Each and every social engineering attack, differs to some degree and also has Its fair share of complexities when hitting one company to the next for refunds and replacement Items. Be It SEing your local computer store that has only a handful of employees using the "missing Item method", by saying the Ram (memory) you ordered was not enclosed In the package when you opened It, or dealing with the largest eCommerce company named Amazon by executing the very same method, no two SEs are a carbon copy of each other- there will be some sort of variation In the way your claim Is handled and processed. Even If you've performed a couple of SEs on two online retailers who are very similar In nature, and you've strategically formulated the same method and approach, both will evaluate and finalize your claim differently- Inclusive of making your life difficult with Investigations opened, police reports to be filed and returned, or perhaps asking to sign an affidavit or statutory declaration.
The main reason they vary with their claims management process, Is because they have protocols In place which basically stipulates the steps that representatives need to take during their assessment, and also Includes the grounds on which claims are approved or declined. Now you may be thinking of the time your SE was Instantly approved with very little to no questions asked, hence you don't agree with everything you've just read. However, I'm talking about reps/agents who work strictly by the book and follow guidelines, and not those who're brain-dead or simply cannot be bothered doing their job as required by the company. Sure, there are many Instances when reps credit accounts on the spot within a few minutes of communicating with them- I'm not denying that In any way, but for the most part, expect to tackle quite a few obstacles from start to finish.
As a result, It's of the utmost Importance to "research" every facet of your SE In readiness for your attack vector. You cannot perform what I call a "blind SE", whereby If you've yet to social engineer a company, you'd have no Idea what you're up against and as such, your SE will come to an end before It had the chance to begin. How so, you ask? Well, do they have "CCTV cameras" actively monitoring their packing tables? "Who's responsible for loss of goods during transit?" Is an "OTP" (One-Time Password) required to accept your package? All these events have a significant negative Impact on the "missing Item/partial and wrong Item received method", the "boxing method" and finally the "DNA" (Did Not Arrive) method- respectively.
As you can see, hitting your SE without prior knowledge of how the company and their carrier partner operates, will be a complete waste of time and money. If you had've used your resources to thoroughly check, Identify and establish the above-mentioned details (and a heck of a lot more!), then you'd make Informed decisions when preparing your method, as well as selecting a compatible Item, which will ultimately support your attack right from the get-go. That's where I come In! In this article, I will cover the entire field of "social engineering researching", that would leave no stone unturned when gathering Information about how a particular entity Is structured.
It will Include (but no where near limited to) the way they function when managing claims and the series of events that take place before deciding on the outcome- to give you a refund/replacement or provide the good old stamp of disapproval- which will not happen when I'm around. I will also discuss "payment systems", and how to effectively Incorporate them Into your SE with the objective of maximizing the result to work In your favor. As you've most likely realized, this Is a very In depth article, so be sure to boil the kettle and have a few cups of coffee on hand- you're definitely going to need It! So without further delay, let's rip Into It beginning with "researching the company".
Researching The Company:
The first thing you need to do, Is navigate to their "terms and conditions" which can be accessed via a simple Google search, however there's no doubt that you'll be somewhat at a loss as to what type of details you should take on board. Rest assured, I've got you covered. What you're about to read, Is purposely based on general terms- with the Intention to fulfill your Information gathering session with every company you're looking to SE. Everything Is titled according to Its respective topic, that makes It very easy to follow and comprehend.
On What Grounds Are Replacements Issued?
Every company varies with their replacement policy, so you need to Identify the time frame on which you can claim for your Item to be replaced. Some have a 10-day or 20-day (or more) policy from the time your Item was delivered/Invoiced. Also, checkout "the reasons required to warrant a replacement", such as faulty/nonfunctional Items and accidental damage. The latter (accidental damage) Is very Important from an SE'ers standpoint because If you're claiming as such, you must specify that It was In fact an accident, and not done on purpose. Also establish If It's a "like-for-like" replacement, meaning another Item of the same type.
When Do Refunds Get Issued?
The "principle" on which refunds are given, Is quite similar to replacements as stated above. Though, there are a few major differences and requirements In the way they're processed. For example, some companies ask for a "POD" (Proof Of Destruction) by sending them an Image or video of the product being destroyed, while others request the Item be returned "In Its original unused package/box" as per the manufacturer's state. Also, some companies do not accept returns on certain products like food, health & beauty and cleaning supplies, so keep this In mind when researching the one you'll be SEing.
Do They Offer Advanced Replacements?
Often abbreviated as "AR", an "Advanced Replacement" Is when the company will send you a replacement Item, before you return the one that was purchased from them that's (seemingly) defective. When you receive their replacement, you're supposed to send the defective one back. Evidently, being the social engineer that you are, you'll do nothing of the sort but rather (for example) "box them" by using the boxing method. Of course, there are many other ways to avoid returning your Item, but It's beyond the scope of this topic to detail the lot. For your reference, "HP" and "Dell" offer advanced replacements- with Dell defining It as "Advanced Exchange", which basically serves the same purpose.
Do They Bill You When The Item Is Not Returned?
Further to the above topic pertaining to an "AR", you'll find that the majority of companies who offer advanced replacements, will actually bill/debit your account If you don't return the defective Item. Do remember that the Item Is not faulty- you're only claiming It Is for the Intention to SE. HP Is one of a handful of companies that bills accounts, meaning you have 15 days to return It and If you don't, they will withdraw the funds from the account that was used to purchase the original Item. You shouldn't have any difficulty finding this In the company's terms- If they offer ARs, chances are It will be written under a heading/subheading.
How Long Is The Warranty Period?
This may seem like It's pretty much stating the obvious, but warranty (or "guarantee") periods do differ from one company to another, and It can also depend on the nature of the Item- even when It relates to the very same company. For example, Amazon's "Fire Tablets have a one-year warranty" whilst their "LED light bulbs are covered for 3 years". Essentially, they're from the same store (Amazon), but both Items have a different warranty period. In terms of another store, specifically "John Lewis", It has a two-year warranty for their laptop & desktop computers. So when formulating your SE, check the company's website to make sure you're well and truly covered.
Do They Repair Or Replace The Item?
This predominantly pertains to Items that you're SEing for a "replacement". I've actually personally experienced this many years ago, when I (seemingly) returned a DVD player to be replaced, only to find that the company's policy was to "repair It" while It's still within their warranty period. If you're social engineering for a replacement by "boxing the company", you'd obviously want another one sent out, thus If they only repair and not replace, then your SE Is pointless. Although this Is not common at all, there are companies like "ASSOS" (not "ASOS") who service their customers In this ridiculous manner from time to time, hence the Importance to be well aware of It beforehand.
How Can The Company Be Contacted?
Every SEer has their strengths and weaknesses, whereby some have the gift of the gab and have no Issues "communicating In real time over the phone", while others are quite the opposite, therefore their preferred gateway Is "via email"- having all the time In the world to think of the appropriate reply before responding to the representative. Where available, "Live Chat" also favors some SE'ers, namely those who're quite confident and responsive when translating their thoughts onto the computer keyboard. Moreover, some companies have their automated bots who Instantly Issue refunds for low value Items over Live Chat, so taking everything Into consideration, you can clearly see why the contact options are an Integral part of every SE.
Do They Have CCTV Cameras In Place?
If you've never SEd a particular company and you're planning to use the "missing Item/partial" or perhaps the "wrong Item received method", It's crucial to establish If they have "CCTV cameras" In operation that actively monitor their warehouse picking & packing procedures. If so, It's almost guaranteed that your SE will come to an end not long after you've submitted your claim. The reason, Is because the company will refer to their CCTV footage, and deem that your Item was In fact picked, packed and dispatched correctly when using the said methods. Identifying If cameras are In place, will not be found In their terms, so you'd need to seek alternative measures to get the Information- such as doing a practice run or asking fellow SE'ers.
Check The Type Of Carriers Used
With regard to using the DNA (Did Not Arrive Method), It's paramount to have sound knowledge of the "carriers that service the company's deliveries"- specifically to determine what type of verification (If any), Is required when accepting packages at your premises. For Instance, a carrier named "DPD" who's partnered with Amazon, ASOS and a few others, tends to take photos of the drop off point (being your home), and uses It to mark their consignments as successfully delivered. If you're not already aware of It, It can complicate the SE to the point of It prematurely coming to an end. Other things to look for when receiving your goods, Is "signatures" and an "OTP" (One-Time Password).
Does The Company Respond To PayPal Disputes/Claims?
Let's face It, social engineering Isn't all sunshine and rainbows. You may have researched everything there Is to know about your target, formulated your method based on your (researched) findings and executed your attack by leaving nothing to chance, however due to circumstances beyond your control, It can fail at the best of times. When this happens and the company refuses to budge with their decision to decline your claim, you can "file a dispute with PayPal and then escalate It to a claim".
The Intention Is for PayPal to reverse the transaction and credit your account for the cost of the purchase Item. In order to do that, they'll contact the company and collect details about your claim, but "some companies do not respond to PayPal disputes/claims", which means that your SE will finalize In your favor. There's no direct gateway to Identify If a given company liaises with PayPal, so If you're part of an SEing community (forum/board, Discord etc) see If other SEers have dealt with companies that do not reply to requests from PayPal.
Researching The Carrier:
Once you've familiarized yourself with the Ins and outs of the company you're planning to SE, the next step Is to Identify the "carriers" they use to deliver packages to your house. Notice how I've quoted "carriers" In Its plural form? That because some companies dispatch a given carrier based on where you're located, meaning they utilize more than just the one partner. A prime example of this, Is Amazon- which you can see for yourself right here. Now I'm not suggesting that they all operate In this fashion, but rather to make a mental note of It when researching their terms. Speaking of researching, let's get cracking with the type of details to take on board. For the most part, everything relates to the DNA and the boxing method.
Is An OTP Required On Delivery?
If (for example) you happen to be SEing a high value Item, such as a TAG Heuer Men's watch from Amazon that retails for around $10,000 by using the DNA method, an "OTP" (One-Time Password) will most likely be required to verify that the package not only made Its way to the correct address, but was also "personally received by yourself (the SE'er) or another authorized recipient". What this means, Is that the OTP will be sent to your cell phone or email address and when the driver arrives, you must tell him the password to accept your package. If you don't give the OTP, he has every right to mark the consignment as undelivered. You will be told In advance If an OTP Is necessary.
Does The Driver Accept Signatures?
Although this Is part of just about every carrier's policy to request a signature on delivery, I've personally experienced countless drivers who either leave packages unattended at the doorstep, or sign their hand-held device themselves. When this happens, they've basically DNA'd themselves, thereby the SE Is already over 75% complete without even contacting the company claiming the package didn't arrive. How so, you ask? Well, there Is no evidence to conclude that "you personally received your package"- It only marks It delivered to your "address", and anything could've happened to It- a passerby stole It, or perhaps your neighbor or the driver himself did the same thing. If you're not sure If a signature Is required, ask your fellow SE'ers who've dealt with the carrier In question.
Are Photos Taken At The Premises?
Every carrier company, Irrespective of Its size, has one thing In common- and that's the procedure they use when delivering packages to and from destinations. As handling requirements Inevitably change due to unforeseen circumstances, so too do their protocols and as such, they must comply with the new measures that have been Implemented Into their policy. For example, a nasty virus named "Corona" hit the entire globe In 2019 and because It was contagious by physical contact, many carriers were forced to seek alternatives to signatures as proof of delivery. One option that "DPD" took on board, was to "take photos of the package either left at the doorstep, or at the entryway of the home". The company then uses the "photographic evidence" to verify their shipments. If It's the case with your SE, checkout my guide on how to circumvent photo authentication.
Does The Driver Personally Investigate?
Despite the fact that this Is not a regular occurrence, a lot of social engineers are somewhat reluctant to use the DNA method due to the possibility of the "carrier driver repeatedly calling their cell phone, or visiting their home and knocking at the door" asking questions about why they've said their package wasn't delivered. It's all well and good If you live alone- simply don't pickup the phone or refuse to answer the door but If It's your parent's house, It can become a very nasty situation. Unfortunately, there are no hard and fast rules as to how you can check If the driver personally Investigates but what you can do, Is hit a practice run (trial SE). This will give you a very accurate Indication of what to expect when your real SE Is executed.
Is It The Same Driver For Each Delivery?
One of the biggest mistakes that many SE'ers make when using the DNA method, Is to "form some sort of personal relationship with the carrier driver who regularly delivers their goods". Because drivers have a scheduled delivery run each and every day and on the grounds your purchases are consistent/frequent, It's very likely that the same person will be dropping off your packages. As a result, It's Inevitable that some type of connection will be established between yourself and the driver, and even If It's only by name, It will build an element of trust. Essentially, claiming the DNA too many times may cause the driver to lose his job, and he'll know that you're the one responsible for It. If you're on a mutual level with the driver, respect his/her position and do not claim the DNA method.
Does The Carrier Accept Dangerous Goods?
When using the "leaking battery method" whereby upon receiving your Item, you've contacted the company and told the rep/agent that the battery was leaking the moment the box/packaging was opened, he'll ask you to return It and Issue a refund/replacement thereafter. Obviously, there's nothing wrong with your Item, but you're stating otherwise for SEing purposes. Moreover, you have no Intention to send It back, hence a very effective way to avoid doing so, Is to "make sure the carrier does not accept dangerous or hazardous goods". This can easily be determined by checking the terms and conditions on their website.
Does The Carrier Inspect Goods On Pickup?
When using (for example) the "faulty Item method", by saying that the Item you've purchased & received Is not working as per Its factory state, the representative will go through a few troubleshooting steps to try and figure out the defect. After he's satisfied that It's not functioning, he'll Issue a refund/replacement but "only when your (seemingly) broken Item Is returned". This Is not a problem at all- you can use the boxing method to bypass their request, however some companies actually "arrange the carrier to pickup the package from your home", and also ask you to leave It open so the driver can "Inspect the goods" prior to transporting the shipment. This can ruin the entire SE, so If It's the case with yourself, use a method that does not warrant a return- such as the "DNA" or the "missing Item/partial" method.
Does The Driver Leave Packages At A Safe Place?
This can relate to both online retailers & carrier companies, but there's no point In repeating myself, so I've decided to place It In this (Researching The Carrier) topic. In the event you're not home to accept your delivery, the driver will leave the package "In a safe place" either at your premises or with your neighbor. Generally speaking, a safe place Is defined as a location within the confines of your property that's secure and protected from damage and most Importantly, theft. Many SE'ers use this to their advantage with the DNA method by claiming the package was stolen, but there's one crucial element that they overlook. If It's "yourself" who Instructs the company/carrier to leave It In a safe place, then "you are responsible for loss of goods", therefore the DNA will fail there and then. On the other hand, "If the company/carrier makes the decision, they're held accountable". It's pretty much self-explanatory, so I don't need to elaborate further.
Does The Carrier Offer A Non-Tracking Service?
As an Intermediate or advanced social engineer, you should be well aware that companies who utilize a carrier to service their deliveries, predominantly use "tracking Information" to keep an eye on their consignments as they travel through their network, and ultimately mark each one as delivered when It reaches Its destination. Even though tracking cannot be used to verify deliveries namely for the fact that It only concludes the package was sent to the "Address" and not "personally received by the SE'er", If tracking can be avoided altogether, It will be one less thing to deal with during a given SE. Some carriers, such as Royal Mail, have the option of a "non-tracking service", which will allow you to use the DNA method to Its full potential. Always check If the carrier that's delivering your goods, can do so without tracking.
Researching The Payment System:
Now that you're well-Informed about how companies and their carrier partners operate when dispatching goods and processing claims, the next port of call Is to have sound knowledge of various types of "payment systems" that're commonly used by social engineers on every level. Many SEers opt for a particular payment method solely for reasons of convenience, but unbeknownst to them, there's a lot more to It than simply performing a given transaction. Did you know that you can "rescue a failed SE with PayPal or your credit card provider?". If not, then this tutorial Is for you! There's only a handful of payment systems (often) utilized In the SEing sector, so what you're about to read Is not an exhaustive list, but It's paramount to take every detail on board. So let's begin with PayPal.
Filing A PayPal Dispute/Claim
The main reason why SEers use PayPal as their preferred payment system, Is because It protects their purchases by offering "Buyer Protection". Essentially, In the event the SE fails, the social engineer will file a "dispute" through PayPal's Resolution Center, and It will then get escalated to a "claim". At this point, PayPal takes over by contacting the company and grabs all details of relevance. They'll assess the claim In an Impartial and unbiased fashion, and If you've covered your SE by not raising suspicion, the transaction on your credit card (or otherwise) will be reversed. Do note that there's only a couple of things that you can claim- being the "DNA" and "wrong Item received". PayPal lists these respectively as "INR" (Item Not Received) and "SNAD" (Significantly Not As Described). You can find all this Information and more, by navigating to PayPal's terms & conditions.
Hitting A Credit Card Chargeback
Although a "chargeback" Is often viewed as being related to PayPal, this Is In fact performed by contacting your credit card provider to request a refund. In other words, the buyer (you as the "social engineer") asks your credit card provider to reverse the charge on the account- similar to how PayPal operates as said In the above paragraph. They will then get In touch with PayPal and ask for further Information, such as (but not limited to) proof of purchase, shipment details, communications between buyer & seller, transaction Info and the list goes on. In case you're also asked to provide details, It's vital to have all this and more, at your disposal before Initiating a chargeback. PayPal will forward everything to the credit card provider, who will review It and the good thing about It, Is that "they will have the final say on your refund- even If PayPal Initially declined It". To start a chargeback, research your credit card provider's terms to see their requirements and contact them thereafter.
Performing A Bank Reversal
Not every social engineer has the luxury of owning a credit card to their name, and If you're part of this equation and want to hit a chargeback, there Is an alternative named a "bank reversal"- that serves the exact same purpose as a credit card. The only difference, Is that the request Is made to your "financial Institution" (meaning your bank and the like), and they will assess your claim and ultimately decide If a refund Is warranted- which will not be an Issue "If there's no Inconsistencies with your SE, as well as the details you've provided as Instructed by your bank". I'd like to point out, that both chargebacks & bank reversals "should only be used when all else fails". That Is, when your SE has come to an end and you've exhausted every option to try and rescue It to no avail, that's when you opt for a chargeback/bank reversal.
Using A Virtual Credit Card
One of the best ways to help stop companies from debiting your account, Is to use what's called a "Virtual Credit Card", which Is often abbreviated as "VCC". Put simply, unlike your normal plastic credit card that's used to buy stuff at your local mall by Inserting or swiping It In the machine, a VCC Is quite the opposite- It's not a physical card, but rather "some random number that's generated by the virtual credit card provider". In other words, It's just a temporary 16-digit number that comes with an expiry date, and a Card Verification Value ("CVV"), much the same as what you see on your real credit card. Given a virtual credit card Is a "disposable card", you can cancel It at anytime, thus prevent funds being withdrawn from your bank account. "There's a lot more to It than this", but It's not possible to cater for each and every detail In a single topic. There are quite a few VCC providers online, so be sure to perform an In depth research prior to making your selection.
A Section 75 Claim
This Is rarely discussed and utilized In the art of company manipulation and exploitation, but "If you're reading this as a resident In the UK", I suggest to absorb every word from this point onwards. From a legit standpoint, In the event a particular store/retailer all of a sudden goes bankrupt and closes Its doors for good, a "Section 75" allows you to file a claim for a refund with your credit card provider, regardless If the company that you've purchased from Is no longer trading. A Section 75 Is basically a law In the UK that protects Its consumers, by forcing their credit card company to reimburse funds when businesses shut down without paying the money they owe to their customers.
In order to qualify for a Section 75 claim, purchases must be over £100 and not greater than £30,000. Now "from a social engineering viewpoint", you can make a claim If you did not receive your Items, hence the "DNA method" comes Into action. Furthermore, If you ordered something and received a totally different Item, you're also covered for that- therefore you can use the "wrong Item received method" with a Section 75 claim. There's a lot more perks that you can put to your advantage, so do take the time to research everything In detail.
Researching The Item & Method:
You've now reached the stage where you need to start preparing your SE, by "researching the Item" that you're planning to get a refund or replacement from a given online retailer. You will then "research and formulate your method" based on the Information that was collected about your Item and your attack vector will be ready to execute thereafter. Given that "Items & methods" work hand In hand, I've combined both In this topic, thus they will be collectively discussed In each of the headings below. In simple terms, I will demonstrate "the type of details that you need to obtain about your Item", and show you "how and why It relates to Its respective method(s)". So without further ado, let's get this started.
Locating The Item Weight
The moment you've chosen the Item you're looking to SE, the very first thing that must be done before even thinking about your next move, Is to "grab Its precise weight"- as this will determine whether or not you can use two particular methods that are weight-specific, namely the missing Item method and the partial method. If It's light enough (under 120 grams) to not register a weight on consignment, then you can go ahead and utilize either of the two methods, by following my guide In the above links. If It's too heavy and stating the obvious, you'd need to choose another method that can accommodate the weight, such as the DNA (Did Not Arrive).
Do note that In this particular case, "you're only SEing the Item" and not the box that It's packaged In by the manufacturer, so you need to only locate the "Item (net) weight". It's not a problem If you have scales at home, but not everyone has one at their disposal, therefore you'd need to hit a Google search- which can be an arduous task at the best of times. To save you the hassle of aimlessly navigating online, go to "Amazon's website" and use their search function to see If your Item Is listed. They have an extensive range of goods, so you'll more than likely locate It and when you do, scroll a little further down the page until you see "Product Information". In almost all Instances, the "Item Weight" (under that very same title) will be available.
Locating The Shipping Weight
Further to the above topic pertaining to the Item weight, there are times when you need to use the "shipping weight", also known as the "gross weight", with the missing Item and partial method, specifically when claiming that the entire contents (packaging/box & Item) was missing In your consignment. This Is due to a "warehouse error", whereby the storeperson who picked your order from their Inventory of stock, did not pick & pack the Item(s) you're SEing. Naturally, you did receive your goods In full, but you're stating otherwise for social engineering purposes.
Evidently, there are many other methods that rely on the shipping weight (and also the Item weight), but to keep things simple, I've only referred to the missing Item & partial. In contrast to locating the Item weight via Amazon with Incredible ease, the same cannot be said when searching online for the "shipping weight". A lot of SE'ers have difficulties with their attempts to find It on the Internet, and rightly so- websites that list It are few and far between. That being said, I stumbled across this site that has the shipping weight for every Item listed for sale. It can be found under "Specifications" towards the bottom of the page.
Taking Note Of The Item Dimensions
For one reason or another, social engineers of all shapes and sizes (Including those on an advanced level), neglect to take the "Item dimensions" Into account when formulating a given method that's size-dependent. Allow me to elaborate on this, by using the boxing method as the example. The objective of this method, Is to circumvent the need to send your Item back as requested by the representative and to do that, you make the box/package appear as though It was tampered with during transit- by cutting It on one side and sealing It with different colored tape. If your Item Is extremely light, you'd send an empty box but If It's heavy enough to register a weight, you'd add "dry Ice" to substitute your original Item.
When the company receives your return, they'll see that It's been taped and assume that your Item was stolen at some stage during shipment, and If all goes well, a refund or replacement will be forthcoming. Now If you don't take the Item dimensions Into consideration and "SE something that's too large", signs of tampering will be Instantly noticed by the carrier driver at the collection point, hence they'll release themselves from liability- meaning you're the one who's responsible for the Inconsistencies on the box/packaging and your SE will fail there and then. It's not hard to find the dimensions- Amazon, and just about every other online retailer has It on their website.
Identify The Packaging
If you're a dedicated reader of this blog, you would've noticed that In many articles, I continue to mention that "the method Is (predominantly) based on the nature of the Item", and In terms of Its packaging, this guide Is certainly no exception. This Is very Important when using methods that rely on the Item's packaging to succeed- two of which, are the sealed box method and the "missing Item manufacturer method". I'll first briefly discuss the former and then move onto the latter. The Intention of the "sealed box method", Is to purchase a product that (obviously) comes In a box, then take the original Item out and replace It with anything of equal weight that you have lying around the house.
You'd then pack It as per Its factory state- paying careful attention to not damage the seal, or any other part of the box. When you return It, the company will see that It's not damaged and believe that the original Item Is enclosed, then they'll place It back Into stock. Your claim will be approved thereafter. With regard to the "missing Item manufacturer method", you say that you've received the box and upon opening It, nothing was Inside. This Is the result of a "manufacturer error", whereby they did not pack the Item, and only sent the box to their supplier, which resulted In being dispatched to yourself.
Of course, all of this did not happen- you're simply fabricating the events for SEing purposes. As with the sealed box method, this will also have a successful outcome, however to ensure the SE works In your favor, It's vital that the box Is fully packaged In cardboard on all six sides and without clear film on any angle. "Why Is that", you ask? Well, If the Internal contents can be viewed externally without opening Its box/packaging, the rep will Immediately notice a discrepancy and your SE will be declined on the spot. So when using the above-mentioned methods, "be sure there's no transparency with the design of the box".
Take Note Of Identifiable Details
There's no doubt that social engineering companies for refunds and replacement Items has Its fair share of risks, thus It's paramount to protect your SEing activities by not raising suspicion with every action and event that takes place. That's the "company side of things", where you've successfully SEd a given Item and your claim was finalized without the need for further Intervention by the representative. But If you've received a "replacement" Instead of the refund you were hoping for, you'd want to get the cash In some other way- namely selling It to someone online. Now If you're not careful with "the nature of the Item that you've listed for sale" and you've used your real credentials to SE It, then there's every chance that It will be personally linked to you.
For Instance, let's say you've SEd a cell phone, whether It's an Android or IPhone, makes no difference whatsoever. You've decided to put It on Craigslist for a cost that's less than Its recommended retail price and as such, someone noticed It as a bargain and sealed the deal by paying the amount In full. You were happy and content that both the sale and transaction ran smoothly, however unbeknownst to you, "the company that you SEd, placed the IMEI In a pool of blacklisted numbers" and when the buyer tried to activate It with quite a few phone carriers, It was Instantly declined.
He then contacted you demanding an explanation, which led to heated arguments and threats that you certainly did not want to eventuate. The moral of the story Is, "take precautionary measures with Items that contain some type of unique details that may potentially be personally associated to you", especially If you're planning to sell your goods after the SE. What you should typically research Is (as per above) products that have IMEI numbers and also serial numbers that're commonly a part of technology devices and the like. If you're going to list them for sale, do so by SEing under a fake account to begin with, and do the same (fake Info) when advertising them on the Internet.
Take Note Of The Nature Of The Item
As you're aware after reading the Identify The Packaging subheading above, apart from a couple of traditional methods such as the DNA and the wrong Item received, "the method Is always based on the nature of the Item that you'll be SEing". You cannot select any method that comes to mind, and expect to formulate It to perfection with a given Item. Sure, representatives who have very little to no brain cells left tend to approve claims by neglecting to follow company protocol, however you'll find that the majority of times, they do In fact assess and process claims as stipulated In their guidelines. For this very reason and to give your SE the best chance of success, It's of the utmost Importance to "take note of every facet that your Item entails".
I'll explain It In layman's terms, with a few examples that're very easy to follow and comprehend. If you're opting to social engineer a laptop, because It contains a battery, you can use the leaking battery method. Or may be you'd like to refund a Bose Home Speaker 500 and listen to your favorite music. Due to Its nature, It will contain a serial number so as you've most likely guessed, you'll put the serial number method Into action. But what If you're going to SE AirPods Pro and (given they do have a serial number), you're the type of SE'er who's not confident with using the serial number method? Well, If you've research their weight and dimensions, you'd realize that they're small and light enough to use the boxing method, or alternatively, the missing Item method Is also well-suited. As you can see, "researching the Item Is a mandatory requirement to select the appropriate method".
In Conclusion:
After reading this entire article, you've learned that "researching plays an Integral role with every social engineering event", and have also realized that SEing Is not as simple as blindly targeting a company and choosing any random method against the Item In question. The same can be said for your payment system. It extends a lot further than all that, hence this "Comprehensive Handbook Of SEing Researching", contains everything you need to effectively manipulate your target In a strategic and calculated manner that will maximize the likelihood of a successful outcome. Obviously, not every topic and subheading will apply to your SEing environment, so pick and choose those that are relative to your circumstances- for both current and subsequent SEs.
