Master Social Engineering: The Vishing Attack Plan Revealed! #shorts

We um crafted an attack plan for this one. Um and we were going to use uh fishing with voice fishing basically. So what it what that means is you're going to call people and you're going to attempt to let them in let us in basically. [snorts] Um and for our attack plan basically you need three participants. You need one intruder who's going to go there, a second intruder to also accompany them um for later and then you need a remote participant who is going to perform uh the calling. And then it was time to um to go ahead start the action. So the first intruder goes there um goes to the receptionist desk and says, "Hey um I

sorry my phone battery is dead. I need to call one of my colleagues immediately. Um could I use your phone please?" Um and the reason why we do this is because we want the receptionist desk number so we can actually call them. [clears throat] Like for example the numbers I talked about earlier we needed one of the employee numbers and then using that employee number we will call the receptionist. The receptionist is going to say hopefully of course could you tell me their number then I will call them for you and then you give them the the number of the remote participant the one that is sitting in the office and is going to do the calling and then she's

going to call him or her and then once that happens you have then you have the receptionist number you know and then you can start the attack later. So with that number in hand, uh our remote participant is going to use this caller ID spoofing. He's gonna basically pretend to be that one colleague whose number that we have and then it's going to call them and then that remote participant is going to call the receptionist lady using the um the uh spoof number and she going to say okay that is that is a number for one of our colleagues right so he's going to say um hello you're speaking with this coworker I am for

example expecting someone from this company uh to be here in 10 minutes I'm going to be busy in meetings all day um could would you please let that person in when they get there? And she'll be like, "Yes, that's fine. I've noted it down. I'll send them straight to you." And then, for example, the second intruder is going to come in as the awaited guest. It's going to say, "Hey, I'm this person from that company that was just mentioned." And then going to say like, "Ah, yeah, I've uh heard that you were coming by, so I'll just let you in." Um, and then from there you are. You've uh passed your first perimeter.