Wednesday, August 19, 2020

Tumblr Thread: Social Engineering Is A Trip


This fun Tumblr thread shines light on the crazy kinds of results that can be achieved through some good old-fashioned "social engineering." It's basically a clever way of breaking the rules, and relies heavily on people not double checking complete fabrications pulled right out of thin air. Fun stuff. 

1.

Text - ms-demeanor Follow I am a glorified office administrator who understands server hardware why am I the only person in this company who gets what social engineering is? ms-demeanor Follow Total stranger on the phone who we've never spoken to before: I have power of attorney over the CEO of this corporation and we are a customer of yours. Please change the administrator password on the server to XXXXX

2.

Text - My boss, putting on white grease paint and a red wig: Oh, of course! Let's do it quickly so that you'll want to keep working with us since you're going to be making business decisions! Me: I would sell you to satan for one corn chip and I'm allergic to corn but before you do this maybe you should call someone who is actually on our contact list for our customer and see if they've ever heard of this stranger. My boss, looking through a selection of shoes that honk when you walk: Oh, but sh

3.

Text - Me: As your lawyer I recommend that you just call a single one of our contacts and see if they've ever heard of her name. My boss, shoving all of our technicians into a VW beetle: You're not my lawyer. Me: HOW THE FUCK WOULD YOU KNOW? I COULD BE! YOU SHOULD MAYBE CHECK ON THAT. patrithebat TIL everyone's employee ID at my company is the last five of their SSN. Boss: On the bright side, it's only the last five

4.

Text - Me: YOU CAN COMMIT FRAUD WITH FOUR zevveli Follow Security firms that are hired to check the security of banks will often use the following tactic: They will walk up to the teller in a suit with their ID badge and a clipboard and go: "Hello I am [name] from [security firm] we've been hired to verify the security of the facility I need to see your computers." "Erm...l'll have to verify that with my managers." "Congratulations, you have just passed the security verification." [Scribbles on

5.

Text - seriousness I do need to verify your security so I need to see your computers." "Oh okay." AND LETS THEM IN. palindromordnilap Follow "Social engineering" is a way too fancy word for what it is. I know a guy (not personally) who broke several people out of prison by essentially writing "Greetings, please release this person, signed, whoever the judge is" on a piece of paper and faxing it there. Because no one would have a fax machine in their own house I guess. | closet-keys Follow not to

Submitted by:

No comments:

Post a Comment