Skip to main content

Featured

SE'ing Encyclopedia

Updated: 10/11/2021:    If you've ever wanted to know every term and method relative to social engineering, Irrespective of your level of experience, then you've come to the right place. This SEing encyclopedia, has everything you need pertaining to common terms and methods that're used In today's world of exploiting the human firewall. All topics Include a brief description, as well as a few examples of how each term Is used In a sentence- which will be of benefit to those new to the SEing sector. To help refine your search, I've added a table of contents, whereby you can pick and choose exactly what you're looking for. 

Company Messages Defined

 


Common Messages Issued By Companies During Claims.

Whether you've just started social engineering only a couple of months ago, or have been In the scene for many years to date on an Intermediate or advanced level, you'd be well aware that there's an array of tools required to complete the task at hand. Moreover and on the grounds that you're not familiar with your target, It's essential to perform your Information gathering by "researching precisely how they operate- both from an Internal and external perspective". And then there's the process of "method formulation"  that's based on the details of your (researched) findings, as well as the nature of the Item you're planning to SE. All this and more, Is needed to support your attack vector and help ensure It runs as smooth as possible from start to finish.

As you've already guessed, this relates to hitting online stores to the likes of Amazon, ASOS etc, by deceiving their representatives to credit your bank account (while you still get to keep your Item), or send out a replacement at no extra cost. All this may sound rather simple, but unless the rep/agent Is brain-dead and approves your claim there and then, It takes a high degree of dedication and perseverance to get the result you're after. Everything mentioned thus far, "pertains to actions performed by yourself"  (as the social engineer) whereby you have all the time In the world to consolidate and prepare your SE In readiness for your attack. That Is, you're In charge of all events that take place on your end "but once It leaves your local environment, It's a totally different story".

You see, It's all well and good when you have the power and resources to effectively handle your SE "based on your terms", but the fact Is, "you have very little to no control of what happens within the confines of the company", namely the way reps assess your claim. Sure, you can apply all types of manipulation with their ridiculous demands to help the outcome work In your favor, however, "they ultimately decide the steps that're required to finalize your claim"- which Is mostly done by complying with their protocol. A lot of this not only Involves liaising with their accounts & warehouse department, Inclusive of the carrier who services their deliveries, but also Includes yourself by "sending email messages about the latest developments with your claim"

For example, If you've received a message something along the lines of: "We have Investigated the matter and have the timed coded stamp of the delivery location, and Information collected at the time of delivery", do you know what It relates to and of the utmost Importance, how to respond to It? I'd say your answer Is "No". This Is one of many different types of replies that you will receive during the course of your SEs and If you have no Idea what they mean, you cannot possibly continue with your attack vector. Rest assured, I've got you covered. I will show you the most common messages that companies generate, as well as elaborate exactly what they refer to, the best course of action to tackle them effectively and (where applicable) circumvent their requests. 

To make things easy to follow and give you a clear understanding of how they apply to your current or future SEs, I've titled each topic with the "company name" that contains real messages, some of which have In fact been Issued personally to myself by the company In question. As you begin to read each one, you'll find that they pertain to "Investigations", "police reports", "account closures" (temporary & permanent), asking for "proof of destruction" and the list goes on. Whilst some are pretty much self-explanatory just by reading Its contents, others can be somewhat overwhelming- particularly If It's the first time you've received that type of message. Furthermore, It's vital to understand what triggered It, and what you can do about It to keep your SE alive, thus I'll also address that accordingly. So without further delay, let's get this started.


Amazon Messages:

Filing A Police Report

In this Instance, as a result of the "boxing method", Amazon opened what's called an "Investigation", which Is simply part of their protocol to move forward with the claim and nothing more. Now because their Investigation was Inconclusive at the time, meaning they had no evidence to decline the claim nor could they approve It, they asked to file and return a "police report" as follows.

"Thanks for providing us confirmation that a report has been filed with your local authority. When the report has been completed by your local authority, please send us a copy of the police report In a JPG, PDF or PNG format to our email address: uk deliveryinvestigation@amazon.co.uk"

As with an Investigation, a police report Is only required to process your claim, so don't think for a minute that the Feds will bust down your door at 5:30 am and start reading out your rights. Just go ahead and file one  either at your local police station, or (If applicable/allowed In your locality) on the Internet.

DNA Related

Before I begin, the "DNA" (Did Not Arrive) method, Is used to say that you did not receive the package that was scheduled for delivery to your home by the carrier. Of course, you did receive It, but you're stating otherwise for social engineering purposes. Now Amazon Is very good at keeping track of purchases and transactions, and because the DNA method was used too many times, perhaps In close timing from one SE to the next, Amazon decided to Issue the following message.

"From: ofm@amazon.com
We've recently reviewed your account for order activity details. You order history shows that you have claimed refunds for Items that you did not receive. We know that occasional problems with orders are expected In the normal course of business, and refunds and replacements may be Issued. To help prevent another missed delivery, please verify your shipping address with the correct Information"

This Is a standard automated message that's sent by Amazon's Account Specialist team (just a bunch of office staff with a fanciful name!), to say that you've claimed too many refunds for packages that did not arrive at your address. In other words, you've used the "DNA method" too many times. There's nothing to worry about at this stage. Change your methods with future SEs, and then hit the DNA "only once" and then alter your methods again. If you don't, Amazon can lock your account, which brings me to my next point.

Account Suspended Or Locked

There are many reasons why accounts get locked or (temporarily) suspended such as too many returns, failure to verify credit card details, using another location to login, unusual spending patterns and so on and so forth. Whatever the reason may be, It can happen at any time and without warning- with only an email sent that states the status of your account "after the (locked) event has taken place". Here's an example of a temporary lock.

"We have detected unusual activity on your account and have locked It temporarily. Please contact customer service for further assistance"

Given It's a temporary lock, you'd need to contact the Buyer Support team and In most cases, provide Identification documents to verify yourself against your account. Now Amazon Is known to give you the runaround, by referring your request to different departments but at the end of It all, you will get your account reinstated. If It's a "permanent lock" It means exactly that- It's gone for good, hence you have to create a new account and "change ever Identifiable detail", otherwise It will be locked again before you have the chance to hit the Sign In button!

Amazon Email Scam

Although email scams have been around for decades and many can be easily detected, there are some that appear very legit- with a company logo, and the sender's email address matching the original one. It's not hard at all to spoof an email address, or create a logo that represents the real deal and to the untrained eye, It's very difficult to spot the difference. The example below Is a scam  that was once circulating the Internet, and perhaps may still be around to some degree. 

"Dear Amazon Customer 

Your recent order on AMAZON.COM has been cancelled due to fraudulent activity detected by our automatic systems. Your account has been suspended on a temporary basis. You're requested to activate your account by verifying your email address.
Please visit amazon.com/verify ****(redacted) or please click on the button below"

Everything contained In the above message, Is as written- word for word. I don't want my readers clicking on malicious links, so the only thing I've edited (redacted) Is the link. If you've received an email to that effect, do NOT click on the link under any circumstances. It'll redirect to another page asking to enter your username & password, and you can say goodbye to your account. So how do you know If the email Is fake or real? Simply login to your account. If you're able to do so, then the message Is fake.


ASOS Messages:

DNA Related

You've already read about the "DNA method" In the Amazon topic above, so there's no point going over the same thing again. There are quite a few excuses that you can use when claiming your package didn't make Its way to your house, such as It being left at your doorstep and stolen, or signing with a fake signature and saying "It wasn't you who signed It". But you must be very careful with what you say to the company. You'll see why In a minute or so. The following message Is from ASOS Customer Care. 

"I'm sorry to hear that there has been an Issue with your delivery. I appreciate that due to your parcel being requested In a safe place, It has now gone missing. However as you asked for your order to be left In a safe location, you have confirmed that you take full responsibility for your parcel. As we confirmed with our delivery partner and the driver that your order was left where you requested, sadly we're not able to refund or replace It"

What's happened In this situation, Is that "the customer/social engineer told the company to leave the package In a safe location"- somewhere within the boundaries of his own home, and then put In a claim using the DNA method. Because "the SE'er made the decision about the safe location", It releases the company from liability, therefore It's the social engineer who's responsible for loss of goods and the claim was declined. If you're planning to use the DNA under similar circumstances, be sure (If available) "It's the company's choice to suggest a safe location".  

Account Closed- Suspicious Activity

In order to prevent your account being flagged during your SEing sessions, It's of the utmost Importance to SE In a very calculated manner. Things like using different methods, mixing low & high value Items, allowing a sufficient gap from one SE to the next and alternating between refunds & replacements, all help preserve the longevity of your account. In the case below, the SE'er didn't apply such measures.

"I can confirm that your account has been closed due to unusual returns activity, and It Is also correct that this decision has been made after taking a number of factors Into consideration. Passing over the full details as to what exactly these factors are Is something we're not able to do- we're unable to share this Information as If It were to be made public, It could lead to more unfair use of our service. If you have any other questions at all, please ask. Best wishes, Peter"

As you can see, the above message Is pretty vague and other than stating "unusual returns", It does "not specifically give reason as to why the account was closed". It could be hitting too many returns In close timing, or perhaps social engineering Items worth thousands of dollars one after the other. Whatever the case may be, there's one thing for sure- the decision to close the account, would've been the result of any of the reasons I've mentioned In the first paragraph. Take everything I've said under advisement, regardless of who you're looking to SE.


Logitech Messages:

Proof Of Destruction  

Due to the nature of Logitech, namely selling and servicing technology-related products such as computer peripherals to the likes of keyboards, headsets, mice (PC mouse) etc, It's a commonality for the company to Issue a "POD" (Proof Of Destruction). This happens when you SE an Item under warranty and saying that It's not working. They'll then go through a few troubleshooting steps and when they're satisfied It's not functional, they'll tell you to destroy It and then take a photo or record a video and send It. You can see what I'm referring to below.

"In order to continue with the warranty process, we require you to destroy the product In a fashion that will make It no longer functional This will save you time from having to return It to us and allow us to expedite the replacement process. It Is VERY IMPORTANT that you follow these Instructions. We request the following be emailed In a video format no larger than 25 MB.

1. Start by recording the video.
2. Clearly show the serial number of the device.
3. Display a handwritten case number on a piece of paper by the device.
4. Proceed by cutting the cord on the computer mouse that clearly shows It's nonfunctional.
5. Respond to this email with the video as an attachment"

If you haven't worked It out yet, Instead of sending your Item back, they're asking to destroy the device (In this Instance, the computer mouse) and record a video as per their Instructions above and send It thereafter. Obviously, you have no Intention of destroying the Item you're SEing, so you'll use the "corrupted video method", by making It seem as though you're complying with their request. Even If you've used the method before, there may be some details that you're unaware of, so I recommend reading my tutorial here

Warranty Replacement

As opposed to what you've just read above regarding the "POD" (Proof Of Destruction), Logitech will sometimes approve your warranty claim and ship a replacement but rather than destroying your (seemingly) defective Item, they'll ask you to return It. Why they choose one over the other and vice versa, depends on both the cost of freight and the value of the Item. In my experience, Logitech are difficult to deal with at the best of times and If you contact them by phone, the waiting time "may" be up to a few hours- which Is totally unacceptable. Here's one example of when a warranty replacement Is approved.

"Dear (customer name)
Your warranty request has been approved and a replacement has been ordered. It can take up to one business day for the replacement to ship. Once shipped, an automated email with a tracking number will be sent to you which usually takes about 12 hours before the tracking number can be used. A pre-paid shipping label has been created and sent to your email for you to return the device"

At the end of their message, you can see that they require the device be returned, which evidently, you'll do no such thing. Depending on the type of Item you're SEing, there are a number of methods that can be used to circumvent sending It back- the "boxing", "disposed of the faulty Item" and the "blood method" are just a few. If you're not sure on how to apply any of them, I've written guides on this blog so use the search function accordingly. 


SteelSeries Message:

Proof Of Destruction

As with the Proof Of Destruction that you've read with Logitech a few minutes ago, SteelSeries also offers tech-based accessories  such as keyboards, headsets and mice and as a result, Is known to ask for a "POD" as part of their replacement policy. Every company who requests a POD, differs to some degree In the way they ask the user to break and render the device nonfunctional, hence Is the reason why I've decided to Include the following message In this article.

"To ensure the quickest turnaround time, we ask you to provide "proof of destruction" In order to proceed with your claim. Please follow these Instructions.

1. Please break off the left ear cup completely.
2. Make sure the wires are completely severed.
3. Please proceed slowly and carefully.
4. We recommend using a pair of work gloves & safety goggles.
5. Please place a handwritten note with our Instructions next to the device.
6. Make sure the serial number Is visible and take a photo clearly showing what we asked.
7. Please email the photo In a PNG or JPG format"

In the above case, the Item In question was an Arctis Pro wireless headset and as you've most likely realized, they went Into great depth on how to damage It beyond repair. SEing Is all about manipulating every entity and obstacle during your attack vector, so In this Instance, you can either Photoshop the Image or use the "corrupted file method" as documented In my post here.   


DNA Investigation:

Notice Of Claim Declined

As you're aware, the "DNA method" Is used to say that the carrier driver failed to drop off the package to your delivery location- be It your residential home, drop address or otherwise. If you've used this method quite a few times, you'd well and truly know that "It tends to trigger a company Investigation", which predominantly Involves contacting the carrier to cross-check and collect Information to see whether your package did make Its way to you and If not, they'll try and locate Its whereabouts. The message below Is the outcome of an Investigation declining the claim.

"Hello

We have fully Investigated this matter, Including contacting the carrier who delivered the package. Based on the outcome of our Investigation, we believe the package was delivered to the correct address. In particular, we have taken In account the following Information which Indicates the Item was delivered:

The timed geocode stamp of the delivery location
Information collected at the point of delivery, and
The package weight and reported condition upon delivery

Based on all the above, we regret to Inform you that we won't be able to provide a replacement or refund for your order at this time"

After reading their ridiculous conclusion to the Investigation, I'd say you're satisfied that they've justified rejecting your claim, yes? Absolutely not! There are many details that are Inconclusive, which ultimately renders their findings useless. Here's what I'm referring to, taken word-for-word from their above message. I've also outlined the operative word(s) that do not support their Investigation.

We believe the package was delivered to the correct address 
Information collected at the point of delivery
The package weight and reported condition upon delivery
We won't be able to provide a replacement or refund for your order at this time

Now here's the explanation of each one:

We believe - What they believe, Is totally different to the events that took place.
Correct address - By no means does this conclude that "you personally received the package".
Information collected - And? So what? It could be anything, perhaps not relevant to the claim.
Reported conditions upon delivery - What conditions? From whom? From where?
At this time - I see, does that mean the replacement or refund will be provided "at a later time?".

If you're an advanced SE'er, you should have Identified each of the above Inconsistencies the moment after you read It. So when an Investigation happens to you, ask for their report and read It very carefully- you'll find that they'll be at least one piece of Information that Is Incomplete and does not support their decision to decline your claim. 


Police Report Requested:

Specific Details 

After an Investigation has been opened, If there's not enough details to finalize your claim, the rep/agent will most likely ask you to "file a police report" to verify that everything you've said Is true and correct to the best of your knowledge. Some companies simply request It without asking for any specific Information, while others will email you a breakdown of what they expect to be Included with the report. What you're about to read below, doesn't relate to any company In particular, but Is In fact based on true events collected from my personal SEing experience.

"Hello (name)"

Along with the requested copy of the police report, please provide the following Information:

- The number of the police report
- The name & rank of the associated precinct
- The name & phone number of the police station
- The crime reference number
- If the report was made online, an email or reference number Is needed"

As you can see, there's quite a few details that must be provided on request and If you fail to comply with any or all of the above, the representative has every right to terminate your claim. Now If you think that you can get away with giving fake details, think again. They're requesting the Information for a reason- which may well be used to cross-check Its authenticity. I've always recommended to "never falsify a police report" and after reading the example below (which Is a genuine reply from a customer service rep), you'll realize exactly why the report must be legit.

"Hello (name)

We write to tell you that unfortunately we are not able to verify the details of the police report you provided. The document does not have an 'official' police letter head and Is not stamped to show It's an official document. Furthermore, Its associated details do not correspond with our Inquiries, therefore we're not able to provide further assistance In this matter.

Thank you for your understanding"

That perfectly demonstrates that customer service representatives do (at times) follow up police reports, and If you decide to create a fake one, your claim being rejected by the company Is the least of your worries. Although It seldom happens with SEing events, It's still possible for the police of whom you falsified the details, to arrest you for that purpose alone. The message Is loud and clear- never give a fictitious report!


In Conclusion:

After reading this entire article (If you haven't, go back and do It now), you now have a very good understanding of the common types of messages generated by companies and precisely what they refer to, as well as the best course of action you'd need to take to tackle them effectively. It's not an exhaustive list (I cannot possibly cover the lot), but certainly enough to allow you to make Informed decisions, thereby keep your SE consistently flowing In a positive direction. 



Comments