social

The other day i had to perform some brief and remote social engineering tasks. (1 day and telephone only)

I was attempting to trick a target into downloading a malicious executable by calling up, pretending to be BT (British Telecom) and then requesting that the user downloads a Speed Test in order for me to perform some “diagnostics”.

I provided the link to the customer as btsupport.com.phillips321.co.uk, unfortunately the phillips321.co.uk… Continue reading