CarderPlanet
Professional
Salute, carders, now we will talk about social engineering and trust as a human factor.
The reasons why email addresses or social media accounts are taken away are completely different. But when close people found out my reason, I received condemnation. To some extent, I always understood that the goal of gaining access to the victim's social networks in order to receive certain correspondence is very immoral. On the other hand, I consoled myself with the thought that if the comrades had fallen into such a hook, then it meant they needed it.
These were two victims who had the information I needed. Both are men. I could find out this information only from them, but with one I hardly know, and the second was my sworn enemy. Their frequent activity on social networks gave hope that with someone in correspondence they discussed what I needed.
It was so important to me that for a couple of days I was just thinking how to get information. The thought of "hacking" came. But how? Moreover, in recent years, everyone has become more or less literate (set good passwords). In addition, today's applications have achieved a high level of protection. Therefore, technical hacking disappeared almost immediately in my thoughts. I made the decision to use social engineering. That being said, the method shouldn't be too complicated.
Different ideas and thoughts came to mind. I went over in my head the different weaknesses of each of them. And suddenly it dawned on women. He immediately wrote to a friend, asking if she wanted to take part in one extravagant case. We thought about different scenarios, but in the end I abandoned this idea, since everything turned out too complicated.
As a result, another idea came up.
I have registered a fake account. In the same social networks, I found a very pretty girl in some small Ukrainian town. The main thing is that it does not interfere with the fake. Then he began to fill out a questionnaire on facebook, uploaded a few photos. To be truthful, I needed "friends." I scanned various people who are very active (they, as a rule, add friends indiscriminately), filled a base of 10 people, and then many began to ask for friends themselves. Since my fake girl turned out to be very cute, I already had more than 50 friends in the evening.
The next day I was in for a fiasco. Facebook got suspicious and offered several photos of my friends, where it asked me to sign these photos with the question “Who is in the photo”. Of course, I did not know a single person and could not restore my account. And everything started anew, but gradually.
Friends have already been added selectively. Often these were those whom I knew at least from memory and could bypass this test. Joined the same groups in which the same victims participated. I found some articles that were thematically suitable for these groups, and began to publish. All this took about five days. I had a lie that, if I discovered it once, could not be repeated, so I acted very carefully and slowly.
One day he waited and began to receive comments on publications in the group from the victim. I deliberately published the most interesting topics for a particular person. It was not difficult to find out his interests; it was enough to look at which publications he was actively reflecting on. At first, there were just some replies, but I was waiting for the interactive and it happened, some kind of conversation ensued. From ordinary comments to publications, we gradually switched to personal correspondence. Then I watched his "likes" on "my" photos. After some time, they were offered a long-awaited friendship, which spilled over into acquaintance.
- Girl Nastya. Very nice. I work in an IT company as the most ordinary employee and try to become a programmer. If I can cope with one task, then they will definitely raise me up the career ladder and make a good salary.
The information is the simplest and most common, non-binding, not suspicious. While in correspondence I answer questions, invent a story of a lifetime, promise dates in some future. And in parallel, I register an account with a free hosting provider. I quickly make out a couple of static pages "Lorem ipsum", create comments there, supposedly left by someone else, and an authorization button leading to a form that looks like a facebook login form.
Yes, primitively, but this friend had nothing to do with IT, so I took this into account and just asked to leave a comment for the test on my "test project".
- My task is to leave a comment through the social network, - I write to him.
In the heat of feelings, he runs to the site, tries to log in and writes back that he cannot leave a comment, since after authorization the previous page appears again and there is no comment entry form.
- Oh, I found a mistake, I need to fix it, - Nastena answers him.
Of course, further Nastya became less active, and then stopped going online altogether. The fact that he tried to somehow contact her, ask for a phone number, etc., I already read from his account. Also lucky. He used the same password everywhere, which easily allowed me to get into VK and Mail.ru mail.
For the second victim, he had to work hard to create login forms for other social networks and mail, since he used different passwords everywhere. But with joy, for the sake of a beautiful lady, he tried all the methods, in fact, kindly giving me entrance.
Epilogue
Everything is simple to madness and does not even look like a kind of manual. But still, this is not a manual, but a moral: you cannot trust anyone, especially strangers on the Internet, especially beautiful strangers. Well, double authorization, which is already available almost everywhere, would have saved both.
The reasons why email addresses or social media accounts are taken away are completely different. But when close people found out my reason, I received condemnation. To some extent, I always understood that the goal of gaining access to the victim's social networks in order to receive certain correspondence is very immoral. On the other hand, I consoled myself with the thought that if the comrades had fallen into such a hook, then it meant they needed it.
These were two victims who had the information I needed. Both are men. I could find out this information only from them, but with one I hardly know, and the second was my sworn enemy. Their frequent activity on social networks gave hope that with someone in correspondence they discussed what I needed.
It was so important to me that for a couple of days I was just thinking how to get information. The thought of "hacking" came. But how? Moreover, in recent years, everyone has become more or less literate (set good passwords). In addition, today's applications have achieved a high level of protection. Therefore, technical hacking disappeared almost immediately in my thoughts. I made the decision to use social engineering. That being said, the method shouldn't be too complicated.
Different ideas and thoughts came to mind. I went over in my head the different weaknesses of each of them. And suddenly it dawned on women. He immediately wrote to a friend, asking if she wanted to take part in one extravagant case. We thought about different scenarios, but in the end I abandoned this idea, since everything turned out too complicated.
As a result, another idea came up.
I have registered a fake account. In the same social networks, I found a very pretty girl in some small Ukrainian town. The main thing is that it does not interfere with the fake. Then he began to fill out a questionnaire on facebook, uploaded a few photos. To be truthful, I needed "friends." I scanned various people who are very active (they, as a rule, add friends indiscriminately), filled a base of 10 people, and then many began to ask for friends themselves. Since my fake girl turned out to be very cute, I already had more than 50 friends in the evening.
The next day I was in for a fiasco. Facebook got suspicious and offered several photos of my friends, where it asked me to sign these photos with the question “Who is in the photo”. Of course, I did not know a single person and could not restore my account. And everything started anew, but gradually.
Friends have already been added selectively. Often these were those whom I knew at least from memory and could bypass this test. Joined the same groups in which the same victims participated. I found some articles that were thematically suitable for these groups, and began to publish. All this took about five days. I had a lie that, if I discovered it once, could not be repeated, so I acted very carefully and slowly.
One day he waited and began to receive comments on publications in the group from the victim. I deliberately published the most interesting topics for a particular person. It was not difficult to find out his interests; it was enough to look at which publications he was actively reflecting on. At first, there were just some replies, but I was waiting for the interactive and it happened, some kind of conversation ensued. From ordinary comments to publications, we gradually switched to personal correspondence. Then I watched his "likes" on "my" photos. After some time, they were offered a long-awaited friendship, which spilled over into acquaintance.
- Girl Nastya. Very nice. I work in an IT company as the most ordinary employee and try to become a programmer. If I can cope with one task, then they will definitely raise me up the career ladder and make a good salary.
The information is the simplest and most common, non-binding, not suspicious. While in correspondence I answer questions, invent a story of a lifetime, promise dates in some future. And in parallel, I register an account with a free hosting provider. I quickly make out a couple of static pages "Lorem ipsum", create comments there, supposedly left by someone else, and an authorization button leading to a form that looks like a facebook login form.
Yes, primitively, but this friend had nothing to do with IT, so I took this into account and just asked to leave a comment for the test on my "test project".
- My task is to leave a comment through the social network, - I write to him.
In the heat of feelings, he runs to the site, tries to log in and writes back that he cannot leave a comment, since after authorization the previous page appears again and there is no comment entry form.
- Oh, I found a mistake, I need to fix it, - Nastena answers him.
Of course, further Nastya became less active, and then stopped going online altogether. The fact that he tried to somehow contact her, ask for a phone number, etc., I already read from his account. Also lucky. He used the same password everywhere, which easily allowed me to get into VK and Mail.ru mail.
For the second victim, he had to work hard to create login forms for other social networks and mail, since he used different passwords everywhere. But with joy, for the sake of a beautiful lady, he tried all the methods, in fact, kindly giving me entrance.
Epilogue
Everything is simple to madness and does not even look like a kind of manual. But still, this is not a manual, but a moral: you cannot trust anyone, especially strangers on the Internet, especially beautiful strangers. Well, double authorization, which is already available almost everywhere, would have saved both.