Identify How A Company Works


Identify How A Company Operates & Manages Claims.

Regardless If you're social engineering your local computer shop (that only has a handful of employees) by physically attending the customer service counter and tricking one worker with the sealed box method for a replacement Item, or SEing the largest eCommerce company being Amazon to credit your account with a refund for an Item you don't have to begin with, believe It or not, both are equally difficult to SE. "How so", you ask? Well, If you've never SEd either of the two and have no knowledge of how they operate from an Internal standpoint, how do you know that the method you're looking to use with the Item you're planning to social engineer, will In fact have a good chance of success?  I'll answer It for you: "You don't" for the following reason. 

You cannot perform what I call a "blind SE", whereby you have absolutely no Idea what you're up against- your SE will fail before It has the opportunity to begin. For example, "If the company Is known to examine every minute detail with a fine-tooth comb"  when assessing your claim and you happen to use the "missing Item method", by saying that the Item you ordered was not In the box when you opened It, then your SE Is destined to fail. You see, unbeknownst to you, the company checked the exact time of when your order was Invoiced with the account's department and also traced their movements In the warehouse- namely "the storeman who packed your Item"  and "the weight recorded at their dispatch area"  just before your package was sent. Every detail matched without any Inconsistencies, hence they deemed your Item delivered.

Now I'm not saying that each and every company operates In the above manner, but rather stating that events of that nature Is certainly a possibility, thus the Importance to perform your "research" prior to selecting your method and Item. Allow me to explain why It's crucial to familiarize yourself with as much detail as possible about every company you'll be SEing. For the purpose of this demonstration. we'll use the same method as already discussed- being "the missing Item". Let's say you're going to social engineer a UK store named "John Lewis" for the very first time but for one reason or another, you didn't bother checking out the way they process claims, nor "whether the missing Item method Is known to have a very good success rate". Instead, you've gone ahead and purchased Apple AirPods Pro, which Is light enough for the said method. 

After the package was delivered to your premises, you've called the company around 30 minutes later claiming they were missing, and the representative said that he'll get back to you In 3-5 business days. For your reference, when you're told of something to that effect, It usually means that "an Investigation will be opened", so keep It In mind! Moving forward, that's precisely what John Lewis has done- "opened an Investigation" to check If you did In fact receive your Item  and If you didn't, they'll locate exactly where It Is by tracing their steps from the time It was picked & packed, to when It left their warehouse. Included In this, Is liaising with the carrier (who serviced your delivery) by checking their shipping documents

After around a week or so, they've declined your claim on the grounds that their records conclusively Indicate that your AirPods were correctly dispatched and "enclosed In the package when collected by the carrier"- which was confirmed on the manifest at their depot. Your SE was a complete waste of time and effort, all because you neglected to delve Into the company's Inner workings, as well as the compatibility of your method against their operations. I've used "John Lewis" as the example for a very good reason. At the time of this article, I can confidently say that they cross-check every bit of detail when using the missing Item method and as such, It's quite an arduous task to manipulate their reps to approve claims. 

I'm not saying that they cannot be SEd (every company can), but more to the point that you'll need to execute your attack flawlessly, and keep It that way throughout the entire SE. Speaking of your SE, If you had've known how John Lewis handles claims when using the missing Item method, you would've obviously "opted for another method". So how do you Identify how companies operate, and what do you specifically look for as part of your research & Information gathering? One of the best ways to see how they function Is to"perform a practice run", which I've covered In the very next topic. After that, I've listed a few events that are likely to occur with the majority of companies. Do note that along with a few other bits & pieces, "you'll be using a practice run every time you need to Identify whether an event takes place with a given company". Don't worry, this Is a lot easier than you think! So without further delay, let's get this started. 

Perform A Practice Run:

A very good way to see how a company deals with orders and assesses claims with a particular method you're planning to use, Is to do what I call a "practice run", meaning a "trial SE". Essentially, rather than SEing your real Item, you put together a "bogus SE" that's solely used for testing purposes- with the Intention of establishing the questions they ask, and the actions they take during the course of your claim. This will give you a pretty good Idea of the measures they have In place, and what to expect when you're ready to hit your real SE. There are many ways to perform a practice run, but I'll keep things simple by demonstrating just the one example as follows. Begin by "ordering a very cheap Item that only costs a few dollars or so"  from the same company that you'll be social engineering (for real) at a later date.

This way, If your SE doesn't go according to plan and fails, you have nothing to lose except a measly 2 or 3 bucks on the (cheap) Item you've bought. Next, choose your method (that you'll be using with your real SE). We'll say that It's the "wrong Item received method", so when the carrier has delivered your package, call the company and say that you received a completely different Item to the one that you originally purchased. Of course, you did get the correct Item (being your "cheap Item") but you're obviously stating otherwise for the purpose of your practice run. Now It's very Important to take note of every possible detail that happens from this point onwards- as It will give you a very good Indication of the steps that representatives take when processing your claim.

For Instance, In order to generate a refund, the rep may ask you "to return the (seemingly) wrong Item" and when he receives It, only then will your account will be reimbursed for the full cost of the purchased Item. Naturally, you have no Intention of sending It back, hence the "boxing method" comes Into action by giving the Impression that your Item was stolen during shipment. To do that, cut the box on one side and seal It with different colored tape. If your Item Is extremely light, send the box with nothing Inside but If It's pretty heavy, add "dry Ice" that's the same weight as your Item. Either way, makes It look as though It's been tampered with and your Item was stolen, before the company receives your package. 

If they approve your claim, pay attention to "how & why they did It". If It's declined, also "take note of the reasons why they decided to do that". You now have a good Insight of what to expect with future SEs, but your practice run Is still somewhat Inconclusive at this stage. You see, some reps/agents tend to take shortcuts every now and then by disregarding company protocol, so to make sure that your practice run wasn't a one-off Incident at the time, hit one or two more on different days- with a mixture of weekdays & weekends. If the results are consistent with each one, then you know that your claim Is handled and finalized In the same manner with the method you've used, In this case, the wrong Item received. Okay, we'll now have a look at a few events that most companies have Implemented, but need to be Identified with the one you're going to SE, so let's begin.    

Identifying Company Investigations:

When things don't quite add up with what you've told the company pertaining to your SE, against what they actually have on record, they'll "open an Investigation" which Is basically an official Inquiry Into your claim to see why your Information doesn't correspond with theirs. There are two types that take place. The first Is an "Internal Investigation" which happens within the company Itself, whereby (for example) they'll check when your order was Invoiced, who picked & packed It and perhaps do a stock count of their Inventory to see If there's any variances. The second Is an "external Investigation" which (as Its name Implies), Involves liaising with external sources, namely the carrier, to verify details about your consignment such as making sure that there's no Inconsistencies with the weight of your package.  

If you haven't come across an Investigation as yet, you definitely will at some point during your SE but rest assured, there's no cause for concern- It's simply part of their protocol to move forward with your claim and nothing more. Although It's a commonality with almost all companies to perform both types of Investigations when assessing claims, not all of them do, so It's vital to Identify which of the two (If any or both) Is the case with the company you're looking to SE. So how do you know whether they do In fact perform an Internal and/or external Investigation? You guessed It, hit a "practice run" as per the topic that you've just read before this. You're well aware of how to prepare and execute It, so there's no purpose going over the same thing but what I will do, Is provide an example of one company that does not follow through with "external Investigations", hence It will give you some Indication of what to expect with your SE under similar circumstances. 

What you're about to read Is accurate at the time of this article, but may change at any given moment. Nonetheless, the objective Is to share my experience with one particular company being "Nike", who does not open "external Investigations" with both the missing Item and partial method. The way I personally Identified this, was when I mistakenly used the missing Item method on a product that was a little too heavy- weighing 255 grams. The error was no fault of my own, but rather another SE'er who did the research for me and gave the Incorrect weight. Just to let you know, the maximum Is "120 grams", and that's pushing It to Its limit. To be on the safe side, It's best to stick to a range of "40-60 grams", which Is proven to have over a 90% success rate when using either of the above methods.   

Anyway, In terms of the SE, much to my surprise at the time, my claim was approved with very little questions asked and after I realized my Item's true weight, I decided to do "a couple of practice runs"- just to be certain that It wasn't a one-off Incident. The type of Items I used Is not relevant, so I won't bother naming them. The first practice run consisted of a product that was around "700 grams", was extremely cheap but something that I could put to good use- should the SE succeed. Sure enough, the outcome worked In my favor and a refund was Issued Into my account. With the second practice run, I upped the ante by SEing an Item at 1.2 Kg, which Is way too heavy for the missing Item method and once again, my account was credited for the full cost of the purchased Item. All In all, my practice runs concluded that Nike do not cross-check weights, nor do they perform external Investigations

Do They Respond To PayPal Disputes/Claims?  

Let's face It, social engineering Isn't all sunshine and rainbows. You may have researched everything there Is to know about your target, formulated your method based on your (researched) findings and executed your attack by leaving nothing to chance, however due to unforeseen circumstances, It can fail at the best of times. But by no means Is your SE over and done with- you can rescue It, by filing a "Dispute" with PayPal through Its Resolution Center, and then escalate It to a "Claim"- with the Intention to have PayPal reverse the transaction and reimburse the cost of your Item Into your account. Now It's way beyond the scope of this guide to explain every detail, so Instead, I'll summarize It In a very easy to understand manner as follows.
The main reason why SE'ers use PayPal as their preferred payment system, Is because It protects their purchases by offering "Buyer Protection". Essentially, In the event the SE fails, the social engineer will file a "dispute" and that will get escalated to a "claim". PayPal then takes over by contacting the company to collect all relevant details about your claim, and after they've finished with their assessment, they'll decide on the outcome- whether to side with them, or give you a refund. Although PayPal tends to agree with the buyer/SE'er, you never know for sure If It will be the case with the company you're currently SEing, thus you'd need to establish "If the company responds to PayPal disputes/claims". For Instance, whatever the reason may be, some retailers don't bother replying to PayPal, regardless of the number of  requests made

As such, It greatly benefits the SE'er, by almost guaranteeing that a refund will be forthcoming so to determine If It's true with your planned SE, once again, fire up your "practice run". This time however, allow your SE to deliberately fail and then file a dispute/claim with PayPal. If they approve It, repeat the process by hitting another practice run and use a different method to the first one. The Idea Is to make sure that the company does not respond to PayPal under any circumstances. If both results are the same, then you can use PayPal to your advantage with your real SE. To be absolutely certain that the company couldn't care less about PayPal, ask other social engineers If they've experienced the same as yourself  and If so, you'd know for sure that you're good to go.            

Identify & Research The Carrier That Services Deliveries:

As you're aware, "researching how a given entity operates"  by collecting as much Information as possible and evaluating It thereafter, plays an Integral role In Identifying the measures they have In place, and pinpointing the type of vulnerabilities that can be exploited. There's no doubt, that this Is the first thing you must do with any company that you're not familiar with and have never SEd before, but of equal Importance, Is to "research the carriers they use to service their deliveries". The need to research from a carrier standpoint, Is "method-specific", meaning It only applies to a couple of methods, namely the "boxing" and the "DNA" (Did Not Arrive). I'll explain why shortly. The reason other methods are excluded, Is because the carrier driver has no Impact when you're SEing the company, so there's no point In gathering Information that you're not going to use.

For example, the "missing Item method" Is either a warehouse or manufacturer error, hence the "carrier driver" has no Involvement whatsoever during the course of your SE. The same can be said when using the "wrong Item received method"- the storeman (seemingly) picked & packed a totally different Item to the one you originally ordered, therefore the carrier Is only providing a pickup and drop off service and nothing more. Every other method Is also Irrelevant, but I cannot possibly cover their usage In a single post. Okay, back to the "boxing" and "DNA method". Both of these have some form of association with the carrier. The former (boxing) Is when your Item was apparently stolen In transit, and the latter (DNA) Is used to say that your package did not arrive- each one suggests that the carrier company Is responsible for your package and/or Item not making Its way to Its destination

As a result, It's paramount to establish which carrier will be used with the company you're planning to social engineer, for the fact that the majority are different (to some degree) In how they deliver and verify consignments. For Instance, "DPD" can be the biggest pain when dropping off packages- namely because (at the time of this article), their drivers take photos of the entryway of your home to confirm that It made Its way to the correct address. Others require an "OTP" (One-Time Password) and If you don't provide It, the driver will walk away and mark It as an undelivered shipment. Clearly, you can see the Importance of "researching precisely how they operate" prior to hitting your SE- as It can make all the difference between success and a failed outcome. 

In terms of Identifying the carrier(s) used (yes, there may be more than one!), It's not hard at all. It literally took me 15 seconds to find a list that Amazon utilizes found here, so use some common sense by hitting a Google search with the relevant keywords. With regard to what to look for when performing your research, I've put together a few details to get you started. You can find the answers to some by navigating to the carrier's website In their "terms & conditions" or (you guessed It!), do another "practice run"  to see who will be delivering your goods. Do note that the following Is not an exhaustive list, but rather gives you the most common events that take place with all major carrier companies.  

  • Does the carrier driver accept signatures?
  • Is an OTP (One-Time Password) required on delivery?
  • Does the driver take photos of your home? If so, where?
  • Does the driver leave packages at your doorstep?
  • Is It the same driver servicing each delivery?
  • Is a damage report raised for packages that appear to be tampered with?
  • Who's responsible for loss of goods during transit?
  • Does the driver personally Investigate when using the DNA?
  • Does the driver physically Inspect goods at the collection point?
  • Is there a non-tracking service available (good for the DNA method!)
  • Do they refuse to transport dangerous/hazardous goods?
  • Is It the carrier's choice to leave packages In a safe place at your home?
  • What action (If any) Is taken when you're not home to accept the delivery? 

In Conclusion:

As you've most likely realized, this Is a very In depth article and to be honest, It took a lot longer to write than what I Initially anticipated but the objective Is to provide you with the tools and know-how to effectively Identify how a company works, Inclusive of Its carrier service. And I think I've done that with a great degree of Importance and precision. 

Believe It or not, there's actually a lot more Involved than what's stated above, but I've made sure that every essential element has been covered, thereby you're set and ready to go with each and every SE. In closing, do remember that you're not working to meet any sort of deadline, so take all the time you need during your research and Information gathering sessions. All In all, It's not about how much Info you're able to collect, but Its "quality and whether It benefits your SE as a whole"