How To Stall The SE



How To Stall The SE And Gain More Time To Respond.

I can confidently say that regardless of the amount of years you've been social engineering entities, be It on a personal level or SEing representatives working for major online stores such as ASOS or John Lewis, you would have experienced a "mental block" at some point during the SE, correct? If your answer Is "no", then you're obviously not telling the truth and living In some form of denial. It doesn't matter how well you've researched your target, Inclusive of perfectly preparing your method, the fact Is, you cannot predict the exact series of events that will take place during the execution of your SE. Even elite social engineers to the likes of Kevin Mitnick, are lost for words (to some degree) when In conversation with the person of whom they're SEing at the time.

For Instance, have you ever been Involved In a live chat with a service rep and at some stage of the SE, you received a response that had you at a loss as to what to say next?  I thought as much. I'd say It's very safe to assume, that you terminated the session there and then- and either took the time to think of the most appropriate answer, or created a thread In the forum that you're registered with and requested assistance thereafter. Either way and sometime later, you've established the live chat again, hoping that you'll deal with another representative In readiness for your attack.

For the most part, there's nothing wrong with abruptly ending the chat, but It can raise suspicion- particularly If It's at the critical part of the claims process, such as (for example) "the rep asking for the POP of the Item you're social engineering". Representatives are not stupid and naive as most SE'ers think. They can certainly put two and two together and (In this scenario), determine that the chat session was purposely terminated due to your Incapacity to provide details of the POP on request.

All forms of communications are logged, phone calls Inclusive, hence every action you perform Incorrectly, can be referenced by any customer service rep you speak with. Don't think that by speaking with someone else, your SE will (always) start fresh again. If It's picked up where you left off, It can have a significant negative Impact on your claim! Have you ever wondered why a (seemingly) perfect SE through a phone call or chat gateway, resulted In failure? It may well have been because you ended It on suspicious grounds and the next rep who took over, realized this and declined It.

To help avoid all this, I will be demonstrating "how to stall (stop) your SE without setting off alarm bells", thereby you can collect your thoughts and continue your execution sometime later. Prior to moving forward, I'd like to make the objective of this article perfectly clear as follows: "Sure, you can unexpectedly put an end to a phone or chat conversation and It may be perfectly fine, but what If the Item you're SEing Is a 3,000$ laptop and due to Its value, you have a lot to lose If the SE fails?" This Is precisely why I'm writing this- with the aim to leave nothing to chance, thus ensure that your SE does not prematurely end In an unsuccessful outcome.

As opposed to correspondence via email, whereby you have all the time In the world to think of something before hitting the send button, the same cannot be said for chat and phone. Given that each one Is communicated In real-time and you need to reply Immediately, I will only cover those- "namely the best ways to end your session without raising suspicion". You'll be very surprised at how simple this Is, so without further delay, let's rip Into It by starting off with live chat.

Initiating A Live Chat Session:

If you have never used this gateway, I will go through the procedure right from the beginning before getting to the point of this topic. On the grounds that you're familiar with It, simply skip to the third paragraph. Okay, here we go. For the purpose of this tutorial, we'll assume that you're going to establish a live chat with an Amazon customer service rep, and you're SEing a Bose Home Speaker 500 (for a refund) by using the "serial number method" and saying that It's not functional. Obviously you don't have the Item, but you've researched the department that manages the chat windows and have Identified that they do In fact process order refunds (yes this Is true!), so you're good to go.

You've now logged Into your Amazon account and after clicking a few options, you've hit the "Chat" button to begin your online conversation. No doubt, you're hoping that their chat bot will handle your Inquiry and take care of everything within a few minutes, however your concern has been passed to one of their representatives who Is more than willing to help you. He's politely asked what the problem Is, and you said that your speaker Is not working. The standard protocol for this, Is to go through a few troubleshooting steps before moving forward so keep this In mind!  Evidently, every question that was asked about the Item's functionality, you replied In a negative fashion and as such, the rep Is satisfied that a refund Is warranted under the circumstances.

He's now asked you for the serial number and given It's within their refund policy time frame, there's no cause for concern on your end. Success! Well, not quite- all of a sudden, the representative has requested the "POP" (Proof Of Purchase) to finalize your claim. Clearly you don't have It, hence your SE has now come to a halt. You're lost for words, and In a position of having to terminate your chat session straight away but If you do It right this minute, It WILL be obvious as to why you decided to end It. And because everything you've said has been logged, the next rep you speak with, may well refer to these series of events. "Here's how you do It without raising suspicion" as per the topic below. We'll pick It up from your response to his request for the POP.

The Live Chat In Action:

You: "Sure thing, can I email It to you?".
Him: "Yes thank you".
Now you pause for a little while, around 15-20 seconds.
You: "Sure thing, can I email It to you?".
Him: "As said, yes thank you".
Again, you pause for around 20 seconds.
You: "Are you still there?".
Him: "Yes, email It".
Another pause for 15-20 seconds.
You: "Hello, can you answer me please?".
That's the last time you've replied, regardless of his messages back to you.

After a couple of minutes of silence, "the representative ends the chat". See what just happened? You deliberately gave the Impression that you did not receive any of his replies- which seemed very realistic due to your pause In between your own messages! Notice how I quoted "the representative ends the call?". This Is the most Important part, whereby "he made the decision" and not you, therefore you're not at fault for not complying with what was expected of you. All In all, there were no signs of suspicious behavior whatsoever on your behalf. 

As a result of the above, you can now take all the time you need to think of the next course of action  pertaining to your SE and when you've made your decision, you can connect to live chat and provide them with precisely what they've requested. You have everything you need, thus your SE will head towards success. Even If another rep Is on the other end of the chat, he/she will (most likely) take over from where the last session ended- and that was the previous representative terminating the session.

Communicating Via Phone:

Stating the obvious, speaking over the phone Is Instant- It happens there and then and whatever you've said, cannot be taken back. If you're the type of SE'er who's not confident at all with this gateway of communication, you "will encounter difficulties" In answering the representative's requests accordingly. As such, It's of paramount Importance to know exactly how and when to bring the conversation to an end- without being evident of your Intentions. Now you may be thinking "It's fine, I'd rather shoot off an email". Well, I can tell you that this can be a lengthy process to receive replies and If your claim Is a matter of urgency, you'd want It sorted Immediately. And the fastest way to do It, Is by phone. Of course, the company you're SEing must be contactable by calling them.

So what If you're talking with the rep, and you've suddenly experienced a mental block that may ultimately lead your SE to failure? The equation Is pretty simple- hang up on the representative, however It must be done right to not raise suspicion. Given there's hardly any effort on your end, I won't go Into detail with this, so I'll get straight to the point. Always terminate the call "when you are speaking!". Never do It whilst the person on the other end Is chatting away.

For example, how many times have you received a call from some annoying salesman tempting you to purchase something, and you've simply hit the end button In the middle of "his end of the conversation?". I'd say you've done this on every occasion. No doubt he would've realized why you did It- on purpose and for the fact of being disinterested. The same applies to your SE- you must avoid showing signs of deliberate behavior, and "hanging up when you're talking", gives the Impression that the connection was lost for no apparent reason. When you've collected your thoughts, you can call back and proceed with your SE In a positive manner.

In Conclusion:

I've always been a firm believer In the saying of: "It's not what you say, but how you say It" and the topic regarding The Live Chat In Action, describes this perfectly. You may rarely have the need to stall your social engineering attack and for the most part, It's probably okay to end It abruptly but all It takes Is one wrong move, and you can say goodbye to the entire SE. I'm the type of SE'er who covers all angles to ensure the results work In my favor  and If you follow everything you've read above, you too, will significantly Increase the likelihood of success!





Comments


Popular Social Engineering Posts