Skip to main content

Featured

SE'ing Encyclopedia

Updated: 29/03/2022:    If you've ever wanted to know every term and method relative to social engineering, Irrespective of your level of experience, then you've come to the right place. This SEing encyclopedia, has everything you need pertaining to common terms and methods that're used In today's world of exploiting the human firewall. All topics Include a brief description, as well as a few examples of how each term Is used In a sentence- which will be of benefit to those new to the SEing sector. To help refine your search, I've added a table of contents, whereby you can pick and choose exactly what you're looking for. 

The Impact Of The DNA Method

 


The Impact Of The DNA Method On The Driver & Yourself

When used In the right context and to Its full potential, "social engineering Is a very powerful tool" that can achieve just about anything that comes to mind. Be It using the serial number method for a 3,000$ gaming laptop and circumventing the rep's request to send It back by putting the leaking battery method Into action, or hitting the latest IPhone with the boxing method to make It look as though the package was tampered with and the Item stolen In transit, each event can manipulate the company's representatives on almost every occasion  - by advanced SE'ers who have the expertise to formulate & execute the said methods efficiently and effectively.

Naturally, I'm referring to "company manipulation and exploitation", whereby reps/agents are deceived Into crediting accounts for the full cost of the purchased product, or dispatching a replacement Item at their expense while the SE'er still gets to keep the original one. This type of social engineering Is far more sophisticated (as opposed to old-school SEing to grab confidential Info, usernames & passwords etc), for the reason that It takes an exceptional set of skills to get the job done - particularly when reps work strictly by the book and assess claims with a fine-tooth comb, and not those who have no brain cells left and approve them on the spot. 

If you've been SEing In the above capacity for quite a number of years, you'd be well aware that your activities have very little to no effect on companies to the likes of John Lewis, Zalando, Nike, Wayfair, Amazon and many others who operate on a large scale - namely because you're targeting entities worth In the billions of dollars, and their employees (and other personnel) couldn't care less about financial loss or otherwise. However, the same cannot be said for Individuals who are affected (to some degree) on a personal level - specifically "carrier drivers" and "yourself". Don't worry, this will make perfect sense In 30 seconds or so.

Although It's (mostly) no fault of your own, there Is one method named the "DNA (Did Not Arrive)" that tends to trigger a couple of events which have a negative Impact on "you" and the "driver", thus It's crucial to Identify and tackle each one accordingly. For example, have you ever experienced the "driver calling your cell phone or attending your home asking why you've claimed the package didn't arrive?". Or that your social engineering behavior may result In "the driver losing his job?". If you haven't come across either of the two Incidents as yet, It's Imperative to recognize them before anyone personally gets hurt - being yourself and the driver.  

That's what prompted me to document this post. A lot of SE'ers have very little to no Idea of what to do when "the driver calls/visits their home", and they also do not want him to "get In trouble with his employer", therefore they're Indecisive as to whether or not the DNA method should be used. Rest assured, I will clear all doubts, questions and concerns hence by the time you've finished reading this article, you'll be well-equipped to handle each event In a positive fashion. Prior to discussing that, It's very Important to have sound knowledge of the DNA method, so let's check It out In the topic below.       

What Is The DNA Method?

As Its name Implies, the "DNA method" (which Is short for "Did Not Arrive"), Is used by social engineers to say that the package they've been waiting to be delivered to their home or drop house, did not arrive as Intended. That Is, they've purchased something from an online store, but the carrier failed to drop It off at their premises. Evidently, the SE'er did receive It, but Is stating he didn't for the purpose of the SE. The best thing about the DNA, Is that It's "carrier-based" and considered a universal method, thereby It's compatible with almost any Item of reasonable size and weight.

In other words, as long as you're not SEing a family home (so to speak!), It doesn't matter how big and heavy the product Is, but be realistic by selecting goods that are SE'able, as opposed to (for example) an Item that's around 200 kg and 2 meters In height - as It will require some type of person-to-person verification such as an OTP (One-Time-Password). Okay, given "the objective of the DNA Is to SE the company by purely claiming the package was not delivered", I'd like you to think about It logically for a minute. When ordered from the Internet, the only way the package will arrive to your home, Is via the carrier, yes? I'm glad you agree.

Essentially, regardless of what you've bought - be It an IPhone, Apple AirPods or a pair of trainers, It doesn't change the fact that the carrier will drive by and drop off your package - Irrespective of weights & dimensions. You'd then contact the company "the next day" (you're not supposed to know It came, so wait until the following morning/afternoon) and tell the representative you're still awaiting the delivery. Whatever you do, "do not give any more details than what's needed". The more you say, the more ammunition they have to try and decline your claim! 

Due to the nature of the method, It's common for an Investigation to be opened, whereby the company will liaise with the carrier who serviced your delivery to cross-check their shipping documents. Generally speaking, they'll try and locate the whereabouts of your package and establish the reasons why It didn't make Its way to Its destination - your house. When they've concluded their Investigation, they'll use "Tracking/GPS Information" to say that It was dispatched & delivered correctly, and (attempt to) reject your claim thereafter. However, tracking Is a useless form of verification, namely because It ONLY confirms delivery to an "address" and NOT to an "Individual".

As such, "you did not personally receive the package". For Instance, If It was dumped at your doorstep, anything could've happened to It - a passerby stole It, or perhaps the neighbor took It. Whatever the possibilities are, If you stick with the story that yourself or a household member "did not personally accept the package", the DNA method has a very high chance of success. Now a lot of carrier drivers remember who they delivered to, and take offense when you've claimed It didn't arrive and as a consequence, things can get rather unpleasant which brings me to my next point being the carrier driver contacting you


The Carrier Driver Personally Contacting You:

Before I make a start, do note that this topic relates to the driver's actions having an Impact on "yourself", and also discusses how to effectively handle the series of events that take place as a result of his behavior. Okay, because carrier drivers are well aware that they've done their job properly by dropping off their consignments at the right address, they tend to get upset when people state otherwise - with many drivers taking matters Into their own hands, and visit the social engineer's home, or get In touch by phone. Be It one or the other, the driver will ask all sorts of questions about the delivery, and why you've said It wasn't received. Sometimes he'll go as far as asking you to sign a document - just to clear himself of any wrongdoing. 

In such circumstances and given you haven't purposely targeted the driver, "It's his decision to take It personally", hence you need to protect yourself from his demeanour and demanding attitude. You see, there are occasions when the driver will do whatever It takes to get In contact with you, and If It means generating 20+ phone calls or continually visiting your house until someone answers the door, he'll do exactly that on a daily basis. I've experienced very similar scenarios, whereby my cell phone had ex-amount of missed calls, and the sound of my doorbell was quite annoying throughout the entire day.     

When the above-mentioned Incidents happen with the driver during the DNA method, there's a few very Important elements you must understand In the following fashion. "He has no right to set foot on your private property requesting answers and forwarding documents to sign, nor are you obligated In any way, shape, or form to attend to his needs". Many SE'ers feel as though they must explain themselves by speaking with the driver and complying with his demands, which Is NOT the case at all! He's only a "delivery driver", not a police officer, so completely disregard his attempts to communicate with you, and he'll eventually give up a lot sooner than later.         


The Carrier Driver Losing His Job:

There's no doubt that social engineering companies on every scale has Its fair share of risks, and as a result of your SEing activities, It can have serious consequences - one of which, Is "the carrier driver losing his job". It's fine when you SE for personal gain by way of obtaining refunds & replacement Items from multi-billion dollar companies, thus It's not affecting them In any way whatsoever, but If your behavior contributes to a driver finding himself on the unemployment list, then that's just totally unacceptable. No one should be fired at the expense of your SE - they too have bills to pay and mouths to feed, so It's vital to social engineer without Impacting on the driver's occupation.

So how do you ensure your SEing affairs stay within the confines of your very own environment, and do not play any role with the carrier driver and his deliveries? Although you cannot control what the company decides to do with your DNA claim, the one thing that can be done on your end, Is to significantly decrease the risk of the driver losing his job as follows. On the grounds It's the same carrier & driver who services your area, and you SE quite regularly and consistently, It's paramount to "never befriend the driver". Why? Well, drivers who have a set run with their delivery schedule, will attend to the same locations every so often - your residential home Included.

Now If you're the type of SE'er who frequently performs an array of legit and SE'able purchases, It's very likely that some degree of friendship will develop between you both therefore the majority of times, he may choose to simply drop off the package at your doorstep, or sign for It himself - all because he believes you're an honest, sincere and trustworthy person. If you take advantage of It by "repeating and succeeding with the DNA", there's every chance the driver will be reprimanded for failure to fulfill his duties, thereby he can ultimately be sacked by his employer. I don't need to elaborate any further, do I? The message Is loud and clear - be a responsible SE'er by respecting the driver for "who he Is", as opposed to what he does for a living.


In Conclusion:

The DNA Is one of very few methods that can have a direct Impact on a personal level and as such, It's very Important to Identify, tackle and prevent Incidents that can cause huge difficulties for both yourself and the driver - which Is precisely what you've learned from this article. Now the reason I've added the driver as part of the equation, Is because as social engineers, "we should never target nor personally affect any Individual" and If you think otherwise, put yourself In the driver's position. 

Would you like It If your boss terminated your employment, due to too many reports of nonreceipt of goods against your name? I didn't think so. In closing, you now have a good understanding of how the DNA method operates, as well as Its negativity, so use your knowledge wisely with each SE you plan on performing.         

Comments