When Antivirus Scammers Call the Wrong Guy

ancientribe writes "Phony AV scammers posing as Microsoft dialed the wrong number when they inadvertently phoned a security researcher at home. He lured them into a honeypot to study their actions, and posted the video online here. His main takeaway: they were 'Stone Age' when it came to their tech know-how."

Had one of those idiots too.

[mwvdlee]

I had one of these guys on the line a while back. Coincidentally while I was fixing some issues with the PC at my computer-illiterate parents' house. Apparently they called a few times before but they only spoke english (with a very heavy indian accent) and my dad wouldn't even know how to order a beer in english, so their "conversations" ended without any harm done.

They directed me to try all different kinds of command line tools that would display long lists of errors (which is was supposed to do on a healthy system). I checked everything he told me to do by first searching on google and within a few minutes I got to a webpage detailing the phone script the scammers were using.

Oddly enough I told him that I was checking everything on Google first and even told him I found this website, but we still went on for nearly 15 minutes or so (he was paying for the phone bill, I could see no harm in making it expensive). I kept asking him questions and calling him out on his lies (literally calling it lies), but still he kept going. At some point it was all some morbid curiosity trip for me, eager to find out how far this could possibly go. He even kept talking after I told him I had enough fun and was going to hang up. I can't quite understand why he kept wasting so much of his time when I identified him as a scammer after the first two minutes and told him so.

I can understand how they could fool a less informed computer user though.

Re:What I do

[The+Mister+Purple]

I once worked for a place that was going through a bankruptcy. Even though all creditors had theoretically been dealt with, there were still a couple collection agencies that chose to not understand that. Because I'm not intimidated by veiled lawsuit threats (or unveiled ones, for that matter), I wound up being "the guy who screens calls". I got quite good at stalling, getting "interrupted" and generally dragging out calls. This eliminated most of the collection calls with a couple of weeks of this treatment. However, there was one collector who, despite getting worked into a frothing rage on a regular basis, kept calling. Eventually, after he had raged for a bit and was catching his breath (I like to think I shortened his life by several years), I explained my tactics to him. At first, he didn't get it, but after I explained that I knew about call time metrics and that I was messing his up on purpose, he REALLY freaked out. After another 5 minutes or so, I pointed out that keeping on the line with me wasn't improving his numbers. He never called back after that.

Just remember: at a certain point, they aren't wasting your time - they are wasting their own time and amusing you in the process.

Re:Question- How did scammers do this?

[Nethead]

Yeah, Club Fed (Lompoc FPC) was real hell. They made me write AP/AR financial software for the BOP using Clipper Summer '87 on an XT. Before getting in the computer department at Lompoc I was on the irrigation crew (think hay fields) with Ivan Boesky humping lines of sprinklers through tall wet grass.

When I got out I went back to broadcast engineering, keeping local radio stations on the air. Then the Internet started and I worked with some locals and people from Seattle to get more than 9 dial-up lines in my small town. Found a good geek woman and we both ended up in Seattle working for Wolfe.net where I answered a cry from Malda for bandwidth. Seems that slashdot's T1 wasn't able to deal with the load and they were looking for someone to host images. I was at an ISP that had a whopping T3 so I set up an old Pent 90 with slackware and apache and handed it over to them. We hosted images.slashdot.org for about a year or so.

At that ISP I took to heart the spammers of the day, mostly teen customers that wanted to "make money fast." I would first try to call them and advise them that it was against the AUP, but would often get the parents. If that didn't work I'd disable the account until the parents would call (of course, they paid the bill.) This was back in the dial-up days and you could do that stuff.

Anyway, my wife and I rode the I-boom up and down, saved some money and now live on an Indian reservation looking over Puget Sound. I now spend my days as an independent field tech going around and fixing things. Life is good.