Live Social Engineering Hack on a live conference

First reported on Cnn Money news website

In a live conference/workshop on social Engineering hacking, Shane MacDougall hacked the identity of a Walmart Store Manager in a town in Canada. In less than 20 minutes, with only a mobile phone, Mr Shane tricked the store manager and got all his personal information with just a phone call.

In a soundproof phone boot setup on the conference stage, Mr Shane called a Walmart store manager about a multi-million dollar government contract which Walmart is on the verge of winning. He introduced himself as Gary Darnell, a newly hired Manager of government logistics.

He told the manager he needed to come over to the store to physically assess it as the store is among the few other walmart stores selected for the pilot project. But before he comes over the next day he needs basic information about the store. Information like Managers breaktime, number of staff, pay cycle and work schedules for their employees. As a dutiful manager, in a bid to satisfy the government contractor and increase the chances of Walmart winning the contract provided the requested information over the phone.

After gaining the confidence of the manager, Mr Shane went further by asking the manager about the type of work computer he uses and also the operating system of which the manager easily disclosed. Mr Shane directed the store manager to an external malicious website where the manager can fill a survey form and prepare for his upcoming visit. The store manager successfully filled up the survey form and thereby providing Mr Shane with his personal information such as phone no, email, password, address etc.

With these information, Mr Shane can easily impersonate the Store Manager both online and offline.