Social engineering, arguably, is one of the harder things to learn.
It’s a collection of soft skills, and if you’ve been paying attention to rank and file tech jobs, places are looking for people with soft skills because they’re so impractical to train.
This goes down to your basic help desk tech.
Anyone with an interest in computers can sit down and learn how to analyze and exploit weakness in code. In fact, it’s a fun puzzle. Dealing with other people, let alone establishing oneself as another person and fucking SELLING that character enough to get what you need?
People write off social engineering far too quickly. It’s quick, it’s effective, and if done well, the person you exploited doesn’t even realize they’ve been tricked.
I’ve thought of this, but don’t have the wherewithal to actually make a project come to fruition.
I’m also not a lawyer, but I’ve read multiple articles on this, and it doesn’t seem like any legal violation. Corporation got lazy, didn’t confirm where 10m in royalties went and under what circumstance, and got burned.
Finally a corp gets scammed by the common man.
I say good on him.