In Depth Researching



How To Perform An In Depth Research Prior To SEing.

Be It SEing a company such as Amazon or Logitech to get a refund for an Item by using the DNA method, or perhaps manipulating an employee working In the HR department of the central office In your building to obtain their username & password, It's paramount to have knowledge of precisely how they operate before executing your attack. One of the biggest mistakes that social engineers make, Is to be overconfident with their SE and "blindly target their victim" without gathering any Information whatsoever about the environment they're engaged In, and the policies they comply with.

Unless you know every Intricate detail about a particular entity that you're planning to social engineer, It's of the utmost Importance to research everything there Is to know about them prior to formulating your method(s) and hitting your attack. You cannot possibly expect a successful outcome, when you have no Idea what you're up against. As such, the objective of this article, Is to "show you how to perform an In depth research of your target", thereby enabling you to make Informed decisions during the preparation and execution of your SE.

It's way beyond the scope of this tutorial to cater for every social engineer's needs, thus I will focus on "researching companies" that you'll be SEing on every level. Whether It's online or In-store, Is of no significance. However, researching extends beyond the company per se. For Instance, every online store uses a "carrier" (example: FedEx, UPS, DHL etc) to send & receive packages, thereby you also need to know how they operate, so I will cover this as well.

Now given that not all SEs go according to plan and companies ultimately decline claims and do not Issue refunds, as a last resort, you can claim a refund through "PayPal". Having knowledge of how to do this In order to maximize your chance of a successful outcome, Is crucial so this (PayPal), Is also part of the equation. Essentially, I shall cover researching "Companies", "Carriers" and "PayPal" In this order, so let's begin.

Researching Companies:

Regardless what scale the company operates on, be It a big organization like Logitech or simply a small online retailer, each and every one has their very own "Terms & Conditions", that outline specifics pertaining to orders and claims. It's this (the "Terms & Conditions"), that must be your first port of call to research, before even thinking about preparing your SE.

Here's a few examples of the most Important points to look for.

* Warranty Period- To establish when goods can be returned for a full refund.
* Refund Policy- To Identify the grounds on which refunds are Issued.
* Replacement Policy- To Identify the grounds on which replacements are Issued.
* Carrier(s) Used- To Identify vulnerabilities with their delivery service.
* Loss Of Goods- To establish who's responsible for loss of goods during transit.
* Advanced Replacement- You can use a drop address for this.
* Debiting Your Account- Check If they charge you for not returning the defective Item.
* Return Center- Establish whether It's onsite or offsite. The latter Is better during busy periods.

Researching Carriers:

Not all carriers operate In the same fashion, thus having prior knowledge of how a particular carrier  performs their delivery service to your doorstep, can make all the difference between success and a failed outcome. As with the above regarding researching companies, carriers also have their very own terms and conditions and comply with what's written, with every delivery made

Review their terms and take note of the following details.

* Signature On Delivery- this will assist with the DNA method
* Do They Offer Non-Tracking- As per above with the DNA method.
* Return Labels- Identify how they can be manipulated.
* Damage Reports- Are they raised during transit. If not, It will help with the boxing method.
* Shipping Insurance- Will help with the DNA and missing Item method.
* Unacceptable Shipments- Will help when sending Items back that they refuse to accept.
* Loss Of Goods- See If they take responsibility.
* Inspection Of Packages- Do they have the right to open and Inspect all goods.
* Delivery Options- Identify If you have a choice, when not delivered to your address.

Researching PayPal:

Let's face It, regardless of what method you're using at the time and how much you push your SE In order to achieve a successful outcome, there are times when the company will decline your claim for a refund of a given Item. This however, doesn't mean that you cannot pursue the matter further. As long as you're with PayPal, you can still claim your refund be processed. Obviously, you'll need to  research PayPal's terms.

Here's a few Important points that I'll define for you.

* PayPal Dispute- You go through PayPal's Resolution Center to (seemingly) agree with the seller.
* PayPal Claim- The dispute Is escalated to a claim to request a refund. PayPal solely deals with this.
* Chargeback- Contact your credit card provider for a refund, and they deal with PayPal. 
* Bank Reversal- Contact your bank for a refund, and they contact & deal with PayPal.
* PayPal Buyer Protection- This can help with the DNA & wrong Item received method. 
* Account Inactivity- Your PayPal account may be limited due to Inactivity.
* High Number Of Claims- This can result to your PayPal account being limited.

In Conclusion:

As you've well and truly realized, "researching extends way beyond the company Itself" and to be honest, I've hardly covered all there Is to know. As said at the beginning of this article, I cannot possibly cater for every detail, hence It's your job to gather as much Information as possible, prior to formulating your SE. Given you now have an excellent foundation to work with, there's no excuse not to perform an In depth research for each and every SE that you're unfamiliar with.






Comments


Popular Social Engineering Posts