Social Engineering

Admitantly being a bit of a coward, as well as being cursed with a consience, I have little experience in this field; however I have a multitude of knowledge and have assisted others in the same. Social Engineering is not all that dissimilar to the skills of a Con artist; the obvious differences are that a social engineer is more prepared for situations thru research, and technical means. A social engineer would research his target(s) and have pages of information that could provide useful.

Section 1.1 – Research & Preparation

Social engineering begins simply with your target. You need to be organized to determine exactly what information you do need. First write down all questions that you need answers to and have an accurate organization of all you need to know, there is nothing more frustrating then to do a whole week of research and work only to end up having forgotten a question, there are ways to recover from this, but they can be sketchy, and unnecessary.
Once you have a clear view of your goals, the next step is to research your target. You need to determine what interests your target has, and what methods would prove most effective to derive your needed information. For example, if your target is a technical support representative, you could pose as a client/customer with technical difficulties, this is an easy role, however it may not give you much opportunity for information gathering, other then some technical data. Alternatively you could pose as an out of town co-worker (for large companies such as call centers), or as a supervisor or investor. These roles require far more research, yet can result in all or most of your information being answered in one go.
It is also be important not to go strait to the information that you need answered, there are few times when this may be appropriate, but in most cases it’s better to use jazzed up small talk, or other questions that may seem useless to you, but will make it seem more routine for your target, and in some occasions, you never know it may give you useful information you didn’t even know you needed.
The next thing you need to research is the roles you may need to portray. It is a good idea to research more then you feel you will need; you never know when it will come in handy. But focus on the task at hand. Have a wide base of information so you have ground to cover with small talk, know current events, keep in touch with the news, read newspapers for anything relevant to the position so you can be prepared with comments like “did you hear about the strike in…” if it is relative to the target’s job or your own, they are likely to know about it, and can end up telling you about it, or you them.

Section 1.2 - Making your first call

Once you have sufficiently researched your target, you may feel that you are ready to call your target and begin collecting information. It is a good idea to review your notes and make certain that you are prepared, but if you feel confident, go for it.
Placing your first call is not an easy task, for most people this will make you nervous, don’t worry, that’s natural, if your not nervous then you have either done this many times before, or you may be overconfident and arrogant. Be careful of overconfidence, if can destroy your call in seconds. Being nervous can destroy your call with the same ferocity, but nervousness is easier to deal with (your probably thinking “easy for you to say”), with nervousness you are alert and prepared, the difficult part is making sure you speak clearly and without stuttering. If you do make any mistakes, just correct them as if you were the person you are trying to portray, and act as you think they would. You can even pretend or envision yourself actually employed by the company you are claiming to be from, do always say something because you think it’s what your target expects, but more because it’s what someone in your position should say.
While you are making this call be sure to be taking or typing notes. Record even the details that you think are useless, the best idea if you want your hands to be free and to be less occupied to read your notes is to purchase a phone tap with an audio cassette recorder. This way you can record your call and take notes later, you can also filter out background noise, or even listen to what people in the background are saying. You can also copy their hold messages while you are on hold to simulate your own hold system if in the future you plan to pretend to be from the target’s company.
If you do tape the calls then make sure that you always have more tapes handy, and that you are using extra long tapes, stop in your local Radio Shack and pick up 120 minute tapes (441-8157). This way your conversation can go up to 1 hour. If your conversation goes on past this, keep an eye on the tape, if it’s about to finish, place your target on hold for a moment, or simply say “just a moment” and pretend to speak to a co- worker, or to answer someone else’s question, use it to simulate that you are in an actual work environment. Then all you need to do is flip over the tape, or if you have already done so, switch tapes.
If you find your conversations taking up more then one tape, or even if very often you are flipping tapes, this means your conversations are exceeding 1 hour, meaning you are either very good, or you are on hold for a long time. However it could mean that you are taking too long to get to your point. If an employee feels that you are too chatty, or that you are wasting their time, they may become agitated; this is a very bad thing. However, if they are the one who is chatty, this can make your task a whole lot easier. Also keep in mind that if you get the feeling that they are stalling you, you may want to invent a reason to leave suddenly, for they may be trying to trap/trace your call.

Section 1.3 – Reviewing your notes/tapes

The hard part is over, but the work is not yet done. Quite often what someone said can be equally as important as how they said it. Also when you review tapes you can also pick up on things you didn’t notice or didn’t get the first time. Quite often you should listen to the tape more then once. With tapes you also can listen to what you said in the third person, and learn how to better yourself next time.
You can make your notes this time while you listen to the tapes, it is better to keep all your records as notes, rather then keeping the tapes, if you have the calls on tape then you have legal records against you if something should go wrong. However your notes would be less accusing to you, as well as being more thought out and easier to destroy. You can keep your notes on paper in a filing cabinet or accordion file. An increasingly popular way (and my favorite) is to type your notes and keep them on a computer or disk. This way you can encrypt them if you wish, or you can more quickly and efficiently destroy them. (Keep in mind, deleted files are not really deleted, you need hacker-like software such as a scrambler to properly delete a file so no one can recover it).
When writing your notes be sure to date them, and organize them in detailed point form as well as descriptions. You may have to rewrite your notes a few times, but this is the best way to make sure you know what you needed to know. Plus this way you have record in case you ever need to return, saving you have to do this all again.

Section 1.4 - Closure

Once you have your information, what you do with it is up to you. But be careful not to give yourself away, you will need to fight the urge to brag about how you pulled the wool over their eyes, or how you fooled them, but if you don’t give anything away then you have the power to do it again unsuspected, as well it makes your information more useful. And always remember one last thing, a computer hacker who never get's cought isn't always free because he's a good hacker, quite often they are smart enough to follow one simple rule that makes them very difficult to find. Do no damage, and no one is willing to spend the money to catch you. For example, if you were a computer hacker, and you write some virus that crash's a workplace server and they lose money, they want to investigate and catch you quickly. However, if they merely detect a break in, and there is no damage done, nothing missing, nothing harmed, chances are they can't justify the time and cost involved in hunting you down. This applies here as well. Do no damage, and it's less likely that they will find you.