Skip to main content

Featured

SE'ing Encyclopedia

Updated: 08/09/2022:    If you've ever wanted to know every term and method relative to social engineering, Irrespective of your level of experience, then you've come to the right place. This SEing encyclopedia, has everything you need pertaining to common terms and methods that're used In today's world of exploiting the human firewall. All topics Include a brief description, as well as a few examples of how each term Is used In a sentence- which will be of benefit to those new to the SEing sector. To help refine your search, I've added a table of contents, whereby you can pick and choose exactly what you're looking for. 

SE'ing Realistically

 

The Importance Of SEing In A Realistic Fashion

On the grounds you're operating as an Intermediate or advanced social engineer, who's been hitting online stores on a medium to large scale such as Nike, Adidas, GoPro, John Lewis, Zalando and of course the largest eCommerce company being Amazon, you'd well and truly know that your attack vector, Is only as good as the "accuracy" and "effectiveness" of your Item and method formulation. For Instance, If you're not familiar with how the missing Item method (also known as "EB" - Empty Box) Is applied, thereby you didn't bother taking the product weight Into consideration and SEd goods around 1.5kg, then don't expect a favourable outcome.

How so, you ask? Well, unless the representative has no brain cells left and approves the claim on the spot or a chat bot does the same on a very low value Item, an external Investigation will be opened with the carrier, whereby the "package weight" will be cross-checked with what they have on record, against the company's dispatched weight. Given there's no variance between the two (company & carrier weights), your Item could not have been missing - for the fact that the weight was consistent at 1.5kg

What should've been done to begin with, Is opt for something that's extremely light, under "120 grams", hence It will not be detected on any weighing facilities and a refund/replacement will be forthcoming. As you can see, It's absolutely Imperative to be well acquainted with the method you've chosen against the nature of the Item, but It doesn't stop there! Of equal Importance, Is to be "realistic" with each and every SE performed, however some SE'ers, particularly those who've just started their career In "company manipulation and exploitation", come up with a fanciful and far-fetched approach when preparing their method - and then they wonder why It failed miserably.

For example, to this day, I continue to come across messages on Internet forums/boards to the effect of: "I'm using the sealed box method and putting sand In the box to match the weight, and returning It for a refund". Really? What happens when the Inwards goods centre receives It, and they hear the sound of dirt/sand as they're moving It around the warehouse? Or perhaps the storeman decides to open the box to make sure the correct product Is Inside, only to find some garbage was enclosed? How on earth can any social engineer justify It and expect the company to believe their story? Enough said!

The above scenario and many other ridiculous events of similar Intentions, are still being used by SE'ers of all shapes and sizes, and that's what prompted me to write this article. Considering there are so many traditional methods, It's way beyond the scope of this guide to document the lot, thus I've focused on only a couple that're commonly used by almost every social engineer - namely the "wrong Item received" and the "boxing method". What you will learn today Is how to formulate these methods, as well as the unrealistic Incidents that SE'ers tend to apply, and finishing each one with a realistic approach that'll maximize the SE's success. Okay, so without further delay, let's rip Into It.    


What Is The Wrong Item Received Method?

The biggest advantage of the "wrong Item received method" Is Its versatility, meaning It's compatible with every company that has a warehouse full of stock. Unless you're SEing a car (so to speak!), there's almost no restrictions with the type of Item to be SEd, therefore It can be used with just about every online store, or If you prefer, any In-store retailer. I'll explain how It works In a very simplistic manner. After you bought a product and It was delivered by the carrier, you'd contact the rep/agent and Inform him that "the package contained a different Item to what was originally ordered".

Of course, nothing of the sort happened, you're just saying It did to SE the company. Before going ahead with the method Itself, you first need to "buy the wrong Item that you're pretending to have received" - for the reason that the representative will ask you to send It back, and a refund or replacement for the "original Item purchased", will only be processed when the company has the "wrong Item" In their possession. To make It easier to follow, I'll breakdown the procedure In chronological order as per below.

  1. Buy the Item you plan to SE
  2. Purchase the wrong Item from the same company, on a different account, and no more than a couple of days later
  3. Be sure the wrong Item Is sent to another address not associated to yours
  4. The weight of the wrong Item must be as close as possible to the one you're SEing
  5. When the package arrives (with the "SE Item") contact the rep/agent 
  6. Tell him that upon opening the package, a different Item was enclosed
  7. The rep will ask you to return the wrong Item that was (apparently) delivered by mistake
  8. Send back the wrong Item that was previously purchased In step 2 above
  9. When they receive the wrong Item, It will be scanned and put back Into stock
  10. A refund/replacement will then be Issued for the SE Item

If you've followed all of the above steps carefully, It's pretty easy to see how It works, and why It has a very good success rate - all because the methodologies used throughout Its preparation and execution, "are based on realistic circumstances". However, a lot of social engineers don't see It that way, hence they use an "unrealistic" standpoint when putting together and launching the wrong Item received method - which brings me to the next topic.       


Unrealistic Wrong Item Received Method

If you're reading this as an advanced SE'er who's been In the scene for many years to date, there's no doubt that you'd know the Ins & outs of the wrong Item received method, thus this topic will be of little benefit to you. Even so, do take the time to check It out - for the reason that you will Inevitably experience social engineers utilizing what I'm about to discuss with their method, thereby (If you catch It early enough), you can correct their mistake and guide them In the right direction. After all, as SE'ers, we all stick together and help each other out, so It makes perfect sense to have this type of attitude!

As you're aware, the wrong Item received method pertains to saying that an Incorrect product was In the box/package when you opened It, therefore your story needs to be convincing, but I've witnessed countless social engineers who've said (or plan to say) they've "received rocks" Instead of the Item ordered. Seriously? Do they honestly expect to get away with such nonsense? Moreover, how can they possibly assure the representative that a perfectly factory sealed box containing rocks, ended up In their warehouse? Furthermore, how was It picked, packed, and dispatched without anyone noticing or hearing the rocks/pebbles while the box was handled from one person to another?

Sure, one way to justify It, Is by claiming It could've been someone else's return. But If the order number Is cross-checked with the company's Invoice department, they'll see that It was received from the manufacturer, then placed In Inventory with the rest of the stock, and directly sold to "the SE'er" sometime later. As a result, It's Impossible that a box filled with rocks was sent from their warehouse! The message Is loud and clear - "be realistic with the wrong Item you plan on selecting" - as discussed In the following topic.
 

Realistic Wrong Item Received Method

Assuming you've read the breakdown a few minutes ago of how the wrong Item received method Is applied (If you haven't, go back and do It now!), you'd well and truly know Its design and application, but the method Is only as good as the approach and compatibility of the wrong Item you've chosen to Incorporate Into your SE. If It's based on "realistic" turn of events that typically occur In every warehouse environment, then the likelihood of your claim being approved, significantly Increases. 

Here's what I'm referring to. Let's say you're SEing the latest GPU (Graphics Card) from who else but Amazon. You've researched the wrong Item and opted for a PSU (Power Supply Unit), and made sure It belongs In the same category/department, and also ensured the weight Is Identical, or very close to the GPU. Can you see why your SE Is destined to succeed? The wrong Item Is In the "same category/department" and Is a "technology-based product", so It's perfectly understandable that a picking & packing error can be made with your order - which will fool representatives Into believing that It did In fact happen! So, be sure to always be "realistic" In every aspect of the wrong Item received method.      


What Is The Boxing Method?

There are many ways "the boxing method" can be performed, but for the purpose of this tutorial, I'll demonstrate only the one example as follows. After the Item was purchased and delivered by the carrier driver, you'd contact the company and say that It's not working. Evidently, there's nothing wrong with It, but you're stating otherwise to SE them. The rep will then go through a few troubleshooting steps - to try and Identify why It's not operating as per Its factory condition. When he's satisfied It's defective, a refund or replacement will be arranged, but "only when your (seemingly) broken Item Is returned".

Obviously there's no Intention to send It back, and that's when "the boxing method" comes Into action, by returning the box/package without the Item, and making It look as though It was tampered with during shipment. To do that, cut the box/package on one side and seal It with different coloured tape, so when the company receives the package, they'll think that someone stole your Item at some point In transit. If they're responsible for loss of goods (research this beforehand!), they're liable to cover all expenses, therefore the company Is obligated to Issue a refund/replacement.

As easy as It may sound, there's a few things to consider when preparing the boxing method. First and foremost, "get the precise weight of your Item" - as this will determine how the method will be formulated, and depending on how heavy It Is, one of two procedures will be used to put It together. If the product Is extremely light (under 120 grams), It will not be detected when weighed, so send the box on Its own with nothing Inside. Don't forget to cut the box/package and seal It with different coloured tape! On the other hand, If It's rather heavy, substitute the Item with dry Ice. All In all, everything seems genuine, so there's a very good chance the SE will work In your favor.  


Unrealistic Boxing Method

In order for the boxing method to succeed, It must not only be prepared with a high degree of accuracy when giving the Impression that someone ripped open the package and took the product, but It also needs to fool companies, carriers and whoever Is handling the shipment Into thinking you've done the right thing by returning your Item. However, many social engineers fail to see It that way and as a result, they come up with a ludicrous Idea to box the company - a commonality being "packing blocks of wood In the box" (Instead of the Item) to make up the weight, and sending It back for a refund.

If you're one of those SE'ers who's planning on doing It, I'd like you to think about It logically for a minute. How will you explain to the company, that pieces of wood ended up In the box/package you've returned? Even If an excuse was created, such as somebody put It there and stole the Item, who carries bits of wood In anticipation that It'll be used to steal a product from a random package? I'll answer It for you: "No one!". Representatives were not born yesterday - they can easily pickup that this approach Is fabricated with the objective to deceive them, so a realistic formulation Is paramount, as discussed next.   


Realistic Boxing Method

To briefly recap how the boxing method serves Its purpose, you'd give the appearance that the box/package was tampered with, and your product was taken before It reached the company's receiving area. Its preparation Is done In one of two ways - the box Is sent on Its own for anything under 120 grams, or the Item Is substituted If It's heavy enough to register a weight on consignment. In terms of the latter, you cannot replace your Item with any junk that comes to mind and expect to get away with It  - It's crucial to be "realistic" with what you decide on using.

There are two ways you can go about It. The first Is to choose something that every carrier utilizes when organizing, collecting and dispatching their day-to-day shipments, of which "packaging tape" Is one of them - namely because almost every driver and depot worker has tape at their disposal. If you haven't worked It out already, the Intention Is to make It seem as though any one of them opened your box, took your product, and replaced It with a few rolls of tape. The second "realistic" methodology Is using the most popular commodity - specifically "dry Ice". Rather than writing a guide on Its usage, simply read my article on how to apply It.    


In Conclusion

I've purposely limited this to the "wrong Item received" and "boxing", for the reason that they're not only frequently used by beginner, Intermediate and of course advanced SE'ers, but to also serve as a general guide when you're planning to formulate a particular method against the company and the Item of your choice. 

As such, you've acquired the skillset and knowledge to adopt a "realistic attitude" with every SE performed right from the get-go, thus It significantly Increases the likelihood of a favourable outcome - a refund credited Into your account, or If you prefer, a replacement Item dispatched at the company's expense. 


Comments