Skip to main content

Featured

SE'ing Encyclopedia

Updated: 10/11/2021:    If you've ever wanted to know every term and method relative to social engineering, Irrespective of your level of experience, then you've come to the right place. This SEing encyclopedia, has everything you need pertaining to common terms and methods that're used In today's world of exploiting the human firewall. All topics Include a brief description, as well as a few examples of how each term Is used In a sentence- which will be of benefit to those new to the SEing sector. To help refine your search, I've added a table of contents, whereby you can pick and choose exactly what you're looking for. 

Selling SE'd Items

 


The Best Approach To Safely Sell Your SE'd Items.

Regardless of the type of social engineer you are, be It on an Intermediate or advanced level who's been hitting online stores for many years to date with minimal complications, or perhaps a beginner with only a few weeks of experience and need the assistance of other SE'ers to guide you In the right direction, there's one thing that you all have In common- and that Is doing whatever It takes to achieve the objective at hand. Unless you communicate with a Chat bot and have your claim Instantly approved, or the representative you're speaking to, couldn't care less and credits your account with very little to no questions asked, there will Inevitably be quite a number of obstacles that you'll need to circumvent during the course of your SE.

Things like Investigations opened to cross-check details with the carrier's records, police reports requested to be signed & returned and putting pen to paper on affidavits or statutory declarations, will be required at some stage during your social engineering activities. If you haven't already worked It out, all that relates to "company manipulation and exploitation", whereby reps/agents are deceived Into believing the SE Is In fact a legit claim, and they unknowingly reimburse funds Into the SE'ers account (at their expense) or dispatch replacement Items at no extra cost. In order to successfully do that, SE'ers use what's called "methods", which are basically a set of Instructions that support the attack vector from the moment It's executed, right through until the claim Is finalized In their favor.

There are many traditional methods available, like the wrong Item received, the DNA (Did Not Arrive), missing Item, sealed box and the list goes on. When they're formulated effectively against the nature of the Item and the company being SEd at the time, It significantly Increases the likelihood of a favorable outcome- namely because "the social engineer" has ensured that the method was prepared by leaving no room for error. It's all well and good when the SE'er Is In charge of the process within his local environment, but when It's In the hands of the representatives, there's no control of how the claim will be handled and assessed. For example, how many times did you expect a "refund" but due to unforeseen circumstances, you received a "replacement Item" Instead? 

If you've been hitting many SEs In succession, I'd say It's safe to assume that It's happened on at least one occasion and as such, the Item was useless to you, hence the best course of action to convert It to cash was "to sell It either In person or on the Internet". Some SE'ers don't have a problem with It, but I've personally come across many who are at a loss as to how and where the sale should take place, and that's what prompted me to write this article. If you're part of this equation and also a member on an active SEing community to the likes of a forum/board or a Discord server, then you'd be well aware that "discussions pertaining to selling SEd goods are few and far between". Rest assured, I've got you covered. I will demonstrate a few of the very best and safest methodologies that will safeguard and protect your sales right from the get-go, so without further delay, let's rip Into It. 

Take Note Of Identifiable Details:

The very first step you need to take before even thinking about putting your Item up for sale, Is to check whether It contains any "Identifiable details" that can potentially associate your personal profile to the Item Itself. In other words, If you're not careful with "the nature of the Item" that you've listed for sale and used your real credentials to SE It, then there's every chance that It will be personally linked to you. For Instance, let's say you've SEd a cell phone, be It an IPhone or an Android, makes no difference whatsoever. You've decided to put It on Craigslist for a cost that's less than Its recommended retail price and as a result, someone noticed It as a bargain and sealed the deal by paying the amount In full. 

You were happy and content that both the sale and transaction ran smoothly, however unbeknownst to you, "the company that you SEd placed the IMEI In a pool of blacklisted numbers" and when the buyer tried to activate It with quite a few phone carriers, each and every attempt was Instantly declined. He then contacted you demanding an explanation, which led to heated arguments and threats that you certainly did not want to eventuate. The moral of the story Is, "take precautionary measures with Items that contain some type of unique details that might possibly reveal who you are", specifically when SEing by using your legit Info. 

What you should typically look for, Is products that have "IMEI numbers" and also "serial numbers", that are commonly a part of technology devices and the like. The former (IMEI) Is a unique number that's found In cell phones, smart watches and tablets that are cellular-enabled. Every IMEI number Is dedicated to the device that It's assigned to, therefore no two are alike. The same applies to "serial numbers"- they're generated by the hardware manufacturer and uniquely linked to each device, which essentially means that "It will be linked to yourself when purchased". Makes sense, yes? Good. If you're going to list them for sale, do so by "anonymizing your Identity In full", which brings me to the next topic as per below.

How To Anonymize Yourself When Selling Online:

As the title of this topic reads, this relates to putting your SEd Items up for sale on the Internet, particularly those that have unique Identifiers attached- as discussed In the above topic. In order to effectively do that, It's paramount to "change every Identifiable detail", thereby once your Items are sold, It leaves no trace nor a digital footprint of any part of your personal profile. Many SE'ers are under the Impression that solely navigating behind a VPN will do the job, but there's a lot more to It than simply masking your locality and IP address. What you're about to read below, Is designed to "provide you with an entirely new Identity" and the good thing about It, Is that you can also utilize It when "purchasing Items from online retailers".

For example, when SEing Amazon, have you received an unexpected email saying that your account has been locked due to violating their policies with a high number of refunds or otherwise? If you haven't and on the grounds that you keep hitting Amazon every so often, they will send you something to that effect. It's not a big deal If It's a temporary lock- you'd just need to provide verification details or ID documents to get It activated again. On the other hand, accounts can be "permanently locked", which means exactly that- there's no chance of reinstating It. Okay, here's what I recommend to protect yourself from being tracked and Identified.

  • Change of full name (family & given name)
  • Change of date of birth (where applicable)
  • Change of full residential address (If need be, use a "drop")
  • Change of email address (no need to explain this)
  • Make sure the email address does not contain anything personal to you
  • Change of phone number (new SIM on a fake account or a Burner service
  • Navigate via a VPN (NordVPN, IPVanish, ExpressVPN will suffice)
  • Use a different device (one that was NEVER used with previous accounts)
  • Change your device MAC address (this free tool does the job well)
  • Use a VCC - Virtual Credit Card (there's heaps of providers online)
  • Use a GC - Gift Card (an alternative to a virtual credit card)
  • Use a different password (nothing similar to previous accounts)
  • Navigate via a private search engine (prevent your online behavior from being tracked)

Although all the above details Is not an exhaustive list (I cannot possibly cater for the lot In a single post), It certainly serves Its purpose well to prevent your Identity from being leaked Into the hands of others. Evidently, not everything will apply to the circumstances of your SE, so pick and choose those that are of relevance. Now some SE'ers may see It as an overkill, meaning many Implementations are not needed, but all It takes Is one minor detail to be disclosed and your movements & ID will be Instantly Identified. Concluding this topic, you're now aware of what to look for In Items containing distinct markings (serials & IMEIs), and how to avoid ties to your real credentials when selling, but what about products that're not technology-based? Let's check It out now.   

Selling Non-Technological Items:

If you're anything like myself, whereby you want the very latest gaming laptop or the new IPhone that will be released In the next week or two, then your social engineering activities will predominantly Involve SEing stores that have an Inventory of such stock, of which "Currys PC World" Is one of them and somewhat easy to manipulate and exploit. However, every SE'ers wants and needs differ to some degree and as a result, they'd mostly focus on (for example) clothing, footwear and beauty products. The advantage of SEing Items In those categories, Inclusive of many others along similar lines such as makeup & fragrance and hair care & styling, Is that "the Item Itself Is not manufactured with any type of embedded Identifiable characteristic"- hence can be sold without worrying about the buyer (or any other entity) coming back to bite you at a later date.   

For Instance, let's say you've bought and SEd a bottle of Chanel Coco Perfume Spray for Women, or perhaps a Tommy Hilfiger men's wallet and you've received a replacement Instead of the refund you were hoping for, there's no drama when It comes to "selling the Item per se" and remaining anonymous thereafter. That Is, unlike tech devices, they don't have a unique Identifier thus the moment the buyer makes the purchase, the transaction Is finalized and the Item leaves your personal environment for good. Now notice how I've quoted "selling the Item per se" just above? The reason for that Is because If you don't take extra care, "you can be Identified In other ways", which can actually pinpoint who you are In no time at all. 

How so, you ask? Well, whilst It's no problem at all selling "only the Item", for one reason or another, some SE'ers forget to take their Invoice/receipt out of the box/packaging. Moreover (where applicable), they may neglect to remove other details to the likes of order numbers and barcodes/tracking numbers- both of which are linked to the account holder. This of course, Is on the grounds that the SE'er did not mask his ID, but rather used his real credentials during the time of purchase. As you can see, there's quite a few factors to consider when advertising your goods for sale, so the message Is pretty clear- "remove anything that has some type of association to yourself, personally".  

Where & How To Sell Your SEd Items:

If I had a dime for every time a social engineer asked me "where do you recommend I sell the Items I've SEd", I'd be happily retired sitting on a beach In The Bahamas enjoying a care-free lifestyle. Though, I'd still be engaged In what I was born to do- you guessed It, social engineering! Anyway, back on-topic, there are no hard and fast rules as to where you can put your products up for sale. An Internet connection and a Google search, will return an array of websites that you can sell just about anything you have at your disposal, and the same can be said when selling In person at a few pawn shops, or simply walking at your local mall looking for buyers. 

Believe me, "with a confident attitude and an effective SEing approach", you will find a passerby who's Interested In what you have to offer. I've physically SEd on many occasions and the key to closing a deal with a potential buyer, Is to analyze their appearance and behavior- which speak a thousand words If you know what to look for. Allow me to elaborate on It with a very simple scenario as follows. We'll say that you have a Makita 18v cordless drill worth 110$ that you've recently SEd as a replacement, and you want to get rid of It by driving around the car park at a few shopping malls. The Intention Is to spot someone who's not only eager to see what you're selling, but most Importantly, "has the cash readily available".

Given your Item belongs In the "home hardware/tools" category, what type of stores will you be focusing on with customers entering & exiting? Correct, those that stock hammers, circular saws, air compressors and of course, cordless drills. Now If you see a person who's dressed nicely with expensive trainers and/or a good set of clothing, you'd know he has money to spend and because your Item Is only valued at just over 100$, the chances are he'll have that amount of dollars with him. If he doesn't, simply target someone else- you will succeed, It's not a question of "If" but "when" a vulnerable Individual comes your way.

All the above covers social engineering In a "physical environment", but I'd say that you're an SE'er who's more comfortable using online gateways, so we'll check It out now. If you've payed attention to this topic's title, you'll see that the first part reads "Where & How", and there's a very good reason for that. In terms of the former ("where"), there's no shortage of online websites to sell your Items-  you have (but not limited to) Facebook Marketplace, Craigslist, eBay and stating the obvious, Amazon. Once you put your goods up for sale, the entire globe has access to the Internet and provided you've added an enticing description and a price that undercuts Its competitors, you will attract buyers a lot sooner than later.

From an SEing standpoint, the Issue with online sales Is "how" you plan to distribute your Items In a safe & secure manner and of the utmost Importance, doing It without raising any suspicion whatsoever. The fact Is, you never know who's on the other end of the keyboard- It may well be a federal agent who's monitoring your activity, hence the last thing you need, Is an officer busting down your door at 5:30am and reading out your rights. As a result, you must be very well prepared before advertising your Items, Inclusive of when they're still In the process of being sold, so to help you with all that, I've made a list of my recommendations as per below. 

  • Always use a fake online account (fictitious family & given name etc)
  • Anonymize your Internet connection (VPN and the like)
  • Anonymize your payment system (virtual credit card)
  • If advertising your phone number as a point of contact, spoof It (burner service)
  • Use a fake email address (this burner service does an excellent job)    
  • Do not sell Identifiable Items If they've been SEd using your real credentials
  • If continually selling on the same website, keep changing your fake Info
  • When using the same fake details, allow a sufficient gap from one sale to the next
  • When using the same fake details, sell by mixing low & high value Items
  • When selling on a forum/board or Discord server, use a trusted middleman service
  • Keep a logbook of every sale and event that takes place
  • Do not discuss your sales with anyone online, ever. 

Although a few of the above details have already been mentioned In the topic named "How To Anonymize Yourself When Selling Online", this Is not a general list, but rather dedicated to selling goods on the net, therefore you'll find that you will use the majority of It on websites of all shapes and sizes. There are a few more bits & pieces that can be applied during your sales, but It's not always about quantity- the "quality" of such content certainly outweighs It to a large extent, thus I've handpicked those that will fulfill every social engineer's circumstances and expectations

In Conclusion:

What you've learned from this article, Is that there's a lot more to SEing than selecting your Item, choosing your method based on Its nature, and executing your attack vector with the objective of manipulating the representative to generate a "refund" Into your account. I've highlighted "refund", for the reason that you've also learned that It doesn't always work In your favor and as such, a "replacement Item" Is dispatched against your wishes. When this happens, you'll have the tools and know-how to sell your unwanted replacement In a very effective fashion, that will ensure a smooth transaction and without any chance of being tracked and Identified at some stage In the future.     



Comments