The task which I drew for this assignment was to "Find out the make and model of a fellow player's car" and assignment which I failed to complete due to partially to catch the target unexpected, and mostly because I decided not to commit a crime to obtain the data.
My target was Dr. Blu Ninja, as he and I have been in the same class before, I have a good dialog with him, and I am in two classes with his this semester.
At the end of EH class, as we were leaving class I attempted to engage my target in a dialog but was interrupted by another student and I was not able to broach the inquiry as to their make and model of vehicle.
After this initial failure I went to my books for other classes and looked up his phone number, so that I could have a third party call and apologize for backing into them at school, but rejected this avenue as it would constitute a crime called "fraud by wire" and may subject the target to undue stress or alarm and on an ethical basis I did not wish to cause them alarm.
They have stated in class, the nearby town where they live, so I opted to contact the Town Tax Assessors office and inquire as to the make and model of vehicles they have on file for excises taxes and was told "Honda Civic" but I in no way represented to them why I was calling, merely that I wished tax information.
I had expect to see them later in the week in class, and it was there that I was going have a dialog about my grand-daughter hitting a "Honda Civic" in the parking lot at school a few minutes before class, and had my grand-daughter send me a text message a few minutes before class of the car she "hit" in which the plate was not visible, but alas my target was not in class on the day of the planned ruse.
The ethics of showing an image of a banged up Honda in person I felt was more merciful than causing alarm over the phone, and I decided to strictly stay with face-to-face manipulation of very short term alarm instead of a phone call to do the same thing.
I would also have been technically possible to merely access the DMV for registration by his name, or upon his address, but such a DMV inquiry would have been unlawful, and outside of the parameters laid out for the course.
I obtained the requirement as states, but did not do it by the social engineering method, but rather as a direct inquiry to the taxing authorities. Ah, but I have no idea is the information they shared with me is accurate, and I have not taken measures to confirm its accuracy.
I was also partially foiled by the target missing the class before which I was planning to foist the text message of a bogus fender bender.
If I wished to progress this further, it would be easy enough to troll stalk their residence and look for a BHCC parking sticker, apply a small smudge to the bumper with rubber cement and paint and attach a GPS transmitter to disclose exact parking location at the school to enrich the ruse, but I felt this would be outside the given parameters.
Thanks for not giving me a heart attack by telling me my car was damaged. Not to mention refraining from sticking a GPS tracker to my bumper. Both my front and rear bumpers have been either replaced or repaired because some hose head hit me. The front bumper was a hit and run job so that cost me $500. I am wicked fussy about my car and would have been wicked pissed about the fake accident or GPS stuck to the bumper trick. I should stick a GPS tracker to my wife and kids. Half the time I don't know where they are. I spend a ton of money on cell phones and no one ever picks up. Remind me to tell you about the time I tracked down my son at college when he broke his phone and we couldn't contact him for two weeks.
ReplyDeleteReverend Cyan, this is social engineering. Despite the tax office not asking, you gained info they shouldn't have given you necessarily. I would say this was well done. Good use of resources. 4 points!
ReplyDelete