Skip to main content

Featured

SE'ing Encyclopedia

Updated: 10/11/2021:    If you've ever wanted to know every term and method relative to social engineering, Irrespective of your level of experience, then you've come to the right place. This SEing encyclopedia, has everything you need pertaining to common terms and methods that're used In today's world of exploiting the human firewall. All topics Include a brief description, as well as a few examples of how each term Is used In a sentence- which will be of benefit to those new to the SEing sector. To help refine your search, I've added a table of contents, whereby you can pick and choose exactly what you're looking for. 

Locating Item Serial Numbers



How To Locate Item Serial Numbers.

If you're an active social engineer who's been dedicated to the art of human hacking for quite a number of years and part of an online community, namely an Internet forum, you'd predominantly be Involved In discussions relating to the new breed of SEing commonly known as "company manipulation and exploitation". This of course, consists of hitting online retailers on every scale such as Amazon, John Lewis, Currys PC World, SteelSeries, Ultimate Ears and so forth by manipulating their reps/agents to credit your account or provide a replacement Item, whilst you still get to keep the one you've "purchased". Notice how I've quoted "purchased?". That's because over 90% of social engineering attack vectors performed by beginner and advanced SE'ers are done by buying the Item first, having It delivered to their house by the carrier service, and using the appropriate method to SE the company thereafter. 

One of the biggest advantages of "paying for an Item"  that you're planning to SE, Is the array of "methods" at your disposal  and If you use common sense and good judgement during your selection, you'll find that (for the most part) there'll be more than one that's suited to the nature of your Item. For Instance, let's say you're going to social engineer a "Fitbit Versa 2 Watch" that weighs around 38 grams. Due to being extremely light, It will not register a weight on consignment, therefore you can use the "missing Item", "partial method", or "box the company"  without substituting the package with dry Ice. Moreover, the "wrong Item received"  will also suffice, by telling the rep that upon opening the box, a different Item was enclosed to the one you originally ordered. Of course, the "DNA"  (Did Not Arrive) Is yet another alternative that's equally effective. As you can see, there's 5 methods In total, thus not only Is there a wide range of options, but you can also opt for one that you're comfortable and confident In using. 

It Is all well and good If you have the cash upfront, thereby you can pick & choose an Item at your leisure, but not every SE'er has funds readily available and that's when the "serial number method" comes Into action. So what exactly Is this? Well, there are a few ways that you can use It, but for the purpose of this article, I'll explain one scenario that almost every social engineer Is familiar with. In simple terms, you, as the SE'er, will grab a serial number (that's still under warranty) of the Item you wish to SE, and use It to claim a refund or perhaps a replacement  by contacting the representative and saying that the Item (which the serial relates to) Is not working. Evidently, It must have some type of functionality, such as a pair of AirPods or a Bose Home Speaker 500. He'll then go through a few troubleshooting steps (which you'll pretend that It's still not working ) and after he's satisfied with the measures taken to try and resolve the matter, he will approve your claim. 

However, and stating the obvious, you need to find a valid serial number and also make sure that the "warranty hasn't expired". This Is of paramount Importance because If It has, then you cannot proceed with the method! Many SE'ers have a difficult time trying to locate the one they're after and If you're part of this equation, rest assured, I've got you covered. I will show you the most effective ways to obtain serials for just about any product you're planning to SE. Now there's one entity that I personally do not recommend, which Is "eBay", namely due to the fact that they're Individual sellers that have bills to pay and mouths to feed- much the same as you and I. Ultimately, It's your choice, hence the reason why I've decided to add It to this article. What I've done Is created a list of where serials can be found, as well as (where applicable) a short description explaining how you should go about getting It without raising suspicion. So without further delay, let's get started.

Using YouTube:

As with Google, whereby It contains a wealth of Information on whatever It Is that you're searching for at the time, YouTube Is another gateway that's even better for SEing purposes- particularly for the serial number method. As you will read shortly, In order to get what you're after, you must be selective with what you enter In the search bar, otherwise you'll most likely spend hours on end typing away to no avail. In terms of YouTube Itself, you'd be surprised at how many users upload their videos and completely disregard to edit/mask Identifiable details that are associated with the device that they're showing In the footage. This Is certainly welcomed by every social engineer wishing to grab a valid serial number that's within the manufacturer's warranty period and because of the step-by-step demonstration by the uploader, you are guaranteed to get a serial that's covered by warranty- each and every time. However, be sure to "look at the date of when the video was uploaded!". If It's current, then you're most likely good to go. Another way to confirm It, Is to "check the make & model of the Item". Again, If It's current, then that speaks for Itself.

Do remember that your search results are only as good as the keywords you enter, and If you type something that doesn't fit the objective of your SE, then don't expect your needs to be fulfilled. The equation Is pretty simple- "what you put out, you get back In". Allow me to show you why 'keywords" play an Integral part In returning effective results. In this case you're after a serial number, so you must locate videos that display It  and one of the best ways to do It, Is to type the description of your Item followed by the word "unboxing". What this does Is, show how the Item Is packaged by the manufacturer, and the process used to take the contents out of the box. For example, I've entered "Samsung SSD unboxing" and It returned countless pages of users showing procedures of what to expect when taking the drive and Its accessories out of the box. Believe It or not, It literally took me 45 seconds to locate a serial number! The good thing about this method, Is that the Items are brand new (hence "unboxing" ), so the serial will covered by warranty but as stated earlier, "always check the date of when the user uploaded the video!"

Physically Visiting The Store:

This Is my favorite method, for the reason that there's absolutely no risk whatsoever. As a matter of fact, there's very little to no social engineering Involved which makes your job as an SE'er Incredibly simple however for this to work, "the serial number on the box must be the same as the one on the Item". You'll see what I mean In a minute or two. So how do you know whether the serial on the exterior of the box, Is In fact the same as that on the Item? Well, I'll reiterate to exercise common sense by hitting a Google "Image search" and enter something along the lines of: "where Is the serial number on (your Item)". Obviously replace "your Item"  with the one you're SEing. I've just performed a search for Apple AirPods with wireless charging case and although the user edited the Image with "serial number protected", It confirmed that It's located on the underside of the box. Simply do the same with your SE.

Okay, assuming you've applied the above and have an Item In mind, locate a store that sells the exact make & model and walk In as though you're a normal customer looking to buy something. Do note that you're (seemingly) a shopper just like everyone else, so make sure that you're cool, calm & relaxed whilst walking around In search of your Item. Some serial numbers are lengthy and difficult to remember, so when you've found the Item, hold the box In one hand and grab your cell phone In the other, and then act as though you're shooting off a text message. Instead, navigate to your phone's camera and take a picture of the serial  (that's located on the outside of the box) and put It back on the shelf. For security purposes, the Item could be behind a "service counter" which requires a sales assistant to make the purchase, so just pretend that you want to be certain that It's the correct one by asking If you can have a look at It first. Then use the same procedure as above, hand It back and say that It's not the one you're after. It doesn't get any easier than that!

Navigating On eBay:

I've already documented my thoughts In the third paragraph of this article pertaining to Individual sellers on eBay, but as mentioned, essentially It's your choice as to whether you wish to target such people. Before you make your decision and read this guide, put yourself In the seller's shoes who's trying to earn a living- would you like It If an SE'er used the serial of the Item you're selling, thereby It caused complications for your buyer resulting In loss of sale and a negative feedback on your account's profile? I'll answer It for you: "Definitely not". Anyway, you get the point so moving forward, It's quite obvious to look for serial numbers In Images of products listed for sale on eBay Itself, but let's go with the worst-case scenario, whereby you'll need to SE the seller. This Is not as hard as you may think, and provided you do exactly as what you're about to read, you really can't go wrong.

This Is an old SEing methodology that's been used for many years to date, and has a very high success rate and here's how you execute your attack. Contact the seller, by (seemingly) expressing your Interest In purchasing the Item and then ask for the serial number for the purpose of "verifying the warranty period and to make sure It's not stolen". Assure him/her that the moment everything checks out, you'll go ahead with the transaction. Of course, you'll do nothing of the sort. The key to this method, Is to act as a legit buyer and of greater Importance, to reassure the seller that you will definitely buy the Item after you're satisfied that It's being sold as described. People are eager to sell their products and when they're told that the sale will take place, you'll find that most sellers will comply with your request without hesitation. 

Purchase The Item & Immediately Return It:

For one reason or another, In the event you cannot perform In-store SEing by physically attending the retailer nor use any of the other aforementioned methods, what I'm going to Introduce Is just as effective and the upside Is, that there's no pressure at all on the social engineer- In this case, yourself. The only requirement, Is that you must have funds on hand to buy the Item that you're planning to SE  but don't worry, your account will be credited 100%, thus you won't be left out of pocket. If you haven't worked It out by the title of this topic, you purchase the Item and when you receive It, write the serial number down and return It for a full refund by saying that you received the same one as a gift. Evidently, you can use any excuse that warrants a return- I've simply given my example just to help you along the way. 

When you think about It, there's hardly any SEing that needs to be performed. The only thing that you must execute correctly, Is the excuse that you're going to use to return It, which Is not too difficult at all. If you're still Indecisive, head over to the company's website and have a read of their "return policy"  to establish the grounds on which Items are eligible for a full refund. For Instance, "John Lewis" provides a refund (or exchange) for a "change of mind", hence you will not experience any Issues whatsoever when using this reason. I'd also like to point out, that return policies differ from one company to another  (some have 15 days, others at 30 days and so forth) so be sure to check that you don't exceed the time frame. Moving back to the SE, the moment the company reimburses your funds Into your credit card, you can then social engineer any store that stocks the same Item by obviously using the serial number. 

Using Google Images:

This particular method Is stating the absolute obvious and basically needs no Introduction, however to this day, I'm at a loss as to why many SE'ers (some of whom operate on an advanced level) completely overlook It, thereby fail to put It Into practice. As with "YouTube", whereby a lot of users upload their videos and forget to hide Identifiable details, the same applies with "sharing Images online". In fact, I've just hit a general search on Google Images with the keywords of: "Samsung SSD serial number", and pages of results were returned- most displaying serial numbers clearly In plain text. Now the question you're probably going to ask Is: "how do I know If the serial Is valid and still under warranty?". If you've been In the SEing scene for years on end, you should well and truly already know this but If you've just started out, then your question Is justified. I will explain a couple of ways that're so obvious, that you'd wonder how and why you didn't think of them yourself.

The first way, Is to navigate to the manufacturer's website and do a "serial number check" (or some variant), which will check Its warranty state and If It's valid. For example, I've browsed on "Dell's website", and there's an option to search for the service tag or serial number. I've purposely entered any random numbers, and It returned an Invalid message. This Indicates that It does check for valid serials. The second way, Is to simply give the company a call, and act as though you're a concerned customer wanting to know If your product (that the serial relates to) Is still covered by factory warranty. Because your call appears legit, you'll find that they'll have no hesitation In serving your request. The downside to this method, Is that It can take a while to sift through Google Images, and there may be trial & error until a valid serial Is confirmed. Nonetheless, It's still worthy of using- It'll just take a little longer to get the SE up and running. 

In Conclusion:

What prompted me to write this article, Is that there are many users on the SEing forum that I'm registered with as well as a few people IRL, who have no Idea where to look for serial numbers. I too, had to start somewhere when I first began my career In social engineering over 3 decades ago, thus I fully understand how frustrating It can be when there Isn't a point of reference to work with. The objective of every tutorial I write on this blog, Is to provide my readers with the most effective, accurate and up-to-date Information to allow their SEing experience to run as smooth as possible and with minimal disruptions

In closing and If you're also part of an SEing forum/board, you can look for serials by sifting through threads & posts that other members have contributed  and In some Instances, the warranty start & end dates are listed In the messages. Given It's pretty much self-explanatory and that this article has exceeded Its reading time by a lot more than what I anticipated, I don't think It's necessary to document a guide. You now have the tools and know-how to locate, Identify and use your serial(s) by leaving very little to no room for error.   




Comments