An Official Inquiry Into The Claim By The Company.
Let's face It, social engineering Isn't all sunshine and rainbows, It does have Its fair share of problems and even though you've researched your target to see precisely what you're up against as well as prepared your method to perfection based on your (researched) findings, you will predominantly face quite a few obstacles the moment your attack has been executed. Sure, you may be very familiar with the company you're SEing at the time, especially because you've hit them on a number of occasions In the past with minimal disruptions, but past events are not always an Indication of future happenings. In other words, "no two SEs are alike"- each one will differ to some degree. As such and In order to help ensure the SE works In your favor, It's up to you, the social engineer, to adapt to challenges and changes In a positive manner "as they happen In real time", and to keep It that way throughout the duration of your attack vector.
Now you may be thinking of the time when you social engineered one particular retailer and the rep/agent gave you a refund on the spot with no questions asked, however I can guarantee you that It won't be the case with every subsequent SE. There are many reasons why claims are Instantly approved- ranging from representatives who are brain-dead or have lost touch with reality, to those who simply couldn't care less about doing their job properly, hence are In a hurry to finalize their paperwork and head off home to relax. Wouldn't It be great If every SE succeeded within a few minutes of the execution? Unfortunately, It Is not so straightforward and It never will be, namely because you have very little to no control of how your claim will be handled and processed on the other end.
If you haven't worked out what I'm referring to by now, It's "company manipulation and exploitation", whereby you trick their reps to credit your account for the cost of the purchased Item, or get them to dispatch a replacement at no extra charge. For the most part, SE'ers on an Intermediate and advanced level, get the job done by (where applicable) pushing the representative to the absolute limit, until he finally succumbs to the pressure of the social engineer's strategic and calculated tactics. It Is all well and good under those circumstances when the SE'er Is In a position to call the shots by taking control and being In charge of all communications, but If an "Investigation" Is opened, you have absolutely no say In the matter. Basically and generally speaking, the only thing you can do, Is sit back and wait for their response- which will determine the next course of action required on your part.
I've personally come across (and still do), countless SE'ers who're clueless as to what an Investigation Is all about and why they've found themselves In that predicament and without the support from experienced fellow social engineers, their SE prematurely came to an end. That could've easily been avoided If the SE'er had sound knowledge of what an Investigation entails as a whole, and If you're reading this from the same standpoint, rest assured, I've got you covered. By the time you've finished absorbing every detail of this tutorial, you will have a clear understanding of "why Investigations are opened", the "different types of Investigations", "the methods that trigger them" and also "how to maximize the chance of success" during the closing stages of your claim. So without further delay, let's get this started.
What Is An Investigation?
Every time you social engineer with the Intention to get a refund or replacement Item, provided you've prepared your method against the nature of the Item and executed your attack without raising suspicion, the company In question Is under the Impression that It's a legit claim and as such, It will be processed with only a few requests here and there from the rep/agent. Now It's not to say that the SE will succeed- "that purely depends on your skill set, and whether you have the capacity to manipulate every obstacle that comes your way by leaving nothing to chance". What I am saying, Is that If you treat your SE on legitimate grounds to make It look as though you're not attempting to deceive the representative, then the probability of your actions being flagged as malicious, Is significantly reduced.
On the other hand, If things don't quite add up with what you've told the company compared to what they actually have on record, that's one of many reasons why they will "open an Investigation"- to see why your story doesn't match theirs, by gathering and piecing together all the Information relative to your claim prior to finalizing It. Things like checking your order with their warehouse team, speaking with the accounts/Invoicing department to Identify your "POP" (Proof Of Purchase) and communicating with the carrier to make sure there's no Inconsistencies with the weight of your package, are all part of their Investigation. Of course, there's a lot more that goes on behind closed doors, but It's way beyond the scope of this topic to go through the lot.
There are many SE'ers, who panic when they've been told that an Investigation Is In progress and as a result, they're at a loss as to how they should handle It on their end. Furthermore and depending on the method used In the SE, the need to file a "police report" Is a commonality with Investigations, which further adds to the SE'ers confusion. I can confidently say and assure you, that there's no cause for concern whatsoever. An Investigation as well as a police report, Is simply required to move forward with your claim, and nothing more. As a matter of fact, It's a good sign when It happens, namely because the rep has no evidence (as yet) to decline your claim. If he did, he would've already done It! So If you're asked to get a police report, go ahead and do It and be patient whilst they Investigate and assess your claim. In my experience the majority of Investigations work In favor of the SE'er.
An Internal Investigation Opened:
As mentioned above, a lot happens behind the scenes during an Investigation which Is completely unbeknownst to social engineers and an "Internal Investigation" Is part of the equation, which means that the company will check the activity of your claim within the confines of their very own environment. In other words (and for example), they'll have a look at when your order was placed, who was responsible for picking & packing It and also question their dispatch area to see precisely when your package left the warehouse. All this takes place Internally, with the objective of trying to establish what went wrong with your order and the steps needed to correct It thereafter. Do note that an Internal Investigation does not apply to each and every method you use, but rather only those that trigger It.
For Instance, If you've used the "DNA" (Did Not Arrive) method and said that the carrier did not deliver your package to your house, then that happened "externally", whereby the movements of the driver need to be Investigated, hence that's part of an "external Investigation" which I've covered In the next topic. To give you a good understanding of what generally happens with Internal Investigations, I'll use the "wrong Item received method" by saying that when you opened the box/package, the Item was different to the one that you originally purchased. Remember: This Is simply an example and not based on any specific circumstances. You've decided to SE a GHD Platinum hair straightener valued at 355.00$, and the wrong Item you'll be using (that you've already bought from the same company on a different account), Is a cheap Remington hair dryer that only costs 18.00$.
In the event they decide to check the weights against their Internal records, It's crucial that both Items match, so you've already made sure that they do. Your method Is prepared flawlessly by taking care of every angle that can possibly go wrong, thus It's ready to be executed against your target and due to leaving no room for error, you're expecting a favorable result. However, what you didn't know, Is that the company has "CCTV cameras" actively monitoring their packers as they're placing Items Into boxes In readiness for dispatch. When you've contacted them claiming that you received an Incorrect Item, they Immediately referred to their camera footage- which conclusively showed that "the correct Item was packed". You guessed It, your SE failed for obvious reasons. What you should've done from the start, Is "research the company" to see If they have cameras In their warehouse and If so, you'd opt for another method.
An External Investigation Opened:
This Is another type of Investigation that's almost certain to take place when using methods that justify It, such as the "missing Item" or "partial method", by saying that the Item(s) you've purchased was not In the box/package when the carrier delivered It to your premises. Evidently, other methods to the likes of the "DNA" and "boxing", also warrant an external Investigation but for the purpose of this tutorial, I'll be using the missing Item method as the example. "So what's this all about?". I'm glad you've asked! As opposed to an Internal Investigation that happens within the confines of the company (as documented In the above topic), an external Investigation Is when the company seeks and requests Information "from the carrier who serviced the delivery" (of the claim that they're currently assessing)- particularly the "weight of the package". More on this shortly.
Given there are so many companies who differ to some degree In the way they operate when processing claims, It's not possible to specifically comment on the lot, so what you're about to read, Is not related to any particular carrier. Okay, with regard to "methods that trigger an external Investigation" (you can read about this In the next topic), It's paramount that there's no Inconsistencies with the weight of the Item you're social engineering for the following reasons. Let's say you've used the "missing Item method" on something that weighs "800 grams". The company will contact the carrier to verify the weight that was recorded at their depot's weighing facilities- just before It was loaded Into the driver's van and delivered to your house. If your package was not "800 grams lighter", then your Item could not have been missing!
Put simply, the company used the weight of your Item at 800 grams, and compared It to the weight at the carrier's depot. "Both matched", hence your Item was enclosed In the package and your claim was Instantly declined. The same principle applies when using other methods- the weight Is the very first thing that Is checked. If what you've stated doesn't add up with the company's findings, then your SE will fail there and then- just like It did with the missing Item method above and the reason for that, Is because "800 grams" Is too heavy for the said method.
What you should have done, Is selected an Item that will not register a weight on consignment, therefore It won't be detected (when weighed) and the Investigation will be deemed Inconclusive. That's exactly why claims are approved after an Investigation- there's no evidence to prove you wrong. As a rule of thumb when using the missing Item/partial method, I recommend to not exceed "120 grams", and that's pushing It to Its absolute limit. If you work with "40-60 grams", It's been proven to have a very high success rate with any company, so where possible, use that range with your SEs.
Methods That Trigger Investigations:
Every method has Its pros and cons and as a social engineer yourself, you need to be aware of their advantages and of equal Importance, their disadvantages prior to choosing the Item you'd like to SE. For Instance, there are a number of methods that Inevitably "trigger an Investigation" and along with that, you may be asked to file a police report or perhaps sign & return an affidavit or a statutory declaration form. If you're not comfortable & confident with all that, It's Imperative that you're well acquainted with the methods responsible for getting you In that predicament and as such, you can make Informed decisions with your choice of methods.
Even If you don't have a problem with signing a stat dec, Inclusive of visiting your local police station to grab a report and persevering with lengthy Investigations, I strongly suggest to continue reading this topic- as there may be a few details that you haven't come across yet. Now this article has exceeded Its reading time by a lot more than what I Initially anticipated, thus I've limited everything to only a few lines or so. In total, there are "5 commonly used methods" that trigger Investigations, so let's rip Into It now.
The DNA Method
Short for "Did Not Arrive", the DNA Is used by SE'ers to say that the order that was placed and scheduled for delivery by the carrier, did not arrive at their premises. Because this Is predominantly a "carrier-based method" and due to the package (seemingly) not making Its way to the Intended destination, the whereabouts of the shipment must be established, therefore "an external Investigation" will be opened.
The Wrong Item Received Method
As you know, you use this by claiming that you've received a completely different Item to the one that you originally purchased. As a result, It suggests that It was either a "warehouse picking & packing error", or If the nature of the packaging Is suitable, "the manufacturer packed the Incorrect Item In the box". In terms of the former (warehouse error), It happened within the confines of the company, so an "Internal Investigation" will take place. The latter (manufacturer error) did not Involve the company, hence they'll proceed with an "external Investigation".
The Missing Item Method
Given this method has already been discussed a few paragraphs above, there's no point going over the same thing again. If your memory doesn't serve you correctly, It's simply used by saying that upon opening the package after It was delivered by the carrier, your Item was not enclosed. As per the wrong Item received method (above), this could be a "warehouse picking/packing error" or a "manufacturer error"- whereby an empty box (without the Item) was shipped to the supplier. Under the said circumstances, both an "Internal & external Investigation" will be opened by the company.
The Partial Method
If you're familiar with this method, you'd know that It's much of a muchness to the "missing Item method", meaning It's formulated and executed In a similar manner. The only difference Is, Instead of ordering a single Item and claim It was missing, you'd purchase multiple Items and say that one or more (of those Items) were not Included In the box/package when you received It. This solely Is the result of the storeperson(s) forgetting to pick & pack your goods, thus your order was "partially filled"- which Is why It's named the "partial method". Because the error occurred In the warehouse, It only relates to an "Internal Investigation".
The Boxing Method
The boxing method also known as the "box method" or "box" on Its own, Is when (for example) the company asks you to return your (seemingly) defective Item and they'll Issue a refund or replacement thereafter. Rather than doing that, you'll give the Impression that your Item was stolen In transit by cutting the box, and sealing It with different colored tape. If your Item Is extremely light and cannot be detected when weighed, you'd only send the box with nothing Inside. If It's quite heavy, you substitute the Item's weight by adding "dry Ice" so by the time the company receives your return, the dry Ice would've sublimated (turned from Its solid form to gas) and they'd receive an empty box. Given all the above happened during shipment, It warrants an "external Investigation" with the carrier.
In Conclusion:
What you've just had the pleasure of reading, covers all the Information you need to know about how and why companies open Investigations, and what to expect while they're In progress. You've also learned of the methods that trigger them, thereby you're well-Informed about the company's actions- namely If they'll open an Internal or external Investigation, or both. Do note that there are other methods that also trigger Investigations, such as the "LIT" (Lost In Transit), but due to their lack of popularity In the social engineering sector, I didn't see the need to Include them with the ones listed above. In closing, I'd like to reiterate that "an Investigation Is simply part of company protocol to move forward with your claim and nothing more", so there's no cause for concern.
:DISCLAIMER:
I DO NOT OWN THE RIGHTS TO THIS. THIS IS TAKEN FROM www.socialengineers.net/ GO CHECK HIS STUFF OUT TO BECOME A L33T SOCIAL ENGINEER!