch a replacement Item that you're not supposed to receive to begin with. All this Is done with some element of fraudulent activity, and the consequences as a result of raising suspicion to the point of being personally Investigated, are very serious to say the least. If you haven't worked It out already, what I'm referring to Is "company manipulation and exploitation" by hitting online stores on a large scale, such as Amazon. It's of paramount Importance to take care of everything yourself, but some SE'ers don't see It that way. Allow me to provide an example, that Is In fact based on true events that I've personally witnessed on a popular message board/Internet forum.

On this occasion, the "DNA" (Did Not Arrive) method was used by claiming that the carrier did not deliver the package to the SE'ers premises. Now Instead of pursuing the matter himself, "he got the neighbor Involved" and said that he saw the driver drop It off there. He also said that he asked the neighbor about the package, but they didn't know anything about It. This of course, did not happen! It was a pathetic attempt (by the social engineer) to try and justify why he didn't receive his order and as such, the neighbor unfortunately became part of the equation. To make matters worse, the company opened an Investigation to try and establish the whereabouts of the package and during the process, the carrier driver paid the neighbor a visit and started asking questions. Needless to say, the neighbor was shocked and appalled with the series of events that took place. I wasn't around to read the outcome, so It could've escalated to a very unpleasant situation. The message Is pretty clear- "do NOT Involve others". It's your choice to SE, thus It's your responsibility and not theirs!  


Comments