Execution: My task was to get someone to search through the trash for something. Below is evidence that I was able to accomplish this task
Narrative/method: I had just gone through the mail and thrown out a bunch of junk mail. I then starting making dinner so my hands were busy and said to my boyfriend, I think I accidentally threw away my new credit card with the junk mail, can you please check. While he was searching I quickly snapped a picture. I then confessed and agreed to cook dinner all week to make up for it!
Application: If you wanted to distract someone, so you could got through their backpack or purse for example, you could claim that you threw something really important away and feigned being really upset. This would be a way to gauge how a person reacts to someone else who is emotional, and see if tugging at their heart strings gets them to accomplish the desired behavior. With this information, additional social engineering tasks could be carried out, for example sending a phishing email requesting money for charity or some other noble purpose.
Ethical reflection: Had I actually thrown something valuable away and was legitimately asking for help that would have been okay but tricking someone into doing something just to gauge their reaction is unethical, especially when you have ulterior motives. .
No comments:
Post a Comment