Social Engineering is all about tricking somebody into acting a way you want them to act. A common tactic is having them click a link using a phishing attack such as a fake UPS delivery link around Christmas or cloning a popular website such as Facebook. Sometimes a target may question the authenticity of the source attempting to contact them. One way to fake your identity is to use listyourself.net by listing your phone or burner phone as a fake identity used in your social engineering scam. That website is http://www.listyourself.net/
How does this work? Listyourself.net lets you assign a name, email and address to any phone number. You must validate the number meaning you can’t use a fake phone number however this is useful when war dialing or including a fake help desk number in your phishing email. Just go to the website, fill in whatever info you want and link it to any phone number. This website will populate search engines with this data so when somebody “Googles” the name you provided or phone number, that data will show up. Below is a screenshot of the info Listyourself.net will ask for.
Why is this important to know about? On the defense side, its good to know how easy it is for people to fake information online. Make sure to validate who you are communicating with before providing any sensitive information.
I wrote about how some malicious parties were spreading their custom ransomware by randomly calling people while pretending to be desktop support for Microsoft. They would ask them to click a link to validate their system however they were really encrypting their hard drive so they can ask for payment to unlock the ransomware they just placed on their system. That post can be found HERE.
Most likely these attackers used this or another source to advertise themselves as Microsoft employees. Beware of these types of scams.