Skip to main content

Featured

SE'ing Encyclopedia

Updated: 10/11/2021:    If you've ever wanted to know every term and method relative to social engineering, Irrespective of your level of experience, then you've come to the right place. This SEing encyclopedia, has everything you need pertaining to common terms and methods that're used In today's world of exploiting the human firewall. All topics Include a brief description, as well as a few examples of how each term Is used In a sentence- which will be of benefit to those new to the SEing sector. To help refine your search, I've added a table of contents, whereby you can pick and choose exactly what you're looking for. 

The Broken Glass Method



The Item Is Smashed When Received.

If you're reading this from an Intermediate or advanced SEing standpoint In "the art of company manipulation and exploitation", I'd say It's very safe to assume that you favor one or more methods over the rest, when using them to receive refunds or replacement Items, yes? I thought as much. Many SE'ers operate In that fashion, whereby they have sound knowledge of a few methods and prioritize them  when selecting a suitable Item and hitting online stores to the likes of Currys PC World, Zalando, John Lewis and so forth and for the most part, they get the job done with minimal disruption. Be It "confidence", or through "countless hours of method formulation trial and error"  that's led to the social engineer's expertise, the fact Is that It takes an exceptional set of skills to continue succeeding on the same level  from one SE to the next.

It's all well and good If you're fairly proficient In utilizing a few traditional methods that have been around for years, such as the DNA (Did Not Arrive), wrong Item received, partial, missing Item and boxing  but In order to "SE any Item that comes to mind", It's of the utmost Importance to familiarize yourself with every method In the social engineering sector- "even those that're not well known". As such, you will not find yourself asking for assistance by (for example) creating a thread In the forum that you're registered with and risk receiving Inaccurate and misleading replies, but Instead you'd begin preparing the SE yourself In readiness for your attack - knowing exactly where It's heading. But to do this, you must also be well acquainted with methods that are rarely used, one of which Is the "broken glass method".

In my experience of social engineering entities on every scale (big & small) over a 30+ year period, I've used the broken glass method quite a number of times and It hasn't failed me to date. However, some SE'ers have difficulties formulating It and are also Indecisive when It comes to responding to the rep's requests- which Is why I've decided to write this article. Given the broken glass method Is not commonly used and discussed on Internet forums and messaging platforms nowadays, It can be a somewhat arduous task finding reliable sources on how to apply and utilize It. 

Rest assured, I've got you covered. By the time you've finished with this entire tutorial, you will have a clear understanding of what It entails, as well as how to effectively prepare It In support of your SE. Before I do that, If you've just started your career In social engineering, It's paramount to be well Informed about "methods" and why they're an Integral part of every attack vector. If you've been In the scene for many years, perhaps as a refunder or otherwise, feel free to skip the next topic altogether. Alright, so without further delay, let's get this started.

What Are Social Engineering Methods?

When you've selected the company that you'll be SEing, the first port of call Is to "research their terms and conditions", to Identify the grounds on which refunds and replacements are Issued, Inclusive of their warranty policies and the type of carrier(s) they use to service their deliveries. There's a lot more to It than that, but It's not possible to document every detail In a single post. When you've collected all Information of relevance, the very next step Is to create a "strategy" based on your (researched) findings that will be used to support your attack and manipulate their representatives thereafter. That Is, you need a "plan" to guide your SE and make sure It heads In the right direction. The "plan" Is the "method" and without the "method", your SE will NOT move forward.   

Allow me to provide a scenario that you can relate to. Let's say you've purchased a computer desk workstation from Best Buy that comes with shelves, draws, cabinets etc In Its collapsed form. In order to put It together and complete your project, you'd need the "assembly Instructions" and If they happen to be missing, you cannot get the job done. The very same principle applies to SEing. In this case, the "assembly Instructions" Is the same as the "method" that's used to support your attack vector and get what you're aiming to achieve- a successful outcome. Makes sense? Good. Every method Is the backbone of the SE and on (almost) every occasion, It must be suited to the nature of the Item. For example (and stating the obvious!), you cannot use the broken glass method on something that does not contain glass, can you? Enough said. Okay, we'll have a In depth look Into the method now.

What Is The Broken Glass Method?   

Unlike In-store SEing, whereby you physically return your Item hence you're somewhat limited to the number of methods than can be used, the good thing about a carrier delivering your goods, Is that anything can happen to your package from the time It was dispatched, to when It makes Its way to your address. For Instance, your Item could've been stolen, or the shipment didn't arrive at your premises (DNA method), or perhaps the expensive bottle of Giorgio Armani was smashed when you opened the box. That's precisely what the "broken glass method" pertains to- saying that much to your surprise and disappointment, "the perfume/fragrance (or anything else shipped In glass) was In pieces when the driver dropped off the delivery"

The reason why the method has a high success rate, Is because there's no way that the company or the carrier service can check and conclusively determine that nothing happened to your goods In transit. Moreover, they cannot give any form of evidence that suggests you received your Item In the same condition as per Its original state. Think about It logically for a minute. How can a representative, who's sitting behind a desk and dealing with your claim within the confines of his office environment, say "without a shadow of a doubt" that your package was handled with care by the carrier and your Item survived the journey undamaged? 

I'll answer It for you: "He has absolutely no say In the matter". As a result, when you contact the rep and Inform him that your bottle of (for example) cologne/perfume was broken, he has no grounds to dispute your claim  however most follow company protocol, thus there's a very good chance that you will be asked to provide some details prior to moving forward with your claim. On the other hand, there are reps who're brain-dead (so to speak) and approve It on the spot, but this type of behavior rarely occurs. In terms of reps/agents who make It difficult for every SE'er, let's have a look at what to expect with the broken glass method  In the topic below.  

What To Expect With The Broken Glass Method:

Without question, It's vital to know the Ins and outs of how a given method Is used against the Item you're planning to SE, but many SE'ers neglect to take Into account "the events that are likely to take place while the claim Is still In progress". In other words, each and every method has Its pros and cons, therefore It's just as Important to understand the most common Incidents that will "probably happen", as It Is to make the SE succeed. Notice how I've quoted "probably happen"? That's because I'm not saying that the events"will"  happen, but rather they "may"  happen, so you need to be well prepared for everything that may come your way. With regard to the broken glass method, there are a couple of things that the rep/agent could ask you to provide when assessing your claim.

The first Is, Instead of sending your Item back, he'll request proof of the shattered glass by taking a photo that clearly shows your Item Is In pieces. In some cases, you may be also asked to Include a handwritten note- just to verify that It belongs to you, and not something that you've copied from Google Images. There's two ways that you can easily manipulate It- either Photoshop the Image, or use the "corrupted file method" by sending a file that does not work/execute using this online service. Evidently, the rep will ask you to resend It, and you do exactly that by corrupting It again but this time, "In a different file format" and keep repeating the same process with each request. This gives the Impression that you're doing everything on your end to comply and resolve the Issue.

The key to the SE working In your favor, Is to persevere and be adamant by saying that the file Is working fine on your computer, and that you're at a loss as to why such a simple task cannot be completed by the representative. If he's got any brain cells left to think for himself, he will try and decline your claim, but your job as an SE'er, "Is to push him to the absolute limit"  and you'll find that he'll eventually cave under pressure and credit your account or dispatch a replacement Item. The second thing that you may be asked to do, Is to "send the broken glass back to the company In It's original box" - just to prove that your bottle did In fact break. This doesn't happen too often, but It's certainly a possibility. So how do you avoid sending something back that's not broken to begin with? I've covered this Is the next topic as per below.    

How To Circumvent Sending The Item Back:

As you're aware, although It's somewhat of a rare occurrence for companies to request the pieces of your smashed glass be returned, It does happen from time to time and as such, you must be prepared to handle It there and then. It's not as easy as putting any type of glass and returning It. They want It back for a reason- which Is to "check It when It arrives at their warehouse"  and If you send random bits of glass, they will Immediately Identify It doesn't belong to your cologne/perfume and as a result, you can say goodbye to your attempt to SE them. It's actually not that hard to "bypass"  the need to send It back and the way you do It, Is by using one of two methods- the first being the good old "blood method". Due to the nature of the return (bits of glass), It's perfect for the job, by saying that you cut yourself while putting all the pieces back In the box, hence everything Is covered In blood.

What makes It so effective, Is that many companies and carriers refuse to accept and transport goods that're a health & safety concern/risk, so If this applies to the one that you're social engineering, expect your claim to be approved. However as you probably know, reps/agents can be very stubborn and difficult to deal with at the best of times, whereby they'll remain firm with their decision- In this case to return the box with the broken glass Inside, regardless of being wrapped In blood. That's not a problem at all. Simply agree with what they've told you and use the "boxing method", by sending an empty box with nothing Inside. The objective Is to make It look as though It's been tampered with during transit, by cutting It on one side and sealing It with different colored tape

So when the company receives It, they'll see that the box has been cut and re-tapped and assume that someone stole what they believed to be your cologne/perfume, therefore they do not have any evidence to decline your claim. Remember: As far as the company Is concerned, you've sent back the box with the broken glass enclosed (of course you did nothing of the sort!), so It makes perfect sense that some Individual who apparently stole It, thought the original Item was Inside. The reason why the boxing method Is well-suited to this particular SE, Is that the box (and the bits of glass) Is extremely light, thus It will not be detected when weighed at the carrier's depot  so If the company decides to Investigate, It will be deemed Inconclusive. That Is, they cannot conclusively determine that you didn't send It back!    

In Conclusion:

The biggest advantage of the broken glass method Is that perfumes, colognes and basically anything that comes manufactured In a bottle and the like, Is susceptible to breakage. Because of this, there's absolutely nothing that a company can do to deny that It did not happen from the time It left their warehouse, to when It was received by yourself- the SE'er. There's no doubt that representatives who're fully focused on the job (and probably want a promotion to senior management!), will try everything In their power to put you at fault, but don't be fooled by their domineering behavior. What you've just read and learned In this article, Is more than enough to give you the skill set and confidence to manipulate any obstacle that comes your way, so you shouldn't have any Issues with arrogant reps who think they're the best thing since sliced bread.   



Comments