Without a shadow of a doubt, social engineering online stores that operate on a large scale to the likes of Zalando, Nike, Amazon, John Lewis etc, takes an exceptional set of skills to manipulate their representatives Into performing actions that they're not supposed to do - namely credit accounts with refunds, or Issue replacement Items at their expense. The reason being, they all have various protocols In place when assessing claims and one wrong move with the attack vector, can cause the SE to prematurely come to an end.
For Instance, If the sealed box method Is used, whereby the original Item Is replaced with anything of equal weight and the SE'er didn't take extra care to reseal It to perfection as per Its factory state, there's a high possibility the return will be checked. As a result, the Inconsistency with Its packaging will Indicate signs of tampering, thus the request for a refund will be declined. The same can be said for the wrong Item received method. In order to achieve a favourable outcome, It's Imperative the wrong Item Itself, Is purchased from the same company, on a different account and sent to another address that's not associated to the social engineer.
If any one of those elements (company, account, address) Is not applied, It's almost guaranteed the SE will come to an end In the early stages of the claim's evaluation. It's not only methods that can be problematic, but certain types of "products" also cause some degree of difficulty, such as a computer monitor that's expected to be returned for a replacement - due to Its size & weight, circumventing the need to send It back, Is an arduous process. The "boxing method" Is obviously out of the question (more on this later), and forget about using the flawed so-called FTID garbage - It's a complete waste of time and effort. Many other methods are Incompatible as well.
Essentially, It basically leaves only one suitable method for the monitor, being the disposed of the faulty Item, which Is not an easy task - It requires pushing the rep/agent to breaking point for any chance of success, and If the SE'er does not remain adamant throughout the entire attack, that too can prematurely fail. As you can see pertaining to every approach and strategy you've read thus far, "Item and method formulation" (meaning selecting a method that's perfectly suited to the nature of the Item), must be done by leaving no room for error, but there's one particular product that can be SEd with Incredible ease - specifically "sunglasses".
Provided the sunglasses are chosen accordingly, It's very simple to SE them, for the fact that they're small, extremely light and there's a number of compatible methods to choose from - which can be performed by SE'ers of all shapes and sizes. Having said that, I continue to come across social engineers on Internet forums and Discord servers who, for one reason or another, experience major Issues when trying to put together their SE. If you're part of the same equation, rest assured, I've got you covered.
What you will learn today, Is how to social engineer men's & ladies sunglasses by using "three of the very best methods" that I've personally handpicked, as well as the Importance of "selecting the appropriate weight". To finish off this article, I've discussed "what to look out for when SEing sunglasses" - as having such knowledge, will prepare you to handle each event with minimal complications. Okay, without further ado, let's make a start with the "Methods to SE sunglasses".
Methods To SE Sunglasses
Each and every traditional method used In today's world of "company manipulation and exploitation" Is structured and designed to serve Its very own purpose, therefore It's paramount to have the ability to Identify, select, understand, and utilize a given method to Its full potential against the product you're planning to SE - In this case, "sunglasses". As a result, It will significantly help the SE to run smoothly right from the get-go, and continue to head In the right direction until the claim Is ultimately approved with a refund or replacement.
Before I Introduce you to "three methods that will ensure a successful outcome on almost every occasion", I'll briefly explain the objective of methods In general - as I'm sure there are a lot of SE'ers reading this post from a beginner's perspective, with very little to no experience In the SEing sector. Here's how methods are made to operate. When you've selected the company you'd like to SE and researched their terms & conditions, the next step Is to create a "strategy" on how you're going to execute the attack and manipulate their representatives afterwards.
That Is, you need a "plan" that will be used to guide your SE from beginning to end. The "plan" Is the "method" and without It, your SE cannot (and will not) make a start. Allow me to provide an analogy that you can relate to. Let's say you've purchased an entertainment unit from IKEA, that comes with shelves, draws, cabinets etc, In Its collapsed form. In order to put It together and complete your project, you'd need the "assembly Instructions" and If It happens to be missing or belongs to another unit, the job cannot be done.
The very same principle applies to social engineering. In the above scenario, the "assembly Instructions" Is the "method", and when translated Into an attack vector, It supports what you're aiming to achieve - preferably a refund generated Into your account. Makes sense? Good! Now that you have a pretty good Idea of the way methods fulfil their role, you're ready to go with formulating "three of the very best" with your favorite pair of sunglasses, so we'll begin with the good ol' "missing Item method".
The Missing Item Method
From an SEing viewpoint, the logic behind opting for the missing Item method, Is due to the weight of (selected) sunglasses being extremely light, but "there Is a weight limit that must be Implemented with every SE". You'll see what I mean shortly. So what exactly Is the missing Item method? I'm glad you asked! As Its name Implies, It's used to say that the Item ordered from an online retailer, was missing when the package/box was opened after the carrier driver delivered It. For example, we'll pretend you bought a pair of Polaroid sunglasses weighing around 22 grams from a fashion company called Zalando, and had It sent to your home by one of their carrier partners.
Upon "opening the"box/case", you'd contact Zalando and tell them nothing was Inside, meaning the sunglasses Itself were missing - with the Intention to SE them for a refund or a replacement. Alternatively, you can say the "package was opened" and It was empty - the box/case and the glasses were not there. Of course, you did receive them, but you're stating otherwise for SEing purposes. Now unless the rep/agent Is brain-dead and approves the claim on the spot, there's every chance the company will open an Investigation, and liaise with the carrier who serviced your delivery.
What they specifically check Is the "weight" recorded at the carrier's weighing facilities - to establish whether the sunglasses were enclosed In the package. But because they're as light as a feather, they bypassed detection, therefore there was no evidence to suggest they were In the package, and the claim was finalized In the SE'ers favor. That's what makes the missing Item method so effective - when the weight of the sunglasses (more on this a little further down the page) Is correctly applied with the method's formulation, It's Impossible for the company/carrier to prove they were Included In the shipment! Another method that's just as powerful Is "the partial method", which brings me to the next topic.
The Partial Method
Given you've just read about the missing Item method, you'll have no problem relating to what the "partial method" entails, namely because It works on a similar concept, but with a slight variation In how It's executed. Also known as "partial", this method pertains to ordering a bunch of Items from an online store, but claiming that your order was "partially filled" when you received It. In other words and as an example, 5 Items were purchased, but only 3 or 4 of those Items were received. Essentially, one or two were missing - depending on the amount you choose to SE.
It's performed almost the same as the missing Item method, but Instead of buying one product and SEing that alone, you "purchase multiple Items on the same shipment", and then contact the rep and Inform him that one or more were not In the box/package when you opened It. As with the missing Item method, every product you'll be SEing, must be light enough to not register a weight on consignment. Confused?, Don't worry, I've discussed this In the next (main) topic titled "Selecting The Appropriate Weight".
Here's a brief example of how the partial method Is used. I'll be referencing the SE'er from a third-person point of view, and not yourself. He's placed an order for 6 Items In total, two of which are Ray-Ban Justin Rectangular Sunglasses with a weight of 29 grams each - this Is what he'll be SEing, both pairs of sunglasses. When his delivery arrived, the SE'er waited for 20-30 minutes, and then called the company explaining that the sunglasses were not In the package. As expected, an Investigation was opened to determine why there was a discrepancy with the dispatched and received goods.
The SE'er Is well aware that an Investigation Is simply part of their protocol to move forward with the claim, so there's no cause for concern. Due to both pairs of sunglasses weighing next to nothing, the claim specialist team could not pinpoint If there was a variance In weight with the entire package, thus their findings of the Investigation was Inconclusive.
As a result, they had no evidence to decline the claim, hence a refund for both pairs of sunglasses was Issued Into the SE'ers account. This clearly displays why I fully recommend the "partial method" (as well as the others mentioned) when SEing sunglasses. But It doesn't stop here! There's one more I'd like to discuss named the "boxing method".
The Boxing Method
There are many ways the "boxing method" can be performed, but for the purpose of this tutorial, I'll demonstrate only the one as follows. Also known as "box" on Its own, the method Is used by purchasing a product (In this case, "sunglasses") and after the carrier drops It off at your address, you'd call the representative and tell him they're broken, or one of the lenses Is scratched (or whatever else you can think of that warrants a refund/replacement). Naturally the glasses are fine, but you're saying they're not, to get another pair free of charge or your money back.
For the most part, the rep won't take your word for It, but rather ask to return them and that's when the "boxing method" comes Into action, by sending only the box with nothing Inside. The objective of this method, Is to make the box appear as though It was tampered with In transit, and someone (apparently) stole the sunglasses before the package was delivered to the company. However, this Is not as easy as It sounds - a certain approach must be applied when you prepare to send It back and If It's not done correctly, there's every chance the SE will fail.
The best technique to show signs of tampering, Is to cut the box on one side, preferably somewhere underneath where It's not likely to be noticed during shipment, and then seal It with different colored tape. Also, don't make It too obvious - If the carrier catches sight of It at the collection point, a damage report will be raised, thereby It'll release them from liability and put the responsibility on you! Moving forward, when the company receives the package, they'll see It's been altered from Its original condition and be under the Impression that someone did In fact steal your sunglasses.
Even If the consignment's weight Is cross-checked with the carrier, It's pretty much useless - as you know, the sunglasses circumvent detection, which Is why the boxing method has a very high success rate when formulated as described In this topic. Taking all the said events Into consideration, the company will have no choice but to refund your account or (If you prefer), dispatch replacement sunglasses. Evidently, all that will not be possible If you didn't calculate the "weight" accordingly, so we'll check out how to select the appropriate weight next.
Selecting The Appropriate Weight
Although sunglasses are generally quite light, there are many brands that're a lot heavier than others, thus they cannot be used with the "missing Item" and "partial method" - their weight will be picked up when the package Is weighed at the carrier's depot (or otherwise), and your SE will come to an end. In terms of the "boxing method", the only way It will work with heavy sunglasses, Is to use dry Ice to substitute them, meaning you send that (dry Ice) Instead of the sunglasses. If you're Interested In how to apply It, be sure to read my guide. However, this tutorial doesn't Involve dry Ice, so I won't be discussing It.
If you haven't already realized, "the weight of the Item" plays an Integral role In ensuring the missing Item and partial method serve their purpose. That Is, the product should not be detected when the package Is weighed at any stage from the time of dispatch, to when It's travelling through the carrier's network and finally arriving at Its destination - your home, drop house or any other location used to accept the delivery. Now If you're a regular reader of this blog, you'd see that I always suggest the Item not to exceed "120 grams", and that's pushing It to Its absolute limit.
You'll find that the majority of sunglasses are within the 120 gram weight bracket, such as this one at only 90 grams, but to give any of the said methods a greater than 95% chance of success, be selective with your shades by opting for a maximum weight of "50 grams" - these ones are only 35 grams, which will bypass almost every shipping scale. Regarding the "partial method", If you're SEing more than one pair of sunglasses, you must combine the weight of each one Into a single figure, and keep It under 120 grams. For Instance, If one Is 65 grams and the other Is 45 grams, It's taken as one unit at 110 grams. Do the math: 65 + 45 obviously equals 110!
What To Look Out For When SEing Sunglasses
This article has exceeded Its reading time by a lot more than what I anticipated, so I'll try and keep this topic as brief as possible. Okay, before even thinking about social engineering your favorite pair of sunglasses, It's of the utmost Importance to "research the company's warehouse operations", to Identify their picking & packing procedures - which In the case of the missing Item and partial method, will conclude If they can be put Into practice. You'll see what I'm referring to In a couple of minutes or so.
So why must researching be performed? Well, unbeknownst to many SE'ers, certain companies actually "check their goods as they're being packed In the box/package" prior to taping It up, and sending It off to the buyer. For example, I can confidently say that a UK sunglasses (and watch) retailer called Shade Station operates by picking their stock, "opening the sunglasses case to make sure the product Is Inside", and then packs and sends It to the customer. Other stores with a similar setup, also work In the same fashion.
It's a huge Issue, that ultimately puts an end to both the missing Item & partial method. And If you still plan on saying your sunglasses were missing, think again - they'll send you CCTV footage clearly showing "your product was In the case" and packed In full! Speaking of CCTV cameras, a lot of companies have them monitoring their warehouse stock, but you do have some flexibility with the missing Item & partial method - only when CCTV cameras are used to verify packing of goods. It's done by purchasing sunglasses that come In a fully enclosed case, and saying that "upon opening the case, they were missing".
Cameras are not X-ray machines, hence they cannot view "what's Inside the case", so make a mental note of this for future SEs. But how do you know If the company you're planning to SE, checks their products whilst being packed, and If CCTV cameras are Installed In their warehouse? The answer Is simple. If you're registered with an SEing community, ask fellow SE'ers If they've recently social engineered the company In question, and/or hit a practice run ("trial SE") on a separate/test account. You can then make an Informed decision (as to whether or not to SE them) based on the outcome of your findings.
In Conclusion
After reading every topic In this article (If you haven't, go back and do It now!), you have sound knowledge of how to efficiently and effectively SE sunglasses using three methods that will achieve a favorable result on just about every occasion.
You've also learned why It's crucial to stick to the "120 gram weight limit", as well as having a deep understanding of Identifying a company's warehouse environment - namely Its structure (with or without CCTV cameras), and the process Involved with picking & packing orders. Collectively, you now have the tools, resources and expertise to social engineer sunglasses with the highest level of confidence and success.
Source - https://www.socialengineers.net/2022/04/social-engineering-sunglasses-doing-now.html
