Well, I've just had a second call in as many weeks from the scammers trying to hijack my computer.

By the way, the caller ID shows no telephone number. Obviously.

The first time:


Hello, is that Mr Landau?
- Yes.
I am calling from [somecompany] about your computer.
- What does your company have to do with my computer?
Well, we have discovered that your computer is infected with a virus.
- @$%! off. (I hang up)In hindsight, I realised that I could have wasted his time, delaying him for at least a few minutes from messing up someone else's computer.

So...

The second time:

A few minutes ago I got another call. This time, I pretended to be curious. Here is an abbreviated version of the conversation.


Press the Start button. Do you see My Documents?
- No.
Press Start. Do you see the Run command?
- No.
What do you see?
- Accessories; Games; Graphics; Internet; Office; Other; PlayOnLinux (that should have given him a clue); Programming; Sound & Video; System Tools; Wine.
Do you have the Windows flag button?
- Yes, I do.
Please shut down all your windows.
- OK, hold on, let me save what I'm doing... Right, I've closed all my windows.
Press the Windows flag button and R at the same time.
- OK.
Do you get a small window or a large one?
- Nothing happened.
Do you have Windows 7?
- No.
Do you have Windows XP?
- No, I don't believe I do.
Is it a laptop or desktop?
- Laptop.
How old is the computer?
- Um, I got it in 2008. Three years old.
(Pause... he hangs up!)So...

My question is, what could a person do in preparation for the next call, to waste as much time as possible of these deceitful scammers? The more time we waste, the less time they have to mess with a more gullible person.

I did think of using Windows in a Virtual Box, but I don't have Windows. Although, if I did, it would run very slow on my computer, making it excitingly time-wasting!

by all means, please post the name of this "company". there may be many more victims out there.

This doesn't apply to just telephone virus scammers--I think the best way to waste the time of any telemarketers or phone scammers is this:

Scammer: Hello, is that Mr. Landau?
You: No. Hold on a minute. I'll go get him.

Put the phone on mute and just leave it there.

The most fun is when you lead them along.

'So, where are you?'
'What's the weather like there?'
'Ooh, sounds uncomfortable'
'So in this weather, what underwear do you have on today?'

100 points if you can get them to the last question without hanging up :D

This doesn't apply to just telephone virus scammers--I think the best way to waste the time of any telemarketers or phone scammers is this:

Scammer: Hello, is that Mr. Landau?
You: No. Hold on a minute. I'll go get him.

Put the phone on mute and just leave it there.

That is funny.
Start at 2:06 minutes for the phone scene.
http://www.youtube.com/watch?v=WhWavua-1FI&feature=related

Or just call the cops saying scammers are calling you to try to get access to your pc.

Or your phone provider if the cops are "busy".

Or just call the cops saying scammers are calling you to try to get access to your pc.

Or your phone provider if the cops are "busy".
The problem is that they phone from outside the country, and the police and the phone company have no powers over them. Assuming that they could trace them, which they can't. They are powerless to do anything about it.

Interesting. the Guardian pins it on Indian Call centers (but no good scam sticks with any nationality)

http://www.guardian.co.uk/world/2010/jul/18/phone-scam-india-call-centres

I've had at least 5 of these calls in the past 2 months. Yes, they are currently out of India, and they are trying to get into people's computers, either by getting you to enable Windows Remote Desktop or visiting a website that has their "anti-virus" software (you know, Anti-Virus 2011 or some such).

The last one I had, a week or so ago, I kept the idiot on the phone for about 5 minutes, all the while verbally insulting him, telling him Interpol was tracing the call, questioning his parentage, and being generally nasty. The guy would not hang up. I had to end the call.

My wife, who was sitting next to me at the time, said she wanted to play next time the scammers called. She wants to see how long she can keep them on the phone with things like 'the Start button? Is that the one with the Apple on it?'.

People still use a landline? How quaint . . . :P

I'm using VOIP and I haven't had any cold calls and I doubt I will.

I have never had one of these. I really, really want to get one, just so I can play with them a bit.

Interesting. the Guardian pins it on Indian Call centers (but no good scam sticks with any nationality)

http://www.guardian.co.uk/world/2010/jul/18/phone-scam-india-call-centres
Thanks for posting that article. I am amazed that they managed to figure out who is doing this! But I suppose it won't be long before it catches on and we get more scammers.

As an interesting aside, I wonder if you have seen 419 Eater (http://www.419eater.com/), a scam-baiting site. These people bait the 419 scammers, who can be literally fatal.

Ah The PC Doctor.......

I've had a call from him.

The best thing to do is pretend you are doing what he asks, then he'll think he's doing something wrong. :P

My personal record was 42 minutes on hold, with a cold caller; I almost started to feel guilty when I came back from lunch and the light was still on the phone.

I know of someone who'd had enough, made out that the intended recipient of the call had been murdered, and that the caller had to stay on the line for the purposes of the investigation. That's probably taking it a bit far.

Is Windows 95 available free yet? I could put that into a Virtual Box and let them play with that. Each time they reboot, I'll revert to a snapshot, making them very, very confused.

My personal record was 42 minutes on hold, with a cold caller; I almost started to feel guilty when I came back from lunch and the light was still on the phone.
Brilliant! How did you persuade him to hang on for so long?


I know of someone who'd had enough, made out that the intended recipient of the call had been murdered, and that the caller had to stay on the line for the purposes of the investigation. That's probably taking it a bit far.
Considering that these scammers don't care if they wipe out people's life savings, and that a few of them (particularly the 419-ers) are kidnappers and murderers, I hardly think it's going too far.

Is Windows 95 available free yet? I could put that into a Virtual Box and let them play with that. Each time they reboot, I'll revert to a snapshot, making them very, very confused.

Load XP in a VM, make the desktop image a copy of 'tubgirl', then let them remote in; they'll never be the same again.


Brilliant! How did you persuade him to hang on for so long?

Sadly, I just said "I'll be right back".

Why don't you guys "reverse h4x0r" the guys. I'm not much of a h4x0r (I know a few things, but not much). I'm %100 sure there is a way.

They are not going to stop, its up to the people to stop them.

make the desktop image a copy of 'tubgirl'...
I've just Googled tubgirl. OMG, I'll never be the same again :D. This would be a perfect antidote to their nonsense.


Why don't you guys "reverse h4x0r" the guys.
There may be a way, but I'm not anywhere near technical enough to do it. Wonderful if we could, though; post it on the 'net and ask people to phone claiming to sell insurance against being caught by the police.

I've just Googled tubgirl. OMG, I'll never be the same again :D. This would be a perfect antidote to their nonsense.

I'm so sorry; you've now joined the ranks of the visually violated. ;)

I've just Googled tubgirl.

http://wtfhub.com/wp-content/uploads/2011/02/grandma-meme-tub-girl.jpg

... playing the tuba
ROFL


I'm so sorry; you've now joined the ranks of the visually violated. ;)
How do people even think of doing things like this? Weird! I'm lucky I'm not squeamish. But I definitely will consider doing this, if I can get hold of a legal copy of Win 95 or 98 (I don't think my machine will run XP or higher in a virtual box).

It would definitely make my day...

So, let's see. So far, we have the following ideas (including some of mine):



Load Windows in a virtual box where he can't do any damage. Load tubgirl as the desktop wallpaper (if you can stand it). Snapshot the installation. EDIT: Don't bother about the wallpaper, as the remote software (TeamViewer, LogMeIn, whatever) temporarily disables it anyway.
Ensure that the windows box runs very slowly, so as to elicit maximum frustration from the scammer. (Does Virtual Box allow for such niceties?) EDIT: Yes, it does. You can restrict disk bandwidth (http://www.virtualbox.org/manual/ch05.html#storage-bandwidth-limit), although that is complicated to set up. You can also restrict CPU access ("Execution Cap" in the settings).
When the scammer calls, get him to hold for a long time, perhaps by coming back every minute to say, "Please hold, I'll be with you shortly, I'm just trying to reboot my computer."
Finally, relent and engage him in pointless distracting conversation; see if you get the 100 points (http://ubuntuforums.org/showthread.php?p=10792554#post10792554). Even more points if he keeps making mistakes.
When he wants to reboot the computer, revert to the snapshot, and delay the reboot for at least ten minutes, claiming that your computer always takes 10 minutes to boot. Play some irritating old rap music clip to him repeatedly during the reboot, repeatedly asking, "Don't you love this music?"
Repeat steps 4-5 several times until he's beating his head against the computer screen.


Any further ideas?

When you set up vbox you can tell it how much ram to use when running,

Just give it an insanely low amount, just enough to work.

ROFL


How do people even think of doing things like this? Weird! I'm lucky I'm not squeamish. But I definitely will consider doing this, if I can get hold of a legal copy of Win 95 or 98 (I don't think my machine will run XP or higher in a virtual box).

It would definitely make my day...

So, let's see. So far, we have the following ideas (including some of mine):



Load Windows in a virtual box where he can't do any damage. Load tubgirl as the desktop wallpaper (if you can stand it). Snapshot the installation.
Ensure that the windows box runs very slowly, so as to elicit maximum frustration from the scammer. (Does Virtual Box allow for such niceties?)
When the scammer calls, get him to hold for a long time, perhaps by coming back every minute to say, "Please hold, I'll be with you shortly, I'm just trying to reboot my computer."
Finally, relent and engage him in pointless distracting conversation; see if you get the 100 points (http://ubuntuforums.org/showthread.php?p=10792554#post10792554). Even more points if he keeps making mistakes.
When he wants to reboot the computer, revert to the snapshot, and delay the reboot for at least ten minutes, claiming that your computer always takes 10 minutes to boot. Play some irritating old rap music clip to him repeatedly during the reboot, repeatedly asking, "Don't you love this music?"
Repeat steps 4-5 several times until he's beating his head against the computer screen.


Any further ideas?

reverse h4x

Let him SSH into a virtual Linux install. Won't slow him down any, but the reaction should be priceless.

(Honestly though, your current plan is pretty amazing.)

I saw a story somewhere of some guy who replied to emails from scammers, and convinced them (it wasn't very hard) that he worked for a company that paid some ridiculous amount ($14 per page?) for peoples handwritten copies of books (Harry Potter in the story) for research analysis of handwriting. And they accepted only a minimum of 100 pages ;)

This sounded like easy money from crazy Americans to the Nigerian scammer, so he wrote, scanned and emailed these pages to the "research company" (there were actual copies of the handwritten pages shown in the story I read). The "researcher" kept stringing him along as long as he could, stalling, and asking for more, while the scammer complained that he hadn't been paid yet! Great stuff...

I saw a story somewhere of some guy who replied to emails from scammers, and convinced them (it wasn't very hard) that he worked for a company that paid some ridiculous amount ($14 per page?) for peoples handwritten copies of books (Harry Potter in the story) for research analysis of handwriting. And they accepted only a minimum of 100 pages ;)

This sounded like easy money from crazy Americans to the Nigerian scammer, so he wrote, scanned and emailed these pages to the "research company" (there were actual copies of the handwritten pages shown in the story I read). The "researcher" kept stringing him along as long as he could, stalling, and asking for more, while the scammer complained that he hadn't been paid yet! Great stuff...

Now that is good, lol.

reverse h4x
Even if I knew how, then what? According to the Guardian article (post #8 (http://ubuntuforums.org/showthread.php?p=10792654#post10792654)), they did track him down and they closed down his website. It made no difference; he's still working, opening new websites and scamming new victims. And I'll bet there are others.

Uhh... What is tubgirl... I don't want to Google it.

My personal record was 42 minutes on hold, with a cold caller; I almost started to feel guilty when I came back from lunch and the light was still on the phone.

I know of someone who'd had enough, made out that the intended recipient of the call had been murdered, and that the caller had to stay on the line for the purposes of the investigation. That's probably taking it a bit far.

http://www.youtube.com/watch?v=YvJQxgtJW94
:lol:

Uhh... What is tubgirl... I don't want to Google it.
If you are even slightly squeamish, you don't even want to know. It's the worst picture I have ever seen. :-&


This sounded like easy money from crazy Americans to the Nigerian scammer...
Watch out for those Nigerian scammers. You don't want to mess with them if they know where you live. Read the warnings on 419 Eater (http://www.419eater.com/html/baiting.htm) (I have read much worse).

Uhh... What is tubgirl... I don't want to Google it.

A character from internet folklore, just Google it, it isn't as bad as they are making out. There are much, much worse things on the internet than plain old tub girl.

A character from internet folklore, just Google it, it isn't as bad as they are making out. There are much, much worse things on the internet than plain old tub girl.

There are indeed, but nothing I'd want to risk some poor sod seeing. :)

There are much, much worse things on the internet than plain old tub girl.
There are indeed, but nothing I'd want to risk some poor sod seeing. :)
You make me feel terribly naive. Perhaps I am :).

I can't imagine what could be worse. I don't want to.

You make me feel terribly naive. Perhaps I am :).

I can't imagine what could be worse. I don't want to.

Rule 34, your favourite TV show(s) as a kid.

Don't google that unless you want some real pain!

You make me feel terribly naive. Perhaps I am :).

I can't imagine what could be worse. I don't want to.

Don't Google 'two girls one cup' then.:D

Nooooo...

Nooooo...

...too late.
That really is hard.

...too late.
That really is hard.

The only video I've seen that made me feel a bit ill, and the last video I blind-googled.

The only video I've seen that made me feel a bit ill, and the last video I blind-googled.
a mere description of the content was more than sufficient to satisfy any curiosity I might have had.

http://imgs.xkcd.com/comics/x_girls_y_cups.png

but back to the topic at hand, yes, a honeypot seems like a good approach. lace it with attack malware if you think you can control it (just remember Outbreak).

or, change your backdrop to an NSA watermark, and set everything up to look like a govt spook system. that will give them pause.

Google results for "<x> girls <y> cups"
Someone had too much time on his hands!


a honeypot seems like a good approach. lace it with attack malware if you think you can control it
If I knew how, I would. But I bet their machines are well protected against attack, or at least have a snapshot to recover from.


change your backdrop to an NSA watermark...
They're not in the USA, so I don't think they'd give a damn.

ROFL


How do people even think of doing things like this? Weird! I'm lucky I'm not squeamish. But I definitely will consider doing this, if I can get hold of a legal copy of Win 95 or 98 (I don't think my machine will run XP or higher in a virtual box).

It would definitely make my day...

So, let's see. So far, we have the following ideas (including some of mine):



Load Windows in a virtual box where he can't do any damage. Load tubgirl as the desktop wallpaper (if you can stand it). Snapshot the installation.
Ensure that the windows box runs very slowly, so as to elicit maximum frustration from the scammer. (Does Virtual Box allow for such niceties?)
When the scammer calls, get him to hold for a long time, perhaps by coming back every minute to say, "Please hold, I'll be with you shortly, I'm just trying to reboot my computer."
Finally, relent and engage him in pointless distracting conversation; see if you get the 100 points (http://ubuntuforums.org/showthread.php?p=10792554#post10792554). Even more points if he keeps making mistakes.
When he wants to reboot the computer, revert to the snapshot, and delay the reboot for at least ten minutes, claiming that your computer always takes 10 minutes to boot. Play some irritating old rap music clip to him repeatedly during the reboot, repeatedly asking, "Don't you love this music?"
Repeat steps 4-5 several times until he's beating his head against the computer screen.


Any further ideas?

Socket 3 (486) motherboard with a Pentium overdrive processor under clocked to 8 Mhz and 20MB of RAM running Windows XP.

http://www.winhistory.de/more/386/xpmini_eng.htm

Here's the link to the scammer that wrote out the entire Harry Potter book.
http://419eater.com/html/joyce_ozioma.htm#

Telemarketers are the best part of my day, I love it when they call. My bank kept calling me after I paid off my loan, they tried to get me to take another personal loan and asked me what I would spend the extra money on. I told them I'd spend it on the same thing I spend the rest of my money on.....hookers and coke.

Would metasploit be any use in this instance?

Would metasploit be any use in this instance?

Metasploit would be of use in many instances. But as you had to ask the question, I suggest you do some research into what Metasploit actually is before you even think of using it...

OK, I really want to do this.

Where can I get an extremely cheap copy of Windows XP (as I will be using it only for the scammers, nothing else)?

I have found (legal) copies on eBay for about £10 (roughly $17) including postage to the UK.

Can anyone find better than that?

OK, I really want to do this.

Where can I get an extremely cheap copy of Windows XP (as I will be using it only for the scammers, nothing else)?

I have found (legal) copies on eBay for about £10 (roughly $17) including postage to the UK.

Can anyone find better than that?

I'm guessing that's the best you're going to do. I have a (legal) copy I could send (for free, I don't want it), but shipping would probably be kind of expensive across the Big Blue. IDEK if my parents would let me send it though since (a) I don't know you and (b) they're parents. So yeah, just go for the $17 one. And good luck!

Metasploit would be of use in many instances. But as you had to ask the question, I suggest you do some research into what Metasploit actually is before you even think of using it...

Hey, I'm a wireless cracker, I know bugger all about *sploiting ;)

I'm guessing that's the best you're going to do. I have a (legal) copy I could send (for free, I don't want it), but shipping would probably be kind of expensive across the Big Blue. IDEK if my parents would let me send it though since (a) I don't know you and (b) they're parents. So yeah, just go for the $17 one. And good luck!

Or you could post in the community market and say something like "I'm looking for a cheap copy of Windows whatever for a project (link to this thread). Anybody have one they'd be willing to part with or know where I can get one?" You just might get a super-cheap copy.

I have a (legal) copy I could send (for free...
Thanks for the good wishes. Your parents are probably right, if you are a minor. Best to be safe -- be Linux, not Windows!


Or you could post in the community market...
Thank you, I'll consider that. EDIT: The community market (http://ubuntuforums.org/forumdisplay.php?f=38) seems dead; only four threads, all of which were posted 2 week ago.

I wonder if this wouldn't be enough:
http://www.gizmag.com/chinas-xp-themed-linux-now-available-in-english/13900/

but then again, I don;t think there is a linux RDP server, just the rdesktop client.

I wonder if this wouldn't be enough:
http://www.gizmag.com/chinas-xp-themed-linux-now-available-in-english/13900/
No, sadly it wouldn't work. They have a working knowledge of the innards of Windows, enough to install malware. He also needs to connect via a Windows program (I don't know which one, as we didn't manage to get past Start > Run, LOL).

It needs to be a real Windows system; one of XP, Vista or 7.

Thanks for the good wishes. Your parents are probably right, if you are a minor. Best to be safe -- be Linux, not Windows!

Being a minor stinks sometimes. Other times it's good, but that's another story.


Thank you, I'll consider that. EDIT: The community market (http://ubuntuforums.org/forumdisplay.php?f=38) seems dead; only four threads, all of which were posted 2 week ago.

Couldn't hurt to attempt to revive it. The worst that can happen is nobody will respond.

Could you possibly run that Windows program (when you find out what it is) in WINE, PlayOnLinux, etc. on a virtual Ubuntu installation? That would really be interesting if he got connected and found out it was a Linux machine. It'd be even better if you set it up to look like Windows.

Must be the Customer Service at Apple! :lolflag:

Must be the Customer Service at Apple! :lolflag:
AreOhEffEll

Being a minor stinks sometimes. Other times it's good, but that's another story.

It's a self-limiting condition. It just takes time. :)

So any update on this?

So any update on this?
I have created my virtual box, but have not yet managed to get the Remote Assistance (which presumably would be required) working.

The odd thing is how fast XP is on the virtual machine, even with a mere 64Kb RAM allocated to it! I'm not sure how to slow it down further.

Unfortunately, I have not been called again. I know that some others in my area have been phoned repeatedly. Therefore, I await the next phone call with anticipation, while trying to get the Remote Assistance working...

I have created my virtual box, but have not yet managed to get the Remote Assistance (which presumably would be required) working.

The odd thing is how fast XP is on the virtual machine, even with a mere 64Kb RAM allocated to it! I'm not sure how to slow it down further.

Unfortunately, I have not been called again. I know that some others in my area have been phoned repeatedly. Therefore, I await the next phone call with anticipation, while trying to get the Remote Assistance working...

I hope you mean 64mb, otherwise you've broken a record there ;)

I hope you mean 64mb, otherwise you've broken a record there ;)
Absolutely, yes, I meant 64Mb! :lol:

:lolflag:

/me rushes off to reactivate the "Boston Legal" email account I set up a year or two back.

Well, the telemarketers have a script: they know how the conversation should go, and that is their advantage. Here is something I found that lets you beat them at their own game - http://www.neatorama.com/2006/10/15/anti-telemarketer-counter-script

Well, the telemarketers have a script: they know how the conversation should go, and that is their advantage. Here is something I found that lets you beat them at their own game - http://www.neatorama.com/2006/10/15/anti-telemarketer-counter-script
I don't really like that, since it wastes my time as well. My goal is to waste the telemarketer's time and not my time.

So I still stand by the old "Oh, I'll go and get him. Hold on" while putting the phone on mute and then just leaving it off the hook.

Here is something I found that lets you beat them at their own game - http://www.neatorama.com/2006/10/15/anti-telemarketer-counter-script
That gave me a few good laughs!


I don't really like that, since it wastes my time as well. My goal is to waste the telemarketer's time and not my time.
I see it as a public service. As long as I have him on the phone to me, wasting his time (albeit mine as well), he is unable to sucker some innocent who is not wise to his foul fraud. Of course, I can have the virtual machine running on one desktop while I continue my work on another, thereby significantly slowing down the virtual machine's responses.

My son was being harassed by these scammers to the point that the police became involved & he now has an unlisted phone number.

Here's an relevant TV item I found (I'm watching the show as I type): http://tvnz.co.nz/fair-go/june-1-4202937

I use to have a landline, was paying about $30.00 AU a month, just to have telemarketers phone me. Canceled it about 3 months ago and use the mobile (cell) phone ($49.00 AU a month) and went naked ADSL, increased my speed and download/upload (from 60 Gb p/m to 150 Gb p/m). Best decision I've made financially.

My son was being harassed by these scammers to the point that the police became involved & he now has an unlisted phone number.

He's wasting his money on having an "unlisted" phone number; it might stop a few scammers who just go through the phone book, but I work for a legitimate market research company and if we ever need to do mass dialing we just randomly generate phone numbers and check them against our internal database of known business numbers, known faxes, internal Do Not Call list etc. I'm sure telemarketers and scammers do the same.

It's amazing how many people seem to think that telemarketers "get my number from somewhere". Why would a telemarketer bother to pay good money for a list of valid phone numbers when they can just use an automatic dialer and have it randomly generate phone numbers to dial? It's not like they get charged for calls to nonexistent numbers.

If the country you live in has a telemarketing Do Not Call List, then make sure you get on it. It won't stop international telemarketers, and in Australia it doesn't stop government-regulated market research or charities, but at least it will stop domestic telemarketing calls.

@3rdalbum: I'll get back to you on this one...

I've never heard of these scams.
Are they that common? Or is it just in some countries?

I've never heard of these scams.
Are they that common? Or is it just in some countries?

We use a digital answering machine, which causes 95% of the phone scammers to hang up as soon as their computers realise the situation.

I've never heard of these scams.
Are they that common? Or is it just in some countries?
They are common enough to hit the news. If they didn't ruin some people's lives, it would be a funny curiosity. But they do ruin people's lives through banking and identity theft.

This just in:

CONGRATULATIONS YOUR CELL NUMBER HAS BEEN AWARDED £510,000.00 POUNDS IN THE ONGOING UK PROMO FOR CLAIMS SEND EMAIL TO: iphoneinc@live.co.ukHappy days! I'm rich!

(Apparently the SMS came from a German number, but I didn't get any hits when I searched
in a German phone directory. For the records: I'm in Europe, but not Germany.)

We use a digital answering machine, which causes 95% of the phone scammers to hang up as soon as their computers realise the situation.

One thing that annoys me, I can't remember if I had it happen on a tape-based answering machine (it has been a while), is when people hang up after the beep without leaving a message. On the other hand, as long as the caller isn't calling from a confidential or unlisted number, the voice mail service we use from our phone company is able to tell us the caller's number..... :D

Or just call the cops saying scammers are calling you to try to get access to your pc.

Or your phone provider if the cops are "busy".
Have to call Dunkin Donuts to reach a cop.

They've surfaced in New Zealand.

http://www.stuff.co.nz/technology/digital-living/5323349/50-000-Kiwis-fall-victim-to-computer-virus-scam

I got a couple of calls from them. These are the notes I made at the time, in case they got really persistent and I needed to report them.


Both calls young woman with asian accent and not very clear english.

Noise in the background both times, a number of other people speaking.

Asking about my computer. The second time, gave some technical-sounding name such as Computer Technical Support for Windows.

First time, tried to tell me that my computer was causing a problem on the internet. When I mentioned that I didn't use Windows and that I hadn't been told their name, she hung up.

The second time, she didn't get that far. She asked was I the main user of the computer. I said, "Yes I am." then silence. Then a hangup. I strongly suspect it was going to be the same thing.

Even though I knew perfectly well what I was dealing with, it wasn't fun.

If you want to waste their time, it's best to lead them on. If you're experienced enough with Windows, you can pretend you're doing all this on a Windows computer, even though you're not doing anything at all.

You could always find reasons to restart the process and have them explain it again, or when they get to the point that they want your credit card information, explain that your [insert relative here] is good with computers and should be able to handle the virus themselves... Just get creative. The best way to keep them on the phone and wasting time is by letting them think they've got you.

I never get scammers this interesting..I normally get diploma mills trying to sell me degrees. But this has all been amusing food for thought. (and pity on those who were brought aware of tubgirl by this thread)

ETA: my favorite response to telemarketers: "Marry me!"

If you want to waste their time, it's best to lead them on. If you're experienced enough with Windows, you can pretend you're doing all this on a Windows computer, even though you're not doing anything at all.

You could always find reasons to restart the process and have them explain it again, or when they get to the point that they want your credit card information, explain that your [insert relative here] is good with computers and should be able to handle the virus themselves... Just get creative. The best way to keep them on the phone and wasting time is by letting them think they've got you.

and then mid scam ... exclaim ... oh, sh**, got a blue screen .. have to re-boot and let's try this again!! and take forever for it to the desktop again (typical Windows boot thing!)

Here in the US, one of the scams is to allow remote access to the computer so that they can "fix" the problem. (steal your information)

I took one of them for ride a few weeks back with the "there you go, you should be able to get in now!" and when they came back with the "no can't see anything" give them the "then there is something wrong with your computer .. maybe you got a virus!"
Guy was speechless .. and then I hung up!!

These are the notes I made at the time, in case they got really persistent and I needed to report them.You're wasting your time. They were already tracked down (http://ubuntuforums.org/showthread.php?p=10792654#post10792654) and had their website taken down, but for them it was just a temporary interruption.


If you're experienced enough with Windows, you can pretend you're doing all this on a Windows computer, even though you're not doing anything at all.Only up to a point. They want to connect using TeamViewer (http://www.teamviewer.com/).

That's why I've created a Virtual Box (which I did get working eventually). I'll let them waste as much time as I can with it, because they can't do any damage. Having said that, I like your ideas -- the more we can stall them, the more frustrated we can make them while keeping them away from other victims.

It would be nice for the banks to get together and make a pool of fake credit card numbers, for which you could register in order to help trace scammers. If you use the card, no money will be transferred, but the banks will be immediately alerted. Hmm, there's an idea...

If the country you live in has a telemarketing Do Not Call List, then make sure you get on it. ...but at least it will stop domestic telemarketing calls.

I wish that was true. I have been on this country's Do Not Call List since inception. It hasn't slowed down the callers one bit. :(

I wish that was true. I have been on this country's Do Not Call List since inception. It hasn't slowed down the callers one bit. :(

"Do not call" only keeps honest people honest and only works on a land line or VoIP .. not cellular. In the US, registered charities and politicians are exempt for one, for another most are now computer generated dialing and OFF SHORE usually in a country that is not a signatory on to the International Internet Agreement (such as Nigeria), so no way to prosecute.
I have a unit called "tele-zapper" (from Radio Shack) that is on the line and puts out the tone signal that indicates that the line is no longer in service. A computer hits that, and it will put that in memory and not dial that number again for a couple of months.
Most of the people that call me regularly know about the unit and just stay on the line until I pick up! (took an inordinate amount of time to train the Doctor's receptionists .. and some still try and use their computer dialer .. missed messages!!

before they connect remotely to the virtual box have everything disabled in Internet explorer eg activex, javascript, flash
have a SLOW Internet (download a ubutnu dvd via torrent on the host)
then disable/remove IE service also lock out the registry, command prompt, run dialog
maybe infect it with a few virus to slow it down
this way they have to do work on it just so they can infect it
of course put the cpu speed as low as possible same for video memory and ram
and have it running a PI calculation in the background

before they connect remotely to the virtual box have everything disabled in Internet explorer eg activex, javascript, flash
have a SLOW Internet (download a ubutnu dvd via torrent on the host)
then disable/remove IE service also lock out the registry, command prompt, run dialog
maybe infect it with a few virus to slow it down
this way they have to do work on it just so they can infect it
of course put the cpu speed as low as possible same for video memory and ram
and have it running a PI calculation in the background
Excellent ideas, thank you!

I don't know how to disable or remove IE service or to lock out the registry and command prompt.

How do I get viruses to infect it? Run Windows without a firewall or antivirus, and connect it through the router's DMZ, yes? How will I know once it has been infected?

I just like how they call somehow "knowing" you have a virus... yet they can't tell you what type of computer you're using? They sure are phishing, and sadly, I bet it works sometimes :(

They sure are phishing, and sadly, I bet it works sometimes :(
That's why they do it. That's why I would like to waste their time and why spam baiters (http://www.419eater.com/) exist.

I have never had one of these. I really, really want to get one, just so I can play with them a bit.

agreed. Anyone who get's the next one, give them my number :-)

Excellent ideas, thank you!

I don't know how to disable or remove IE service or to lock out the registry and command prompt.

How do I get viruses to infect it? Run Windows without a firewall or antivirus, and connect it through the router's DMZ, yes? How will I know once it has been infected?

Also, make sure to fill up the desktop with icons. For some reason, it really slows XP down.

Also, make sure to fill up the desktop with icons. For some reason, it really slows XP down.
LOL, I would never have thought that! I suppose I should also have a big cache for IE and fill it up.

Also, make sure to fill up the desktop with icons. For some reason, it really slows XP down.

I can confirm this, I used it for 6 or 7 years, it sped up what seemed like 100% when I deleted most of my icons.

That gave me a few good laughs!


I see it as a public service. As long as I have him on the phone to me, wasting his time (albeit mine as well), he is unable to sucker some innocent who is not wise to his foul fraud. Of course, I can have the virtual machine running on one desktop while I continue my work on another, thereby significantly slowing down the virtual machine's responses.

Hey, for your windows copy, try ReactOS, if I'm not mistaken, it's still in dev stage. It's only about 50 megs and looks very much like Windows. It doesn't run off of the Linux kernel. It has it's own to emulate Windows. Might get him frustrated a little. If he's using a script, I doubt he knows to look for subtle differences especially ones that small.

Idea:

If you recognize it as a scam early (i.e., before they start asking about the computer), you can tell them your computer is turned off, and stall for about 15 minutes, saying that it's starting up.

It might be entertaining to run Windows RG in full-screen and see what they make of that.

http://www.deanliou.com/WinRG/

Hey, for your windows copy, try ReactOS
I have looked at ReactOS but I was unable to get it to work. It's OK, though, I have managed to get hold of an old unused copy.


If you recognize it as a scam early (i.e., before they start asking about the computer), you can tell them your computer is turned off, and stall for about 15 minutes, saying that it's starting up.
I will do just that.


It might be entertaining to run Windows RG in full-screen and see what they make of that.
That's funny. However, not only would that be immediately obvious, but also they could not even connect to it. They connect using TeamViewer.

You could also make a simple program and have it run when they connect hahaha
The program would move the cursor to every position...! It is very annoying and very simple-to-make. I have attached the Ubuntu-version code and executable but you need to compile it for windows using QtCreator or something :/
It is very funny anyway :D

Well, I've just had a second call in as many weeks from the scammers trying to hijack my computer.

By the way, the caller ID shows no telephone number. Obviously.

The first time:

In hindsight, I realised that I could have wasted his time, delaying him for at least a few minutes from messing up someone else's computer.

So...

The second time:

A few minutes ago I got another call. This time, I pretended to be curious. Here is an abbreviated version of the conversation.

So...

My question is, what could a person do in preparation for the next call, to waste as much time as possible of these deceitful scammers? The more time we waste, the less time they have to mess with a more gullible person.

I did think of using Windows in a Virtual Box, but I don't have Windows. Although, if I did, it would run very slow on my computer, making it excitingly time-wasting!

You have a windows start button on Linux? :confused:

This is a well known scam, they usually call from VOIP numbers like this:

http://www.whycall.me/25240212258.html

he called me up and I went on my daughters Windows Machine (teenagers... what are you gonna do huh?)

He'll try to get you to open up Event viewer, then he'll find an error, there's ALWAYS errors in Windows event viewer. Then like an oscar winning actor he'll say "OMG, do not click this error, this is very dangerous!"

then the pitch will come in where I need to download latest anti-virus. If you dig up info on them you'll soon find out that Windows users lose an average of 800+ dollars, I don't understand why people don't just buy a new computer with this type of "Repair expense"

I love playing along with these people and wasting their time. I will always give them blatantly false information and pretend that I am an idiot who cannot do the simplest task on a computer and then when they ask to take control of my PC I always say 'ok but may I first have you telephone number, email address and street address?' They always hang up, good times.

That's if I have time of course. If I don't I just tell them to leave off and hang up.

Only thing I use my landline for is to connect my DSL,
I dont even keep the ringer on. lol

But this kinda makes me want to get a call from these clowns. lol

Shady!

They rang my SIL some time ago, and unfortunately for them, I answered the phone.

THEM: Good afternoon, this is (name) from Microsoft.
ME: No you're not!
THEM: Not what?
ME: You're not from Microsoft!
THEM: Yes, yes I am.
ME: OK, I'll play your game.
THEM: What game?
ME: This scammers game you want to play.
THEM: [silence - hang up]

A few days later, they rang again, this time on our landline, and again, I answered. Keep in mind our ph# is on the Do Not Call register.

THEM: Hello, my name is [name] and I'm ringing from Microsoft about your computer.
ME: My computer? The computer that I use? (My laptop is Ubuntu only)
THEM: Yes, we have found some virus' on it.
ME: Can you hold the line please?
I put the phone down and go get the mobile. I then punch some random numbers so that the mobile beeps, then wait about 30 seconds before picking up the phone.
ME: OK, how can you help me?
THEM: What was all that beeping?
ME: Oh that! I was just tapping in to my work so that this call can be traced. Did you now that I work for ASIO? (In real life, ASIO is Australian Security Intelligence Organisation)
THEM: ASIO?
ME: Yes, the Australian Scam Investigation Office.
THEM: [hang up].

Haven't had calls from them on either phone since.

I just like how they call somehow "knowing" you have a virus... yet they can't tell you what type of computer you're using? They sure are phishing, and sadly, I bet it works sometimes :(

Sadly, my niece fell for their 'charm', and within 5 minutes of hanging up (after she gave them access to her laptop), she was on the phone to me asking what had happened. I told her that she had just been scammed, so reformat the HDD and start with a fresh install.

She didn't have the back-up discs, and she didn't make any when advised to when she first got the laptop, so it cost her A$120 to get her local pc repair shop to do the work.

The problem is she is so stupid that she WILL fall for it again, so I have told her that I no longer fix Windows pc's as it is just a waste of my time. She wasn't happy about it, but it's not my problem any more.

I told her that she had just been scammed, so reformat the HDD and start with a fresh install.
If she has anything to do with money (Internet banking, PayPal, on-line shopping, etc.), also change all those passwords.

I have my honeypot Windows XP set up on Virtual Box with slow CPU, low RAM, etc. where I can let them play around and waste their time. But they haven't phoned me back yet!

Nine months later (!), and the scammers phoned again. I had my Windows XP honeypot ready!

Riding off the back of genuine websites (LogMeIn, ConnectTechnician, Ammyy), they had a not-very polished speech. Well, not polished to someone who knows something about computers, but it would quite easily take in your "normal" Windows computer user.

My honey pot with Windows XP was (deliberately) very, very slow (Virtual Box is great in allowing this!). Thus, I managed to waste over two hours of his time (every time we had to wait for the computer to respond, I got on with something else in my Ubuntu session :D ). That's two hours that he was not scamming someone vulnerable.

Here are some points that I noted during the conversation.



He was calling from India.



He was calling from Microsoft Support Services because my computer had notified Microsoft that it had "automatically downloaded malicious software".



The malicious software was the reason why my computer was so slow.



He had me open the Event Viewer (eventvwr) and pointed out the error messages (which, by the way, are completely normal in Windows). "Oh my God! Oh my God! Oh my God! Your computer is completely damaged!" he exclaimed.



After taking control of my computer (while getting me to do things he could have done himself; I don't know why), he hovered the mouse over the bit in the task bar that hides icons. The tooltip read, "Hiding inactive notification icons". He said, "Oh my God, your icons are completely gone! Never mind, our technician will solve that for you."



He secretly loaded a file into my C:\ folder, named Licence Checker.exe. He then had me run it.

It pretends to check with the Microsoft server and then reports that my license has expired. Funny -- it still managed to check with Microsoft's servers when I reran it later after disconnecting from the Internet. It must be clever!

(Of course, when you purchase Windows with a machine, its license does not expire.) He explained, "You see, your license has expired, and so now your machine is running illegally. Tomorrow, your computer will not start up any more. You are running in a grace period. But don't worry, our technician will fix that for you."

And, oh gosh, when you look at the message... it's only one hour before the computer becomes inoperable!



He ran me through a genuine website that showed a support package; then in a new browser window took me to his PayPal payment page to pay him (not the genuine company) the fee. He told me that this would cover my computer and all other computers in my household that I should ever get, for life.



I baulked at the price of $299 (obviously -- I wasn't going to pay him!). He reminded me that I was using Windows illegally because the license had expired, and so if I did not renew, it would mean I could not run any Windows ever from this household any more, as my address was registered with Microsoft as running illegal software.



I still baulked, saying I would take my computer to be recycled, and purchase a reconditioned Mac computer from the computer shop down the road. He offered me a massive discount, down to £80 (about $127). Naturally, I still refused, and he said "it is as you choose", but I would never again be allowed to run Windows in this household.


Oh well, I guess he'll have to sue me, LOL.

The lies and the level of deceit are disgusting. I have reported his PayPal account to PayPal, though I doubt PayPal can do anything about it.

I wonder if there is anything else one could do?

I have attached a couple of screen shots (note the spelling and grammar mistakes).

If you would also like a copy of the supposed licence checker program, let me know -- but, warning, it may contain malware (my honey pot was in a VM where it couldn't harm anything else).

EDIT: I am no longer sure that ConnectTechnician is a bona fide website.

You experience seems very similar to that of people who have been targetted by this company:

http://windowsesolution.com/contact.php

I have had a few calls from them in the various guises that they use , and always let him talk me through the process, which involves getting windows users to open the "event viewer" and look at all the "critical warning error messages"
He then proceeds to tell me that he can give me an access code for the website and he can access my computer and fix the problem which "Microsoft cannot fix"

They call using a VOIP/SKYPE number but always leave a UK number as a contact number.

Huge scam, and not funny for those who are tricked into believing that they need to spend the £100 in order to keep using their Windows computer.

However there is immense satisfaction in waiting until the guy finishes his pitch and then saying, "Oh, sorry did I mention I am running Linux?"

He hangs up pretty sharp after that.

The company mentioned above is part of a huge list of companies operated from Kolkatta in India, with registered offices all over the world.


Let all your Windows using friends know about this thread too!

That's pretty sad and pretty funny at the same time.

I'm sure the scam works too, otherwise they wouldn't keep doing it.

However there is immense satisfaction in waiting until the guy finishes his pitch and then saying, "Oh, sorry did I mention I am running Linux?"
Well, I used the honeypot to keep him on the phone for over two hours, rather than telling him I use Linux. It keeps him busy wasting his time.

That's pretty sad and pretty funny at the same time.

I'm sure the scam works too, otherwise they wouldn't keep doing it.
Sadly, yes, they do take in many people. I have my suspicions that they also install other software, perhaps keyloggers.

This site has most of their numbers listed on it somewhere.

http://whocallsme.com/Phone-Number.aspx/02080990390

The page shown has comments from people who have been called by them too.

Well, I used the honeypot to keep him on the phone for over two hours, rather than telling him I use Linux. It keeps him busy wasting his time.

Sadly, yes, they do take in many people. I have my suspicions that they also install other software, perhaps keyloggers.
Probably. It was odd to see them run something in a cmd window, when they had a GUI program that did the same thing.

Kind of makes me wonder if they ran a batch file that installed other things.

Probably. It was odd to see them run something in a cmd window, when they had a GUI program that did the same thing.
It issued the command "tree" before displaying the error message, which looks like technical fancy stuff to a rookie user. I think using the command line was intended to awe.

I pretended to be suitably awed as the directory tree scrolled past!


Kind of makes me wonder if they ran a batch file that installed other things.
They come in with either Team Viewer or LogMeIn (mine was the latter). They are able to install and do other work without having to display anything to you; that's how they installed the fake license checker program (while I was being awed by some other nonsense).

I would have called the police from another phone during the attempted scam.

Ridiculous for sure.

I would have called the police from another phone during the attempted scam.
No, no point. If you read one of the earlier posts in this thread, you'll see that they pop up as fast as they are discovered and closed down. For the UK police to try to trace them down in India would be terribly hard, especially if they are using VOIP (which I think they are, as the telephone number is bizarre: 09999) -- and what evidence do I have? The call is not being recorded.

If you live in America (I think that's the only place it's available now?) and have Google Voice, you can record the call:
http://support.google.com/voice/bin/answer.py?hl=en&answer=115082

No, no point. If you read one of the earlier posts in this thread, you'll see that they pop up as fast as they are discovered and closed down. For the UK police to try to trace them down in India would be terribly hard, especially if they are using VOIP (which I think they are, as the telephone number is bizarre: 09999) -- and what evidence do I have? The call is not being recorded.

Then I'd have done what you did.

I would have called the police from another phone during the attempted scam.

The last time they rang me, I kept putting them on hold, and then pressing random numbers on the phone keypad. When asked what the noises were, I told them that I was just transferring the call to a phone closer to the computer.

I also kept saying 'How's that?' in a way that it sounded like I was talking in to another phone. When asked what that was, I told them they were hearing things.

I kept delaying them, and pressing a single number on the keypad every now and then. After about 10 - 15 minutes, I would say, away from the phone, 'OK, so you got it?', which would make them ask the inevitable. I then tell them that they have been tracked and located by ASIO as I reported the caller as a possible terrorist. ASIO's main role is to gather information and produce intelligence that will enable it to warn the government about activities or situations that might endanger Australia's national security.


They must do a google search for ASIO as they hang up really quickly, not even thanking me for my time. Rude pricks!

Excellent work Paddy !

This thread should be tweeted.

Would make a great blog entry...

I had a call from someone who said they were with "windows registry" and they had "detected a problem with my windows licence" I just (not joking) screamed as loud as i can "I have LInux What the floop (floop not being the word i used) would you have to do with my comp" then i told them to floop off and called my mum and my gf's mum to tell them about the scammers and warn them not to do anything they do

havent got a call since

Nine months later (!), and the scammers phoned again. I had my Windows XP honeypot ready!Good to see a result at last Paddy, I have watched this thread from very early on :)


...Thus, I managed to waste over two hours of his time (every time we had to wait for the computer to respond, I got on with something else in my Ubuntu session :D ). That's two hours that he was not scamming someone vulnerable...
A well spent 2 hrs by the sound of it, =D>

Keep up the good work. yetiman64

Is there anything that the ordinary person can do to fight back? Can we track back what IP address they are using and just continually send pings to their gateway to slow down their connection? Or something? I'm not likely to get any more of these calls but I'd love to be able to fight back.

I told the first one what he was doing and why it was dumb to target me with this scam. He was my last one. I have cable now and don't even have (telephone/adsl) copper running into the place I've moved into afaict, yet to hear of anybody getting this kind of call on their mobile :roll: :lol:

My sister contacted me urgently one day and told me she had someone on her landline (fixed phone, called me with her mobile) who seemed to know as much as her service provider(s) telling her that her computer was broadcasting the details he was giving her onto the internet :shock:

I asked her if she had applied any of his instructions to her computer and she told me she had reviewed event manager with him but when he asked her to do anything more serious than that she decided to call me. I asked her if she had given her credit card number to them and she said "don't be silly", I'll cut this story short - Sister was unharmed and unworried at end of call.



My Ex kept one on the phone for an hour just oohing and ahhing over the event manager.


I think it would be very cool if you could opt in to have your phone set that if the caller cannot be clearly identified (and located) then their call is just rejected - it is far from 'beyond technology' to implement such a thing and if it was given the programming to allow users to define who they will accept calls from (ie., exclude any business identified as a tele-marketing concern and also exclude specific business types in specific regions, or entire regions if user so chooses) then telecommunications would be much better value for the dollars the providers usually want for providing it.

exclude any business identified as a tele-marketing concern

You can do that in some countries, but you have to register to opt-out. In the UK it's done through TPS (www.mpsonline.org.uk/tps/). Once you're registered it's an offence for telemarketers to contact you.

You can do that in some countries, but you have to register to opt-out. In the UK it's done through TPS (www.mpsonline.org.uk/tps/). Once you're registered it's an offence for telemarketers to contact you.

A good friend of mine owns a guest house in Bristol. He opted out and still gets unsolicited phone calls.

The "service" is a waste of time.

Excellent work Paddy !
Thanks, though many of the ideas came from other people in this very thread.


Is there anything that the ordinary person can do to fight back? Can we track back what IP address they are using and just continually send pings to their gateway to slow down their connection? Or something? I'm not likely to get any more of these calls but I'd love to be able to fight back.
One of the posters mentioned "reverse h4x0r". I think he means tracing him backwards and loading a virus on his machine. I don't know whether or not that's possible, as you'd have to go through LogMeIn or TeamViewer and through his router, but maybe it is possible.

I think Anonymous should stop targeting innocent people, and instead target fraudsters like this.


You can do that in some countries, but you have to register to opt-out. In the UK it's done through TPS (http://www.mpsonline.org.uk/tps/). Once you're registered it's an offence for telemarketers to contact you.
I live in the UK and I have been registered with TPS for years. Unfortunately, it doesn't stop the callers. It almost seems to be an invitation to call! Only persistent UK-based companies can be stopped because of the lack of resources.

I live in the UK and I have been registered with TPS for years. Unfortunately, it doesn't stop the callers. It almost seems to be an invitation to call! Only persistent UK-based companies can be stopped because of the lack of resources.

Agreed. Better than doing nothing though.

I had a similar experience yesterday. They asked me what operating system my computer runs, so I said Debian. They didn't know what that was and hung up.

On a distantly related side note, the scammers don't have to call you to scam your money..
My brother had a problem with his pc (which later turned out to be blown caps on his Dell mb) so he signed up for one of those "Driver Doctor" driver search websites. Paid $40 US to sign up for their service. Of course, one of their services was using Remote Desktop to help find the right "drivers" for his problem pc. Once in, they gave him the same basic scam pitch that others have run across... "Your pc is infected with BAD stuff pay us $300 US to fix it!". Luckily he called me before he paid them.

Long story short, he has new bank accounts/cards; is a little smarter when it comes to scams; and a new pc.

Fun! Another set of scammers called me. A bit more organised than last time, though this time they didn't have fake software.

Again, they ran off the back of genuine websites: Ammyy, LogMeIn, and IOBit (with the Advanced Systems Care, though they took care to rename the file and hide its origin).

Their website was creativesolutionsonline(dot)net and they work through the Bank of Baroda in India.

I was also a bit more organised, getting some nice screen shots and reporting them to LogMeIn.



The errors in the Event Viewer showed files that had been corrupted, and the warnings showed files that were about to be corrupted.



Another thing they did that I forgot to report last time was to open a DOS command window and enter "tree", pretending that this was scanning the computer for viruses. When it finished, they quickly typed "expired", and said, "See? This shows your license has expired."



Yet another was to issue the command "inf hacking file" (which just opens the directory C:/WINDOWS/inf) to gasp at all the malicious files there. "You don't know anything about these files, do you?" Then try to open a file, to which Windows reports that it doesn't know this file and how should it open it? That, obviously, proved that the files were malicious!



The computer is also slow, being restricted by my Virtual Box to little memory, no caching, and limited CPU. Naturally, this was caused by the malicious files in my computer.



Apparently CCleaner protects my computer against viruses, so my computer didn't have any viruses but it did have malicious files, which are more dangerous as they corrupt my files day by day.


I had to mute the telephone several times when I burst out laughing at their crap! But my laughter was a bit subdued by the knowledge that they use this nonsense to fool the gullible.

I didn't manage to keep them on the phone for over two hours this time, but I did manage over one hour.

At the end, I balked at the very last minute over paying, saying I'd rather take my very slow computer to the recycling and buy a new computer with Windows 7 and more RAM.

The woman passed me to her "manager" who was, I must say, well versed in selling. But, somehow (gosh, I don't know how), I wasn't persuaded. I told him instead I would go out to buy a Mac because they never get viruses. He got very agitated at that point!

It looks like you're known to them now. Expect more calls.

Once again, excellent work Paddy. I have really enjoyed reading this thread.

It makes up for that *cough* tub girl thread. :D

This made me laugh!

They have become a nice entertainment for you as you string them along.

The company you mentioned is affiliated to WinPCtechnologies, and various others, all based in Kolkatta, India and hosted on severs located in the UAE.

Here are a couple more responses that are good for getting rid of them:

1. Cover the phone microphone partially and say "Okay John, We have got him get a trace running on this one"

2. Just say "Yes" to everything they ask you, no other words, just yes.

3.Keep a book near the phone, and when they call, just start reading from it without pausing.

4. If you don't want to waste any time getting rid of them, the ultimate response to their first question is "This IS Micros*ft Technical Support, how can I help you?"



Keep posting your exploits, Paddy, they are great!

If you don't want to waste any time getting rid of them, the ultimate response to their first question is "This IS Micros*ft Technical Support, how can I help you?"

Genius ! :popcorn:

Here are a couple more responses that are good for getting rid of them:
If I'd just wanted to get rid of them, I'd have put the phone down.

Rather, I want to keep them occupied so that they have less time to spend on scamming others.

Oh yes, I have their UK-based phone number: +44 20 8099 0364 (obviously VOIP to India). Can anyone do anything with it?

If I'd just wanted to get rid of them, I'd have put the phone down.

Rather, I want to keep them occupied so that they have less time to spend on scamming others.

Oh yes, I have their UK-based phone number: +44 20 8099 0364 (obviously VOIP to India). Can anyone do anything with it?

It used to be possible to go to a payphone, put in a number (without inserting any coins) and the number would ring and the call would be connected, but then almost immediately disconnected.

If this trick still works, you could use it to just continually dial the phone number. Take your MP3 player into the phone booth and just blast these guys with phone calls for half an hour.

The frustrating thing about this is even a little bit of education can prevent a lot of this. If people were aware that unlike what hollywood have us believe there is no practical way for some company to magically know what is going on with their computer without having that companies software already installed on it, and most companies usually won't anyways even *if* you have their software it would pretty much stop these calls. I mean theoretically if you have norton you could get a call from symantec but I've never heard of them doing anything like that. Similar to this I see a lot of people see a popup from IE reporting infection and 'click here' and people click on it because they can't tell the difference between a web browser and a system message.

The frustrating thing about this is even a little bit of education can prevent a lot of this. If people were aware that unlike what hollywood have us believe there is no practical way for some company to magically know what is going on with their computer without having that companies software already installed on it, and most companies usually won't anyways even *if* you have their software it would pretty much stop these calls. I mean theoretically if you have norton you could get a call from symantec but I've never heard of them doing anything like that. Similar to this I see a lot of people see a popup from IE reporting infection and 'click here' and people click on it because they can't tell the difference between a web browser and a system message.

Yes, one of the real problems here is ignorance. If computer users would invest even just a little time and/or money on learning the basics of how stuff works, these scammers would be cut off at the knees. Youtube and Google Videos abound with free tutorials on all sorts of computer usage and basic security, but too many people think they don't need to know about all that stuff. Until a crook takes their money, then it's hue-and-cry time chasing the so-called "hackers" (Heck, I hate how the word "hacker" is so commonly used to refer to criminals with computers).

The scammers are criminal scum, obviously, but when it comes to your computer the last line of defense is YOU. Learn a bit about computers and the internet work (you don't need to be super-intelligent or a geek); and pick up on some of the tips in this thread. Together, we can make a difference. But only if we want to.

The real issue is that the "security" companies have scared people into thinking that technological threats are everywhere, when really most of the threat is non-technical and involves social engineering (let me trick you into installing this, let me trick you into giving me your password, etc.). Non-technical people then are constantly on the lookout for the best "antivirus" application and not really on the lookout for just spotting the common con artist.

Nine months later (!), and the scammers phoned again. I had my Windows XP honeypot ready!

Riding off the back of genuine websites (LogMeIn, ConnectTechnician, Ammyy), they had a not-very polished speech. Well, not polished to someone who knows something about computers, but it would quite easily take in your "normal" Windows computer user.

My honey pot with Windows XP was (deliberately) very, very slow (Virtual Box is great in allowing this!). Thus, I managed to waste over two hours of his time (every time we had to wait for the computer to respond, I got on with something else in my Ubuntu session :D ). That's two hours that he was not scamming someone vulnerable.

Here are some points that I noted during the conversation.



He was calling from India.



He was calling from Microsoft Support Services because my computer had notified Microsoft that it had "automatically downloaded malicious software".



The malicious software was the reason why my computer was so slow.



He had me open the Event Viewer (eventvwr) and pointed out the error messages (which, by the way, are completely normal in Windows). "Oh my God! Oh my God! Oh my God! Your computer is completely damaged!" he exclaimed.



After taking control of my computer (while getting me to do things he could have done himself; I don't know why), he hovered the mouse over the bit in the task bar that hides icons. The tooltip read, "Hiding inactive notification icons". He said, "Oh my God, your icons are completely gone! Never mind, our technician will solve that for you."



He secretly loaded a file into my C:\ folder, named Licence Checker.exe. He then had me run it.

It pretends to check with the Microsoft server and then reports that my license has expired. Funny -- it still managed to check with Microsoft's servers when I reran it later after disconnecting from the Internet. It must be clever!

(Of course, when you purchase Windows with a machine, its license does not expire.) He explained, "You see, your license has expired, and so now your machine is running illegally. Tomorrow, your computer will not start up any more. You are running in a grace period. But don't worry, our technician will fix that for you."

And, oh gosh, when you look at the message... it's only one hour before the computer becomes inoperable!



He ran me through a genuine website that showed a support package; then in a new browser window took me to his PayPal payment page to pay him (not the genuine company) the fee. He told me that this would cover my computer and all other computers in my household that I should ever get, for life.



I baulked at the price of $299 (obviously -- I wasn't going to pay him!). He reminded me that I was using Windows illegally because the license had expired, and so if I did not renew, it would mean I could not run any Windows ever from this household any more, as my address was registered with Microsoft as running illegal software.



I still baulked, saying I would take my computer to be recycled, and purchase a reconditioned Mac computer from the computer shop down the road. He offered me a massive discount, down to £80 (about $127). Naturally, I still refused, and he said "it is as you choose", but I would never again be allowed to run Windows in this household.


Oh well, I guess he'll have to sue me, LOL.

The lies and the level of deceit are disgusting. I have reported his PayPal account to PayPal, though I doubt PayPal can do anything about it.

I wonder if there is anything else one could do?

I have attached a couple of screen shots (note the spelling and grammar mistakes).

If you would also like a copy of the supposed licence checker program, let me know -- but, warning, it may contain malware (my honey pot was in a VM where it couldn't harm anything else).

EDIT: I am no longer sure that ConnectTechnician is a bona fide website.


Hay,

Been LOLing as I read through everything in here, even the tubgirl? hahaha Seriously guys (and girls)... Rotflmao...

Aaaaanyway.. would be interesting to compare an image of the VM before and after the "incident" to see what happened?... Even reverse engineering that exe file he left for you would be interesting...

But this is my curious side talking... I would shread that machine to bits to see if anything happend to it...

Lolz good work keeping them ocupied for a while... It truelly is sad I never get calls like this... (Must not like south africa)...

Awell keep up the fun :) and get these guys back!

Cherz

The real issue is that the "security" companies have scared people into thinking that technological threats are everywhere, when really most of the threat is non-technical and involves social engineering (let me trick you into installing this, let me trick you into giving me your password, etc.). Non-technical people then are constantly on the lookout for the best "antivirus" application and not really on the lookout for just spotting the common con artist.
Sad but true. I hope it will get better.

Had my first full run with them in a VM yesterday.

Another little twist they do that noone else has mentioned - using ******* Run command and what seems like a purely numerical string (it didnt look like a straight numerical IP) they install a dodgy browser toolbar.... which of course their CCleaner will find.

Maybe i got this 'special' treatment because my bait VM was clean with just a few alerts from the Atapi driver??

What was really priceless is that their own website went down, must have spent half an hour trying to get the payment portal to come up! in the end pointed me at the Canadian portal.

I've got a few Luhr-compliant card numbers which only fail at the CCV check, so the scammer then spent a while playing with my 'payment' details; capitalizing initials, putting in and taking out spaces etc.

So certain that they'd got a bite, they didn't twig that Mr Tony Hancock, 23 Railway Cuttings, East Cheam might be fictional - and that trying 'Anthony Hancock' wasn't going to make any difference. Nor did it strike them that Tony Hancock isn't who they called in the first place, so why would I be using his cards!!

So - about 30mins on Friday, well over 2 hrs on Saturday with a 10 minute followup with someone else - he must have been important 'cos there was no background racket in his office - i consider my public duty for this week is done.

Had my first full run with them in a VM yesterday...
Wow, roughly three hours! And a bite at the credit card -- you did well! Congratulations.


I've got a few Luhr-compliant card numbers which only fail at the CCV check...
I've wondered about approaching the banks to give out false credit cards that "pretend" to make the transaction (but really don't) specifically to use to help track scammers. Of course, the banks would have to be careful indeed about who got those cards, if they were to do this, but they probably wouldn't.

My question: Where do you get these "Luhr-compliant card numbers"? I've never heard of them before, and they would be fun.

read this for a laugh.. http://www.jupitercolony.com/viewtopic.php?f=7&t=15997&hilit=scam

fyi the forums are the Linux action show peoples forums

read this for a laugh.. http://www.jupitercolony.com/viewtopic.php?f=7&t=15997&hilit=scam
Great! I may just try that, LOL.

excellent work paddy !

This thread should be tweeted.

Would make a great blog entry...
+1

read this for a laugh.. http://www.jupitercolony.com/viewtopic.php?f=7&t=15997&hilit=scam

fyi the forums are the Linux action show peoples forums
Getting the scammers to send the shipping boxes (for his PC) to the local Police station, then ringing them to let them know evidence is on the way. Pure genius :lolflag:

So certain that they'd got a bite, they didn't twig that Mr Tony Hancock, 23 Railway Cuttings, East Cheam might be fictional - and that trying 'Anthony Hancock' wasn't going to make any difference.

Did you pronounce it "Hhhhancock"?

Having read this thread all the way through and at times sprayed coffee everywhere.........

Just thinking 'would they be able to convince me - or anyone - that the license for Windows 8 Beta has expired?'.

Taking into consideration that Win 8 does not like my hardware too much if they could get it working properly I might pay them however I won't.

One day I really will get to the phone before the answer machine cuts in.

Just thinking 'would they be able to convince me - or anyone - that the license for Windows 8 Beta has expired?'.
Good idea! Windows 8 in a VM should be good for a laugh. Especially with a LuhrLuhn-compliant card number (I need to find out how to get one of those).

Luhr-compliant numbers: darkcoding dot net, plus links to others.

The cards will pass the 'valid card number' checksum and only fail when they plug into the bank to verify the ccv (that's my understanding anyways)

oh wow, yeah these calls are ridiculous and also sort of funny. My friend told me that he got one recently; I wished I did, in a way, so I can mess with them similarly :P

Luhr-compliant numbers: darkcoding dot net, plus links to others.Thank you for the link. I am busy learning about the Luhn-compliant numbers!

You guy are lucky to have so much fun.

In my case I get a call every single day in the afternoon. The caller ID shows the name of my ISP. But when I pick-up the phone, no one talks. I am greeted with total silesce.

And when I leave the answer machine on, they don't leave any messages either.

But "they" still call home every single day without a break.



Don't know what's going on.

Hay all,

This sounds like really fun stuff to do, but I still am curious about the software and stuff. Maybe this things can be sent to anti-virus groups to put into their databases so unaware computer user with an anti-virus will have some kind of protection... Just a thought, not EVERY person can be educated.




My question: Where do you get these "Luhr-compliant card numbers"? I've never heard of them before, and they would be fun.

This is intresting and has been used in earlier years buy people buying stuff illegaly. You used to get a "credit card number generator" that would generate numbers passing the auth check performed by software (Most that you got could even "Validate" an entered number). However, as stated, it would fail the last test, due to it not existing lolz. However do not play with this (giving it to them, sure go right ahead) since most online sites track these "fake" numbers due to all the creditcard fraud going around. So just be careful not to get yourself on some government list hahahahaha...

Still thinking we should compare VM images, before and after. Could give some more techical insights into what happened on the computer.

Still, these guys are ruthless and will find new techniques as they go along... But we can sure as hell make their life difficult should they target the educated.

Cherz and keep up the awsum work

Maybe this things can be sent to anti-virus groups to put into their databases so unaware computer user with an anti-virus will have some kind of protection...
Unfortunately, they are using bona fide software that is used for valid reasons. For example, I use LogMeIn to help my father who lives some distance from me; the scammers do the same to "help" their victims. There is no way you can protect against that.


Still thinking we should compare VM images, before and after. Could give some more techical insights into what happened on the computer.
As far as I can tell, the only change with the first scammer was to load a fake program that pretended the license had expired; the second scammer appeared to load nothing.

How would one compare the before- and after-images? I still have them, and I would compare them if I knew how. Perhaps list all the files on the system and compare the listings?

How would one compare the before- and after-images? I still have them, and I would compare them if I knew how. Perhaps list all the files on the system and compare the listings?

md5sum of the .vdi file perhaps?

Hi


md5sum of the .vdi file perhaps?

That will not work :(

Kind regards

Hi

That will not work :(

Kind regards

Too bad. :-#

Unfortunately, they are using bona fide software that is used for valid reasons. For example, I use LogMeIn to help my father who lives some distance from me; the scammers do the same to "help" their victims. There is no way you can protect against that.

Yes I understand that, but I mean like the program that "Checks" if your windows installation is legal or not. Only an idea but I see there will be to many problems with it.


md5sum of the .vdi file perhaps?

That will only show IF there is a difference (and there WILL be since there was activity). There were some tools I used to use on windows when I was helping software developers debug their programs which monitored files/folders for changes, however I wonder, could you upload that "Verification" file maybe? Or even email it to me, I still have some disassemblers so I can have a peek to see if something looks strange.... Although it has been almost 4 years since I have last touched on raw asm...

The mail can be sent to my nickname at gmail dot com :)

The main idea behind comparing images (There MUST be a way, will have a google session later on to see) is to see what the commands might have done, for example that other guy that spoke about the strange numerical sequence he had to type in. Hidden DLL binds, reg key additions and so forth.

For example there used to be a way you could use a registry key in win XP (before the first SP release) to activate a build in DLL file in windows to capture all key strokes (exactly like a key logger).. A registry file to activate this "Keylogger function" was litteraly only 2 or 3 kb in size. This is purely an example.

Cherz

@zero2xiii:


Yes I understand that, but I mean like the program that "Checks" if your windows installation is legal or not. Only an idea but I see there will be to many problems with it.
Well, I think we can take as given that the Windows installation is legal. We discourage illegal software here.


I wonder, could you upload that "Verification" file maybe?
I will email it to you within the next few minutes -- it is 2.2Mb. I don't believe it does anything other than pretend that the license has expired, but be aware that it may contain malware.


The main idea behind comparing images...
I can do a list of all files in the before- and after-images and see what has changed. If someone can tell me how to convert the Registry to a text file, I will do the same with the Registry.

Hay all,

Paddy Landau: So, Frankly. I am dissapointed in these guys (I seriously expected more...)

I shred the file you mailed me to bits and pieces. Nothing. Here is my findings:

XN Resource Editor:

Version Data:
Product Version: 4.0.5.9
File Version: 4.0.5.9
Company Name: Windows >Not Microsoft<
File Descriptor: License Checker
Internal Name: License Checker.exe >Same as file name<
Legal Copyright: Copyright (C) Windows >Again Not Microsoft<
Assembly Version: 2.9.0.1 >Weird that it differ from the file version<

Interesting though is that is want admin rights inside its manifest? Have not seen this before... It uses a line stating:
<requestedPrivileges xmlns="urn:admin";"urn:administrator"
This is the only thing that stands out from the rest. The rest seems to be in visual basic coding. Not even a higher level language. Dissambled file suggests the same (I haven't stared at asm in over 4 years so I Might be wrong)

Network analist using wireshark:
Nothing. Straight forward nothing.

Up to the point where you enter your product key, anything you enter is seemingly invalid (It has no "valid" dialogue even coded).
When you say "Get Key" a dialouge pops up asking you for how long. Any of the options sends you to the same adress:
secure.ssl-gateway.com (according to wireshark)
hitting the "Home" button on the custom web browser (yep the included their own, not just opening up your default browser) it tries to open:
www.onlinewindowscare.com (according to wireshark)


Thats it, nothing interesting, no additional hardrive activity. Nothing.
The opening screen has some obvious errors, it uses no vars what so ever, it just assumes the file is located in C:/windows
And the install date is 10/22/2010 03:05:23 PM
(and a really bad photoshop of the keys from the WPA screen)



That is it. I really am dissapointed. Expected something more. A well. (Btw, it even runs in wine, reacting EXACTLY the same.... Soooo it seems like my ubuntu's license is not valid with microsoft anymore... curious... :lolflag: )...

Sooo thats it. Sigh.

Keep these guys busy, cause really, this is cheap... They couldn't even code anything decent.

Cherz

... it seems like my ubuntu's license is not valid with microsoft anymore...
LOL. Expect the police to come rapping on your door!


They couldn't even code anything decent.
The second bunch of people didn't even do that. They just typed "tree" into a DOS command window and pretended it was scanning the system, then typed "expired" and pretended the system had put it there.

I need to get someone who will spend hours installing malware. I wish it were possible to back-track to their computer and load a virus -- perhaps one that says, "Beware! This is a scam!" on the victim's computer as soon as a victim is about to add his credit card details, but without the scammer's knowledge.

One of my lecturers at University had one of these calls. He was a OSX user so he thought that he might as well play along a little bit. Before asking the caller "Do your parents use a computer?". Which he answered "Yes". Then my lecturer said "Imagine if someone rang your parents up about their computers and they followed the callers instructions and they end up falling into this scam, how would you feel?"

From the sounds of it, the caller didn't think of that and was deeply sorry!!

If I ever had that kind of call I would probably do the same thing... That or start rambling on about how they should send a kernel patch upstream to "fix" this security flaw. ;)

From the sounds of it, the caller didn't think of that and was deeply sorry!!
As the scammers don't give a damn, I would imagine the scammer was simply playing along, and merrily went ahead with his next scam after hanging up. I am somewhat cynical about people who cheat others like this.

I have created listings of my "before" and "after" sessions.

There were no changes to the files, apart from the obvious (cache, LogMeIn, Ammy, and the one program already mentioned).

I cannot compare the registry listings, because there are control characters before every other character. The files are viewable in gedit, but not from my comparison programs (Meld Diff Viewer, which says the files are binary, or Diffuse Merge Tool, which displays all the characters and makes it hard for me to read). Do you know how to eliminate those control characters so that I may compare the files?

I cannot attach the files, as they are too large; the compressed set takes 5.4Mb. If you wish to have a copy, let me know and I'll see whether or not I can use Ubuntu One to share the files (I've never used Ubuntu One so I don't know how it works).

Winhex (http://www.x-ways.net/winhex/) would do what you want although I don't think it's terribly user-friendly.

edit- the winhex user manual is 131 pages...

Winhex (http://www.x-ways.net/winhex/) would do what you want although I don't think it's terribly user-friendly.

edit- the winhex user manual is 131 pages...
Oh, a Windows program! Hmm...

I have uploaded the file to Ubuntu One (http://ubuntuone.com/1obFsxtrcTGRYqNQf0b4Ez) (5.6Mb).

Honeypot1.tar.bz

Sounds like a cross between a James Bond femme fatale and a thunderbirds spaceship. :D

Heh, I've had 8 calls from these guys so far. The first time they tried to tell me that my "windows server" had errors and that they can show them to me. I haven't answered the phone again, but they did call from a 1-000-000-0000 number.

Think it's time to set up a VM running Windows 95 or something and have some fun should they call back..

Think it's time to set up a VM running Windows 95 or something and have some fun should they call back..
That should be fun. Or download Windows 8 Preview and use that.

Windows 8 Consumer Preview (http://windows.microsoft.com/en-US/windows-8/download)
Windows 8 Developer Preview (http://msdn.microsoft.com/en-us/windows/apps/br229516)
How to install Windows 8 on Virtual Box (http://www.addictivetips.com/windows-tips/how-to-install-windows-8-on-virtualbox/)

I've had several of these scam calls. I usually tell them that I have put a curse on them and they will lose all their money or that they will go to prison.
This was the best retaliation that I heard of:
http://news.bbc.co.uk/1/hi/3887493.stm

The Lady of the painted breast! LOL

... I cannot compare the registry listings, because there are control characters before every other character. ... Do you know how to eliminate those control characters so that I may compare the files?
I have tried Winhex, which created an enormous report of 324Mb -- but it assumed that the input files were hex and produced a byte-by-byte hex comparison. No good.

I tried iconv, which succeeded in converting the UTF16LE files only part-way before failing, so that was no good.

EDIT: I have assumed UTF16LE, as the file command says so.

I have run out of ideas to compare the files. They are easily readable in gedit, but it seems no program can actually compare them sensibly :(

If no one here can help, I'll create a new thread to ask for help. EDIT: I've created a new thread (http://ubuntuforums.org/showthread.php?t=1946225) for this.

I don't want to rain on your parade, but you have ventured into the world of digital forensics. I haven't found anyone into that on Ubuntu forums. You may want to look for a digital forensics forum, I can't recommend any particular one as I haven't used any. There are a few digital forensics tool kits that are free: WinHex and SANS SIFT. Other more powerful toolkits cost thousands of US dollars. I haven't found the paid or free versions to be intuitive in the least. AFAICT, they require extensive knowledge and training to use them to their fullest extent.

Ms. Daisy, all I want to do is find what differences there are in two apparently text files! If it gets complicated, I won't bother. I've had no response to my other thread, so I think I'll not bother ;)

Thanks for your advice.

I did get a response, and BeyondCompare (http://scootersoftware.com/) was recommended. It's an excellent product. I compared the two files, and I found no suspicious change (as I expected).

I think what we need is a "scammer alert" program -- something that flashes on the screen and rings a bell saying, "SCAM ALERT! The person who is controlling your machine is a scammer. His IP address has already been noted and sent to the FBI and their contacts in India. Please do not give him your credit card details."

Set this program to run on a specific keystroke (say, Ctrl-Alt-Q), and press that keystroke just before you give him your details.

Now, does anyone know how to write this on a Windows computer?

I did get a response, and BeyondCompare (http://scootersoftware.com/) was recommended. It's an excellent product. I compared the two files, and I found no suspicious change (as I expected).

I think what we need is a "scammer alert" program -- something that flashes on the screen and rings a bell saying, "SCAM ALERT! The person who is controlling your machine is a scammer. His IP address has already been noted and sent to the FBI and their contacts in India. Please do not give him your credit card details."

Set this program to run on a specific keystroke (say, Ctrl-Alt-Q), and press that keystroke just before you give him your details.

Now, does anyone know how to write this on a Windows computer?
Not to sound negative, but I highly doubt that would be feasible. You would probably need a backend DB that stores the IP addresses and whatnot and something like that might even be considered malware by some.

Not to sound negative, but I highly doubt that would be feasible. You would probably need a backend DB that stores the IP addresses and whatnot and something like that might even be considered malware by some.
No, it's not necessary to be that complicated. Just something that pretends to have traced the IP address and notified the FBI etc. would do. Give them a bit of a scare.

Ah gotcha.

That is funny.
Start at 2:06 minutes for the phone scene.
http://www.youtube.com/watch?v=WhWavua-1FI&feature=related

That response wasn't funny at all. How long do you think they're going to hold on, when you aren't talking with them???

What you do, to waste their time, is chat them up.

"Where are you"
How's the weather
"I'm sorry - 1 more time please - I'm writing this down...
Call them by their name VERY frequently, beginning, middle, and / or end of phrases.
Can I get that offer by mail to look it over?
Is this a limited time offer - how long do I have ot make up my mind, because I don't spen money on the phone FIRST time.
etc., etc., etc., ...

pffft.

You really thought that other response was funny? You're easily amused (or just a poor brown-noser) ;)

One time, SUE said HE (he picked a name from the WRONG list), said he was in Phoenix (USA?), and he said it was cloudy and raining. My caller ID said it was a local number, so his SERVER wasn't even in Phoenix!!!

Being on the computer, I brought up Phoenix weather. Sunny, 22% relative humidity.

"Must be hard dodging those raindrops, huh Sue"

My wife was with a friend at his home when he received a call. Guess from whom?

As he spoke on the telephone, my wife urgently exclaimed, "Hang up! Those are scammers! They just want your money!"

"No, no, no," he waved at her. "These people are from Windows. They know what they are doing. They sent me an email. They can even get into my machine and see what I'm doing!"

"But they are scammers," my wife persisted. "Paddy knows about them. Hang up!"

Well, my wife left while he was still on the phone, convinced that they were genuine.

Fortunately for him, he did eventually realise that my wife was correct. But it shows just how easily non-technical people are fooled. "They sent me an email, so they must be genuine." Oh boy.

"No, no, no," he waved at her. "These people are from Windows. They know what they are doing. They sent me an email. They can even get into my machine and see what I'm doing!"

My reaction: #-o

The last time I got a call from one of those - I've had a few recently - I said to them: "Gee, you guys are poorly organised. I don't know how many times I've told you that I'm not using Windows, but you still keep calling me."

Guess what - they hung up. :)

Stuff like this almost makes me want to get a landline. Most I get on my cell is a few measly text messages

If anyone is still getting calls and uses a VM, try adding a few programs to the startup programs e.g. 100x IE. Should give you some laughs.

I remember I got a call from them. Dude told me I had a virus on Windows. I laughed and hung up.

i received a live phone call to eventually get me to download AA_v3.exe.

It was clearly a scam, i played along as a dumb and plausible person.
i agree with others, waste their time, as much as you can, it saves another victim.

I am ubuntu linux
I took him to the wire, 1.5 hours of his life
many long painful silences and i pushed it to the limit,
often picked up saying 'it's just re-booting, won't be long' then dashing away
I never actually lied at any time.

my side of the conversation went like this...


'Oh really, a Microsoft Windows engineer, yes my machine is going slow'
'Really, i have been infected, oh no, what should i do'
'No i don't have any AV software, i thought XP was safe'

'Yes I pressed the Win + R key but nothing happened.
12 Mins: of finding my Downloads folder.
'i clicked it but i'm not sure it's working i will reboot again'
4 Mins:
'yes i am on the website right now and clicked the link, i should re-boot?'
4 Mins: i can hear him, ' please sir, there is no need to re-boot again'
'be with you in a minute, i'm sure it's faster but it takes longer to login now'

'yes it downloaded AA_v3.exe, should i click it and re-boot?'
' i'm logged in again, no i don't see a message but it's going much faster'
'so you need me to go to another website and login to confirm it's me?'
'yes it downloaded should i click it?'
'wow thanks, it's going even faster now, I'll tell my wife Edith'
2 Mins:
'She' s just switching her computer on, it's a bit slow but she only uses it for banking'
5 Mins:

We howled in silence
I picked up the phone to keep him engaged and spurted short messages
'just checking with the wife now, she's going to download a recipe and see if it's quicker'
3 Mins
'Yes brilliant she's very pleased and is already preparing the oven'

He left when I told him the message said 'you need windows to run this type of file'

I claim me as king of the scam baiters as i stole 1.5 hours.

Threads Merged

He left when I told him the message said 'you need windows to run this type of file'

I claim me as king of the scam baiters as i stole 1.5 hours.

Good work sir!

I don't suppose there's a way to record these things?

Good work sir!

I don't suppose there's a way to record these things?

hmm not sure, there are lots of phone recording gadgets (plugs into phone socket no pc required)

i guess it would be easyish to plumb something up to record live phone but a soldering iron would be required.

i use motion to store my camera activity so using soundrec to store audio would be possible i guess.

anyways if i hadder recorded mine it would be on youtube front.

Good work sir!

I don't suppose there's a way to record these things?

https://www.youtube.com/watch?v=kjKjyMKj3n4

edit:
here is the related blog post:
http://www.troyhunt.com/2012/02/scamming-scammers-catching-virus-call.html

@drylips

he he the link you sent was wonderful

https://www.youtube.com/watch?v=kjKjyMKj3n4

it was just like my convo, the aussie was good

A friend of mine gets those some times and what they do is this :

When they ask for someone they tell that that person is not here but this person is would you like to speak to them ? If ok they ( they have a system to forward a call ) forward the call to the local neighborhood police unit / station ?

Ha Ha .

What we need is a gadget than can automatically converse with the scammer.

I cannot compare the registry listings, because there are control characters before every other character.

IIRC the Windows Registry Editor in WinXP can export the registry to a text file. Export before and after.

Personally, I think this (https://www.youtube.com/watch?v=zjNw-J7uK6o) is probably one of the best ways to handle a telemarketer.

I remember that one of the treasures on Wario: Master Of Disguise was the Telemarketer's Bane, a device that would constantly call telemarketers and ask them if their refrigerator was running.

Also one could follow their little script, play a Windows boot up sound from YouTube then ask if you need to be on the internet for them to help you, when they inevitably say yes, play a 56k dial up sound from YouTube as loudly as you can down the line.

I never actually lied at any time.

Neither did I. I didn't lie. I did what they asked. Except when they ask me to close windows I say I'll minimize them instead, and when asked to reboot I say I don't want to because I have programs running. I'm honest with them, yet they hangup on me. They hangup on me!

The first call was relatively short.

The second call they persuaded me to download LogMeInRescue and it ended like this:

Me: I cannot run a Windows executable, I can only open it as a self-extracting archive.

Support: Do you have Internet Explorer?

Me: No, i have Firefox.

Support: Have a nice day. Goodbye.

The third call lasted about 15-20 minutes. After a few futile attempts to start the Windows event manager they wants me to download and run Ammyy. Every time it ends up in Xubuntu's Archive Manager. This is repeated three times. They assume opening it meant running it and asks if i see "My ID". I tell them I now see three Archive Managers where I can see some binary components of the exe-file. When I later tell them I don't want to reboot, the conversation ends like this.

Support: Take the wire out of your computer...

Me: Eh?

Support: Do you have a desktop or a laptop?

Me: Desktop

Support: You take the wire out of your computer and you show it up your aas. Goodday Sir.

... the conversation ends like this. ...

Support: You take the wire out of your computer and you show it up your aas. Goodday Sir.
It amazes me how a scammer gets angry with you, the intended victim. But then bullies are always like that, aren't they? The 419 scammers (http://www.419eater.com/), apparently, become viscously dangerous when they are themselves scammed.

Man, i'd wish they'd call me...
I've got THE prank that'll freak the living daylights out of em.

Here's how to pull it off:
1. Pick any random pop song that has a good bass rithm (i tried it with Swedish House Mafia - Greyhound ; worked perfectly)
2. Use any audio-editing prog like audacity to cutt the empty sound before and after the sound (there's always 1-2 seconds of blank audio track around the song)
3. Use said program to slow the song down by 90% and increase the low tones by 50%
4. Save to a non-compressing audio format (wav might take up a lot of space, but it's totally worth it!)
5. Skip to step 8 if you don't have a cell that can play audio w/o dropping the call
6. Upload the file to the phone
7. Skip to step 10
8. Get hold of a cheap audio-player or something and keep it close to the phone
9. Upload the file to it
10. Wait for the "prey" (call-center)
11. Don't say anything (AT ALL) (VERY IMPORTANT)
12. Play the file on repeat-one and make sure it's the only sound in the phone's mic
13. Put the phone on speaker if you want hear it
14. Wait for them to get scared and hang up
15. Laugh you *** off

The audio file's great for halloween too, just make sure you have a good bass in the speakers! (Mine are the size of my head, the bass-speaker alone, that is; the entire thing is the size of a chair)

slow the song down by 90%
Did you slow down the speed (which also changes the pitch) or just the tempo (which leaves the pitch alone but, for me, leaves a stuttery sound)?

(I am using Audacity, by the way.)

I've attached two files, being the first 2.3 seconds slowed down by 90%. One is slowed speed, and the other slowed tempo.


219351
219352


increase the low tones by 50%
I have searched the help but don't know how to increase the low tones. Please share how you did it.

I envy you guys. The best I received was some lousy scam mails that got moved to the Spam folder 99% of the time (thanks to Thunderbird's excellent spam detector) I do not bother myself with replying to them though. I'm not that smart like that Church of the Painted Breast dude.

Perhaps something like this:

When they call, say "Oh no my husband/wife/etc deals with this, but he/she/they did say that this PC and their work one was infected and needed a removal service. Can you call them please he/she/they will be SO grateful. Do you have a PEN? the number is 0017635698000"

FBI Minneapolis! :)

First time i got this call, it was a guy saying he was 'From the Microsoft Company' and they 'have detected a virus on my windows computer',

I immediately knew that this was obviously a scam to get your credit card details, so i said 'NO your wrong" and hanged up.

Got the same call week after, this time a woman claiming the same thing, this time i said 'I dont use windows' and she replied 'Sir, please just turn your computer' and I hanged up the phone.

Then not so long ago my brother said to them 'We dont have a computer in the house' i cant remember waht my bro said the guy's exact reply was, but it was something like 'But sir it's showing on our database that you do' :lolflag:

I must buy one of those things you connect to your phone and your able to block numbers.

Did you slow down the speed (which also changes the pitch) or just the tempo (which leaves the pitch alone but, for me, leaves a stuttery sound)?

(I am using Audacity, by the way.)

I've attached two files, being the first 2.3 seconds slowed down by 90%. One is slowed speed, and the other slowed tempo.


219351
219352

I have searched the help but don't know how to increase the low tones. Please share how you did it.

I meant speed (pitch affected).
About the tones, just full-open the lower 1/3 of your equalizer (i forgot where it is in audacity).

The reason i said about the file format is because mp3'll cut off the lowest tones, you may not hear them, but they add one key feeling.

I used mixxx (load the mp3 file, set the pitchslider's range to 90% and fully drag it down; used the 3rd eq knob (a.k.a. Low tones) of the deck set to the 3 o'clock (where 12 is the default/center position) and turned on recording.).
Combine that with speakers whose bass speaker alone is the size of my face (the entire thing is the size of a chair) and a good amp; i could even see the bass move back and forth very slowly but very far on some tones.

I meant speed (pitch affected).
About the tones, just full-open the lower 1/3 of your equalizer (i forgot where it is in audacity).
Thank you, that worked for me!

I have not heard of Mixx before, so I'll have a look.

(off topic)


The reason i said about the file format is because mp3'll cut off the lowest tones, you may not hear them, but they add one key feeling.

The telephone cut off low tones too. MP3 can represent quite low frequencies. Lower than 30 Hz, probably under 20 Hz. The telephone and the telephone network won't transmit frequencies lower than 200 or 300 Hz. No matter if you use MP3, FLAC or WAV, the scammer won't hear it because of the limitations set by telephone technology.

This doesn't apply to just telephone virus scammers--I think the best way to waste the time of any telemarketers or phone scammers is this:

Scammer: Hello, is that Mr. Landau?
You: No. Hold on a minute. I'll go get him.

Put the phone on mute and just leave it there.

I am gonna start doing that to telemarketers. :lolflag:

Personally, I think this (https://www.youtube.com/watch?v=zjNw-J7uK6o) is probably one of the best ways to handle a telemarketer.

I need to make a transcript of that. It's hilarious.

:lolflag:

I would use it if I ever get a call from telephone virus scammers. Although I wouldn't actually say I was an officer. :)

However, I have never gotten one. :(

--
Years ago the News Paper Companies would call to try to get me to subscribe to their weekly paper. I just asked them if it came in Braille. I got all kinds of shocked responses before they hung up. :)

You really do not need a computer to keep the scammer going. Watch this http://www.youtube.com/watch?v=iq5BsgfVckw "Having fun with a scammer" (It's 12 minutes long. Watch 10:00-11:00 for the best part. Try 8:20-11:30 if you have a few minutes. Add 2:50-4:00 for a half-fun part where he argues with the scammer about yahoo vs google.)

You really do not need a computer to keep the scammer going…
LOL, that made me laugh. The bit with the apple was priceless!

I have just read an article indicating (http://www.economist.com/node/21559794) that at least some of the scammers are brainwashed into thinking that they are being patriotic to their country:

… many North Koreans are led to believe they are serving the country’s greater good by engaging in things such as insurance scams and bullion smuggling to raise money for the country’s leadership.It makes you think!

ArsTechnica just had an interesting article:

“Can you fix my Windows 95 computer?”: How to troll a tech support scammer
http://arstechnica.com/features/2012/10/can-you-fix-my-windows-95-computer-how-to-troll-a-tech-support-scammer/

I especially enjoy when they dump the scammers into a virtual box.

What we do is let the answering machine take all calls.
To talk to us you have to let it right twice,hang up and call again. Only then does someone pick up the phone.

ArsTechnica just had an interesting article…
That was great reading, thank you.

how about a virtual box running gwbasic full screen?

one of my favorite responses to scammers and spammers is, " unless yo are applying for the position of sex slave do not contact me again." works every time.

how about a virtual box running gwbasic full screen?
Well, it makes no difference what you put on your screen. With LogMeIn or TeamViewer (the scammers' choice of remote control), they take control of your Windows machine. They can upload and download files without your knowledge, among other actions.

I don't get the calls anymore because I don't have a landline, but I'd love to see how they would fare with Windows 8.

I'd love to see how they would fare with Windows 8.
Just the same as for Windows XP, Vista and 7. Once they have administrative control of your machine, their imagination (and the victim's naivety) is the limit.

So... I got home today and my wife told me about an interesting phone call.

The caller ID said Steven Mitchell so she picked up. Instead of a guy from Indiana, she hears somebody from India (presumably). He starts telling her there's something wrong with her computer. He asks if boot up seems like it's been taking a long time. She says no (she uses Linux like I do) and asks why he's calling. He says because "they've" detected a problem with her system. He describes some other symptoms and asks if she can get on her computer. She asks what's going on. He rattles off some Windows issues and finally she tells him she uses Linux (after baiting him). With that, he hangs up.

So... far as I know, this is a first. Whad'ya think he was gonna' do? I wished he'd called me instead. I would have strung him out to find out but she was nervous...

Maybe lead her to some phishing site that makes it look like he's helping to fix her computer.

It sounds like one of these: http://www.guardian.co.uk/world/2010/jul/18/phone-scam-india-call-centres

Oh! Here it is (http://blog.sucuri.net/2011/06/phishing-phone-calls-onlinesupport-com.html). Maybe. Interesting. Really wish I'd gotten this phone call.

If you have some time to spare/waste take a look at this.

http://ubuntuforums.org/showthread.php?t=1753968&highlight=phone

If you have some time to spare/waste take a look at this.

http://ubuntuforums.org/showthread.php?t=1753968&highlight=phone

Hah! You beat me to it!

Ha! Great thread. Guess I never checked that one out. Now I'm armed and dangerous. Can't wait till they call back.

I know someone who listened to one of these callers, was lead to a site that installed a trojan, and then her computer was held ransom...

merged threads

There's a link in one of the links above leading to a BBC reporter talking to one after they phoned her parents - that's quite amusing if you've the time to waste :)

Just the same as for Windows XP, Vista and 7. Once they have administrative control of your machine, their imagination (and the victim's naivety) is the limit.

Their instructions about how to get to the Event Log Viewer or whatever simply wouldn't work on Windows 8.

Their instructions about how to get to the Event Log Viewer or whatever simply wouldn't work on Windows 8.
They'll figure out an alternative.

Var/Log ?

Var/Log ?
No. They are sticking (at the moment) to Windows. It makes sense, because calling a household at random will nearly always find someone using Windows, and Windows is easy to mess with.

I like the way their facade of being a legitimate professional phonecall
quickly drops once found out.
Had a call last week and replied
"I'm running Linux, so try and scam someone else monkeyboy."
and hung up.
Ten seconds later phone rings, pickup and hear
"monkeyboy monkeyboy monkeyboy....." repeatedly.
Must have hit a nerve. :P

"monkeyboy monkeyboy monkeyboy....." repeatedly.
Must have hit a nerve. :P
LOL — I shall try that myself!

I want to set up windows in VirtualBox just so I'll be ready for them. And then I'm gonna' do everything they tell me to do just to see what happens.

I want to set up windows in VirtualBox just so I'll be ready for them. And then I'm gonna' do everything they tell me to do just to see what happens.

I have had Windows VM's in VirtualBox for a long time. I have a snapshot of them so I can restore them easily.

However, I have never gotten one of those calls. :(

I want to set up windows in VirtualBox just so I'll be ready for them. And then I'm gonna' do everything they tell me to do just to see what happens.
See post #102.

You don't want to do everything they say — stop when they ask for payment! But you can get them even at that point: See posts 137, 138 and 146.