When Antivirus Scammers Call the Wrong Guy

← Back to Stories (view on slashdot.org)

When Antivirus Scammers Call the Wrong Guy

Posted by timothy on Thursday May 24, 2012 @09:18AM from the human-engineering-with-phony-humans dept.

ancientribe writes "Phony AV scammers posing as Microsoft dialed the wrong number when they inadvertently phoned a security researcher at home. He lured them into a honeypot to study their actions, and posted the video online here. His main takeaway: they were 'Stone Age' when it came to their tech know-how."

95 of 473 comments (clear)

Sounds familiar by MrEricSir · 2012-05-24 09:21 · Score: 5, Funny

His main takeaway: they were 'Stone Age' when it came to their tech know-how."
So they're exactly like Norton, McAfee, and CA?

--
There's no -1 for "I don't get it."
1. Re:Sounds familiar by CanHasDIY · 2012-05-24 09:43 · Score: 5, Insightful
  
  His main takeaway: they were 'Stone Age' when it came to their tech know-how."
  So they're exactly like Norton, McAfee, and CA?
  How did this get modded 'Funny?'
  
  That shit ain't funny, it's fucking Insightful.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
2. Re:Sounds familiar by dontmakemethink · 2012-05-24 10:21 · Score: 5, Informative
  
  His main takeaway: they were 'Stone Age' when it came to their tech know-how."
  So they're exactly like Norton, McAfee, and CA?
  How did this get modded 'Funny?' That shit ain't funny, it's fucking Insightful.
  How did this get modded 'Insightful'?
  The GP was insightful. This shit ain't insightful, it's fucking Funny.
  [Hint: to break the chain, mod this 'Informative'.]
  
  --
  
  War as we knew it was obsolete
  Nothing could beat complete denial
  - Emily Haines
3. Re:Sounds familiar by sa1lnr · 2012-05-24 11:23 · Score: 5, Funny
  
  "That shit ain't funny, it's fucking Insightful."
  Great, now we're getting false funnies.
4. Re:Sounds familiar by hairyfeet · 2012-05-24 12:07 · Score: 5, Insightful
  
  No shit, I don't know how many times i have had people bring in a machine and complains "Its so slow it has GOT to be a virus" and I find they are right...its a virus called norton or McCrappy. It never fails to amaze me how bad some of these AVs get when it comes to hogging, especially on laptops. I'll give them Avast or Comodo or if they REALLY know what they are doing MSE, but Horton and mcCrap are just fucking terrible! I have been told their enterprise version, at least with Norton, isn't like that so i have to say WTF? why can't you do that with the consumer version?
  But the bitch is it isn't the PC bugs I've seen much of lately, win 7 and a decent AV have that problem pretty well handled, its the mobile scams. If you want to know more check my journal entry here but please folks, remember that many haven't got the exp we have so warn them about the phone scams, because the amount of variants i've seen in just the last week tell me this one is gonna spread and be nasty as all hell.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
5. Re:Sounds familiar by Anonymous Coward · 2012-05-24 12:08 · Score: 4, Interesting
  
  These guys are dumber than that. The guy uses his personal email id for the payment gateway. His email is kunal_smart22@yahoo.in (Feel free to email him). He left is photograph at http://www.askmefast.com/categorydetail.php?cmd=ulist&userid=967853. He has even posted a question "Can i use this payment gateway for my call center which provide online technical support to usa,canada? " in the forum. I can also point out some security holes in his website, but I guess, I would doing more harm than good. So I will leave that out.
6. Re:Sounds familiar by Anonymous Coward · 2012-05-24 12:58 · Score: 2, Insightful
  
  * experiences with 5+ year old AV software. Hey, Ford is also not making crappy cars so much anymore, but does anyone notice?
  Ford is doing better, but Toyota is doing even better. Why go for Norton, when you can use MSE, which is far far better than present day, consumer edition Norton.
  
  * a general dislike for software that's designed for non-geeks
  Most of us dont admit, but like software to work of the box. We all prefer software that is degined for non-geeks, like MSE.
  
  * bias against commercial software and marketing techniques.
  If you look at the technical side of what a company like Symantec is doing these days in the AV space with behavior analysis, reputation data, intrusion prevention and so forth (http://www.symantec.com/theme.jsp?themeid=star), I think most of you would be very surprised with how cutting edge the AV products are (both Enterprise and Consumer, which share the same core technology), how quickly it installs, how small the resource footprint is, and how quickly it goes to the background (http://www.passmark.com/tpsreport12). I can't defend the pop-up offers and whatnot, but for the most part, these aren't the shitty products they used to be.
  I agree they are far better than they used to be, but so is their competition. They suck compared to their competition.
7. Re:Sounds familiar by jd2112 · 2012-05-24 13:00 · Score: 2
  
  Actually those use some rather sophisticated methods to ensure that every CPU cycle and byte of memory is consumed.
  
  --
  Any insufficiently advanced magic is indistinguishable from technology.
8. Re:Sounds familiar by ozmanjusri · 2012-05-24 13:34 · Score: 4, Interesting
  
  I have been told their enterprise version, at least with Norton, isn't like that so i have to say WTF?
  
  One of my (Fortune 100) clients has McAfee enterprise and I can vouch for the fact that it's horrible there too.
  Just an example; what they call "Wasted Wednesday" has nothing to do with substance abuse, and everything to do with mandatory virus scans that make computers unusable for hours.
  
  --
  "I've got more toys than Teruhisa Kitahara."
9. Re:Sounds familiar by Fjandr · 2012-05-24 18:39 · Score: 3, Informative
  
  It's the plural of the Latin 2nd declension noun "virius," which means "One who does not understand Latin."
10. Re:Sounds familiar by kyrio · 2012-05-24 18:43 · Score: 3, Informative
  
  Pretty much any third party report (third party = not paid for by anyone related to the reported) ranks MSE higher overall. Sure, Norton can catch them, but it kills your system doing so, even now. There are at least 5 other AV software (including MSE) that are better than Norton.
11. Re:Sounds familiar by hairyfeet · 2012-05-24 20:44 · Score: 3, Interesting
  
  This is why i think words like "sheeple" or "corporate lemmings" is perfectly legitimate in certain contexts. because if an idea is bad and many do it...it is STILL A BAD IDEA and having many morons follow that bad idea doesn't magically make it good! I have dealt with Comodo Enterprise for some of my SMB customers and frankly it has everything except the crazy support costs, and unlike those other AVs you can actually get shit done while its running without it feeling like its tied a damned boat anchor around your machine.
  I have always believed in using what you recommend and I've been running Comodo for a couple of years now with ZERO hassles or bullshit, hell I even have it on my kid's gamer boxes. When i went to show them how to turn off services in Comodo for when they game they said "What for? We just tell Comodo we want to run it and that's it" which frankly blew my mind because if there is one thing an AV will usually do its slow the hell out of gaming but nope, even with games it just didn't bog down their systems.
  Contrast this with norton and mcAfee where I have yet to see it on a system that didn't feel like the entire system was running in slo mo. This is why I have been handing out Comodo to all my business customers and have started handing out to home users as well, because what damned good is an AV if it makes the whole system a royal PITA to use? To me the ultimate AV should ask you as few questions as possible and should only bother you when it has something important it needs your attention for and that's Comodo in a nutshell. the only time I hear from it is if it has blocked a site for having a malicious script or if i launch a program for the first time it asks whether or not I'd like it sandboxed, that's it. I just tell it what i want the default behavior to be for that program and it never asks again, it just does what its told.
  How anyone can put up with a boat anchor AV is beyond me, I set up a test bed and tried all the different AVs simply because the AV I had been using (AVG) had become bloated and felt like a boat anchor. If you can't use the damned machine, what good is having it clean?
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
12. Re:Sounds familiar by IICV · 2012-05-25 01:43 · Score: 2
  
  One of my (Fortune 100) clients has McAfee enterprise and I can vouch for the fact that it's horrible there too.
  Oooh ooh I have one too, one place where I worked used Symantec Endpoint Protection (which is kinda like more expensive Norton for paranoid CTOs). For some reason, trying to install stuff over the network from a shared drive would actually crash the firewall, rendering the computer unable to connect to the Internet until you rebooted it. There's got to be an exploit in there somewhere, I'm sure, but I never looked in to it.
13. Re:Sounds familiar by denis-The-menace · 2012-05-25 01:53 · Score: 5
  
  You should have mentioned "Underated" so that you could end up with +5 Underated
  
  --
  Obama's legacy: (N)othing (S)ecure (A)nywhere and (T)error (S)imulation (A)dministration
14. Re:Sounds familiar by capnkr · 2012-05-25 02:07 · Score: 2
  
  Having a VM ready for these calls which has goatse for the wallpaper would be both Funny *and* Insightful.
  
  I would love to hear/see the reaction when they remoted into some "suckers" computer and saw *that* staring them in the face bigger than life. Even better if the "sucker" played it straight... :)
  
  --
  "...there are some things that can beat smartness and foresight. Awkwardness and stupidity can." ~ Mark Twain
15. Re:Sounds familiar by mcgrew · 2012-05-25 03:14 · Score: 3, Funny
  
  I've never seen that one before, congratulations! However, it just says (5). You have to click the 5 to see that every single moderator modded you "underrated".
  How did you guys manage to hypnotise the moderators? Hey, moderators, could you mail me some cash?
  Damn, it didn't work :(
  
  --
  Free Martian Whores!
Question- How did scammers do this? by cpu6502 · 2012-05-24 09:25 · Score: 4, Interesting

I got a similar call to the guy in the article. So I hung up.
They called back, and I hung up again except the phone didn't hang up. I even held down the "on hook" button but the call would not terminate. Any ideas how the scammers accomplished this?

--
My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
1. Re:Question- How did scammers do this? by SScorpio · 2012-05-24 09:26 · Score: 4, Funny
  
  In your rage you slammed down the receiver too hard and now the "on hook" button isn't registering correctly?
2. Re:Question- How did scammers do this? by Anonymous Coward · 2012-05-24 09:27 · Score: 5, Funny
  
  the call is coming from inside the house!
3. Re:Question- How did scammers do this? by Anonymous Coward · 2012-05-24 09:33 · Score: 3, Funny
  
  I'll use logmein to fix your phone issue.
4. Re:Question- How did scammers do this? by cpu6502 · 2012-05-24 09:34 · Score: 2
  
  Um. No. My phone works just fine. I also disconnected the line which should have terminated the call immediate, but the scammer was still talking when I reconnected the line. (I figure they were using some override built into the POTS.)
  
  --
  My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
5. Re:Question- How did scammers do this? by ArsenneLupin · 2012-05-24 09:35 · Score: 4, Insightful
  
  On some phone systems (for example Luxembourg during the eighties), only the caller can hang up a line. If the callee "hangs up" it's not really hung up until the caller hangs up as well, and a malicious caller can tie up his victim's line as long as he wants.
  Normally this is not an issue, as in a normal call both parties will hang up. However, back in the day, pranksters figured out that this was an excellent way of annoying call-in amateur ("pirate") radio stations, completely sabotaging their game shows this way...
6. Re:Question- How did scammers do this? by Archangel+Michael · 2012-05-24 09:36 · Score: 4, Interesting
  
  I had a similar call about a month ago. My wife answered it and then hung up. I wish she would have handed the phone to me. I would have had a field day, acting stupid, and getting as much info as I could so that I could return their "favor".
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
7. Re:Question- How did scammers do this? by kammat · 2012-05-24 09:36 · Score: 2
  
  Most landlines won't disconnect until the sender hangs up. I learned this beauty last election cycle when robocampaigns would call and *not*fucking*drop*the*line* after I hung up right away. Two minutes later I picked back up and they were still going.
8. Re:Question- How did scammers do this? by CanHasDIY · 2012-05-24 09:46 · Score: 4, Funny
  
  Um. No. My phone works just fine. I also disconnected the line which should have terminated the call immediate, but the scammer was still talking when I reconnected the line. (I figure they were using some override built into the POTS.)
  ...Which is precisely why man invented the airhorn.
  
  Next time those bastards grab your line and won't let go, give them a really, really fucking loud reason to.
  
  --
  An enigma, wrapped in a riddle, shrouded in bacon and cheese
9. Re:Question- How did scammers do this? by cpu6502 · 2012-05-24 09:46 · Score: 2
  
  No mine (Bell Atlantic) doesn't work that way. I hang-up on telemarketers all the time, and they disappear. This one was the sole exception which is why it's stuck in my mind a year later.
  
  --
  My AC stalker: " I personally agree with your posts most of the time, but that won't keep me from modding you troll"
10. Re:Question- How did scammers do this? by bobbied · 2012-05-24 09:46 · Score: 5, Informative
  
  Well... There used to be a slight delay (like 10 seconds) between the "on hook" (current stops flowing in the loop) and the processing of the "on Hook" condition by the switch. This was to avoid disconnecting calls for momentary current breaks such as when you where dialing a rotary phone or if the user was doing a hook "flash" to switch between parties in a 3-way call. In some cases this delay has been emulated by recent phone system designs for compatibility reasons or simply because that's the way things used to work and the spec still calls for it. These days, I don't think there are many land line phones doing rotary dial and processing flash hook signals, at least in the industrialized world.
  This feature was what caused the "Telemarketers have total control of my phone when they call and I can't hang up on them!" rumor from yesteryear. I'm betting that this was the reason you couldn't hang up on them. Next time hang up and wait about 20 seconds and I'll bet you will get a dial tone when you pick up.
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
11. Re:Question- How did scammers do this? by budgenator · 2012-05-24 10:25 · Score: 2
  
  I'm not a Pheaker, but as I understand it, there is a way to reverse the roles of the caller and the callee. It's useful for the 911 and the police as they can maintain the connection long enough to preform a trace.
  
  --
  Apocalypse Cancelled, Sorry, No Ticket Refunds
12. Re:Question- How did scammers do this? by Technician · 2012-05-24 10:25 · Score: 2
  
  Wow, they are still at this. I did get to mess with one and tied him up for about 20 minutes. I had my netbook running Ubuntu Netbook Remix. I played along to see how long it would take for them to figure out I wasn't running windows. They didn't start trying to get me to look for Windows error messages. They started by trying to get me to go to a site for Remote Desktop Management so they could see my PC. I played along and got to the download. They wanted me to open it since I said I could not run it. I opened it with archive manager and told them of the other Exe in the exe archive. They wanted me to run that too. Again, I could not run it. Then they tried to get me to check for Windows error messages. Along this path they finally asked what version of Windows I was running. After I told them, they made a quick appology (surpried me) and they hung up. The caller ID was faked.
  
  --
  The truth shall set you free!
13. Re:Question- How did scammers do this? by Bromskloss · 2012-05-24 10:28 · Score: 5, Funny
  
  On some phone systems (for example Luxembourg during the eighties), only the caller can hang up a line.
  cpu6502, do you remember if you were in Luxembourg in the eighties when this happened?
  
  --
  Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
14. Re:Question- How did scammers do this? by bobbied · 2012-05-24 10:30 · Score: 4, Informative
  
  I think a dialer would have no way to know that the called party was trying to hang up until the local switch processed the "on hook" (hang up) event. Looking at the SS7 ISUP signaling, there is nothing that would carry that information back to the caller that indicated a hook flash once the call was Answered.
  As I recall the one commercial dialer I worked on years ago, we did listen for modem tones, but would pass any answered calls to the operators for processing. We could also hear the "Beep" from most answering machines and deal with that by calling back later, but it was hit/miss at best. We could also listen for silence, and only transfer calls that somebody said "hello" (actually anything else) to operators, but we would hang up on silence after a few seconds, not on a called party hook flash. All this was done to reduce the Long Distance charges and not pass bad calls to operators that where paid by the hour. The motive was $$ not because the called party might need to make a 911 call.
  
  --
  "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
15. Re:Question- How did scammers do this? by Zapotek · 2012-05-24 11:05 · Score: 4, Funny
  
  I used to use a modem for that back in the dial-up days; when I wanted to go on-line but someone in the house was using the phone I sent a message to the modem via the terminal and it started screaching bloody murder.
16. Re:Question- How did scammers do this? by neonsignal · 2012-05-24 11:10 · Score: 2
  
  I spent nearly 15 minutes on the line to one guy who tried to talk me through pressing the Windows button in the bottom right hand corner of the screen.
  I didn't even have to lie; I repeatedly told him I was running Linux, so I didn't have a Windows button. He thought I was an idiot, kept on trying to explain how to bring up the Windows control panel so that I could see the "error messages". Eventually in frustration he put on his supervisor, who after learning I ran Linux, apologized and quickly hung up on me.
17. Re:Question- How did scammers do this? by slew · 2012-05-24 11:31 · Score: 2
  
  I actually did this.
  Of course at first they assumed I had a windows machine so when I claimed to not know how to type in their url, they tried to get me to hit the windows key to bring up the start menu to open a browser. When I told them I didn't have a window key on my keyboard, they immediatly assumed that I had a mac, so then they transfered me to their "mac" guy, and after messing with that guy's head for a while, I let it slip that I think my brother-in-law set me up with a linux machine and they handed me off to their "linux" expert who of course didn't know how to get me to type in their url into a custom opera based browser which had DNS blocking (I don't have anything like that, I just made that configuration up). At that point, the third guy politely told me that they were sorry that couldn't help me and hung up. That was about 30 minutes of me randomly typing and surfing the internet with the telephone on the desk occasionally picking up the phone to tell them that what they asked me to do didn't work... At least they weren't calling anyone else, but I have to admit, they had a pretty good call script they were working from...
  From what I could tell, I think the scam was that they hacked a web page to make a pop-up that claimed to scan your hard drive for viruses so they could sell you a virus elimination package, but I didn't actually go to the url they were pitching and of course the domain was registered to some random corp from nowhere...
18. Re:Question- How did scammers do this? by Eyeball97 · 2012-05-24 11:51 · Score: 2
  
  Jeez, you kids are young... Did you never wonder where the phrase "Hold the line, please" comes from? It's a request to keep the line open. The caller being able to keep the line open, is by design. Perhaps some providers no longer adhere to this standard but if yours do, there's your answer.
19. Re:Question- How did scammers do this? by mortonda · 2012-05-24 11:53 · Score: 2
  
  Just speak a little too loudly off phone: "Hey Fred, you got the FBI trace running on this call? 1 minute? I can keep him on for that long..."
20. Re:Question- How did scammers do this? by slew · 2012-05-24 12:55 · Score: 4, Informative
  
  I'm not a Pheaker, but as I understand it, there is a way to reverse the roles of the caller and the callee. It's useful for the 911 and the police as they can maintain the connection long enough to preform a trace.
  My information is pretty dated, but as I recall, although theoretically you can do pretty much anything in the exchange (say like reverse roles and perform a trace), in practice, you probably can't do too much at the calling or called side unless it was the same exchange that handled the caller and callee (esp if it is a crufty old 5ESS). Of course with the current telephone network, no phreaking signals are accepted as the voice path and the signalling path is now totally separate... (In the United States, the last exchange that kind of stuff worked on was wawina and that ended in June 15, 2006)
  Note that in SS7 (and it's messages, described by the ITU Q.764 standard which is freely available), either side can disconnect. If the calling party disconnects, a release request (REL) is sent to the terminating exchange and it's up to that exchange to release the line and send a release complete (RLC). If the terminating exchange is next to the police dept or 911**, that terminating exchange could theoretically could hold the line for a while for a trace (although intermediate exchanges may time this out, so you can't do this forever). The same is true for the called party disconnecting which initiates a REL going back to the originating exchange. In this case the originating exchange might hold the line for a while after receiving a REL, but even if the caller doesn't hang up, eventually it will release and send the RLC back to the terminating exchange and release the called line. For other than weird billing purposes, there's not much of a reason to switch caller and callee after a call starts as the caller's exchange is the one that usually initiates the billing record (unless you want to bill say both sides). I don't think you can cancel billing once it started on the caller's originating exchange on most systems.
  **911 doesn't work by tracing your call through the network, it works by the orignating exchange sending the correct network address information about the caller in a call-origination message to the 911 exchange (similar to callerID).
21. Re:Question- How did scammers do this? by Deathmoo · 2012-05-24 13:07 · Score: 2
  
  I like this idea very much! Now to find a modem...
  They didn't like me very much when this "fake MS virus support" guy phoned me earlier this week (Canada). He didn't like my attitude, if you can believe that! He phones me, with the express purpose of stealing from me, and then expects me to be polite?
  Well fuck that!
22. Re:Question- How did scammers do this? by realityimpaired · 2012-05-24 14:15 · Score: 5, Informative
  
  Um. No. My phone works just fine. I also disconnected the line which should have terminated the call immediate, but the scammer was still talking when I reconnected the line. (I figure they were using some override built into the POTS.)
  Such a feature doesn't exist in DMS-100 (unless an engineer is doing a dialtone plunge, but that's not a DMS feature, that's an actual set or test head connected to the line keeping it open). More likely, you have a marginal short on your line, and when you "hung up", the short was low enough at the time to trick the DMS into thinking that there was still a phone of the hook, so it didn't close the line. Depending on the amount of T-R leak that's happening, you may never notice it when you're using the phone, but it could still be enough to trick the DMS into thinking your phone's off the hook.
  Of course, in a situation like that, chances are you'd have no dial tone at all, because the DMS would self-disconnect from the line to avoid being damaged, and they wouldn't have been able to ring your line at all, as it would sound busy (or forward to voicemail if you have that line option) with the DMS in PLO state. I suppose if it's a swinging short it could work the way you're describing, but the chances are slim enough that it's equally possible you're just making it up. I'd have to see a 12-point metallic test to know for sure what the problem is with your line, but assuming you're telling the truth, my money's on a swinging tip-ring short.
  I guess, maybe, if you're on FTTH and the ONT is bugged out (or you have a problem with your inside wiring), it could behave like that, too. Usually with FTTH I don't see anywhere near the kind of weird shit that I see on copperline, though.
  The other possibility is as folks have suggested, 3-way calling. If you hang up and pick up shortly afterwards, it's the same effect as pressing the "flash" or "link" button on your phone, and the DMS will put the first call on hold to allow you to dial a 2nd number. If it triggered when you hung up, it would suggest a defective phone.
  Obligatory disclaimer: I do work for the local phone company, and one of my many job functions has been troubleshooting/diagnosing this kind of weird behaviour in order to determine if a field tech visit is needed. I have seen the problem you're describing before, but usually it's followed by a loss of dialtone within an hour after the fact.
23. Re:Question- How did scammers do this? by Nethead · 2012-05-24 14:40 · Score: 3, Interesting
  
  I remember working C64 BASIC code to hack out call progress detection back in the early 80's. Had a Code-A-Phone where we pulled the 8042 microcontroler and emulated it with the C64. The Teltone/SSI chips (981, etc.) really saved our asses. Then I figured out how to brute-force calling card numbers with the hardware. Long story short, three years in Club Fed.
  
  --
  -- I have a private email server in my basement.
24. Re:Question- How did scammers do this? by Anonymous Coward · 2012-05-24 15:25 · Score: 2, Interesting
  
  To his credit;
  This very thing happened to me today. Typical call from some telemarketing co; upon answering, I was greeted with, "Please hold for an important message regarding government funding for small businesses"... or something of that sort...
  Immediately I hung the phone up. I needed to make a call, so I grabbed the receiver approx 7-10 seconds later and instead of dialtone, I could hear the message being played. So I hung up and waited a bit longer this time, perhaps 15-20 (more) seconds. Same thing.
  I was quite curious by this time because MY phones are working just fine. So I disconnected the incoming POTS line, waited about 10 seconds and reconnected. Same thing; no dialtone and I could hear the message being played as if I had never disconnected in the first place.
  Alas, I waited about 60 seconds before picking up the handset to be greeted with dialtone. I made my call, and received probably 40 more today without any problems.
  The telephone is an at&t 945 small business, 4 line, wired phone, in case you were wondering.
  Not making this up.
25. Re:Question- How did scammers do this? by SgtAaron · 2012-05-24 15:45 · Score: 2
  
  I remember working C64 BASIC code to hack out call progress detection back in the early 80's. Had a Code-A-Phone where we pulled the 8042 microcontroler and emulated it with the C64. The Teltone/SSI chips (981, etc.) really saved our asses. Then I figured out how to brute-force calling card numbers with the hardware. Long story short, three years in Club Fed.
  I was recently setting up a web power switch and its manual said the scripting language it used was BASIC, and I instantly flashed back to writing
  a Star Trek II (Kaaahhhnn) simulator in BASIC during the 80's that had photon torpedoes about 1cm x 1cm. Strange how the brain works sometimes. Well, it
  wasn't as sophisticated as your call progress detection hack, by any means, but I wish I had managed to saved that 5 1/4" floppy, just for grins.
  Also, I believe this might be the first time in my years of having a slashdot login that I recall seeing someone admit to spending time in the slammer without posting as an AC. Cheers #1563, and happy for you that you left the club in time to garner a four-digit slashdot userid! I'm not jealous or anything. Ah, I'm off-topic. Been here 12 years and have a six-digit userid, I'll be off-topic for once. Heh.
  But to get back on topic, though most likely nobody will read it. Working for an ISP off-and-on these last 15 years has nearly forced me to want to line up these scammers... well and do something not nice to them. Perhaps force them to watch under bright lights whilst someone social engineers one of their family and gets them to give up their life savings, at least their email password so we can login to their webmail and send nasty emails to all of their contacts. This is a symptom of having lots of customers do just that and *poof* we have thousands of emails going all over the place and Yahoo and what not deferring everything, so customers call up wondering why their email (forwarded joke, with attachments) to Grandma hasn't arrived yet. Maybe these scammers are desperate, maybe not. But it's kind of like shitting on someone else's lawn and not cleaning it up. *Someone* has to, and it's usually us.
  I did login to the latest Nigerian scammer's web site, at some colo center in Germany btw, and enter a username of "GO BITE YOURSELF HOSER" and a password of "GET A LIFE". Wish I could say I tied them up on the phone for 30 minutes, but that is my contribution so far.
26. Re:Question- How did scammers do this? by Nethead · 2012-05-24 16:40 · Score: 5, Interesting
  
  Yeah, Club Fed (Lompoc FPC) was real hell. They made me write AP/AR financial software for the BOP using Clipper Summer '87 on an XT. Before getting in the computer department at Lompoc I was on the irrigation crew (think hay fields) with Ivan Boesky humping lines of sprinklers through tall wet grass.
  When I got out I went back to broadcast engineering, keeping local radio stations on the air. Then the Internet started and I worked with some locals and people from Seattle to get more than 9 dial-up lines in my small town. Found a good geek woman and we both ended up in Seattle working for Wolfe.net where I answered a cry from Malda for bandwidth. Seems that slashdot's T1 wasn't able to deal with the load and they were looking for someone to host images. I was at an ISP that had a whopping T3 so I set up an old Pent 90 with slackware and apache and handed it over to them. We hosted images.slashdot.org for about a year or so.
  At that ISP I took to heart the spammers of the day, mostly teen customers that wanted to "make money fast." I would first try to call them and advise them that it was against the AUP, but would often get the parents. If that didn't work I'd disable the account until the parents would call (of course, they paid the bill.) This was back in the dial-up days and you could do that stuff.
  Anyway, my wife and I rode the I-boom up and down, saved some money and now live on an Indian reservation looking over Puget Sound. I now spend my days as an independent field tech going around and fixing things. Life is good.
  
  --
  -- I have a private email server in my basement.
27. Re:Question- How did scammers do this? by snowgirl · 2012-05-24 17:39 · Score: 2
  
  I spent nearly 15 minutes on the line to one guy who tried to talk me through pressing the Windows button in the bottom right hand corner of the screen.
  Do you run into Hebrew or Arabic Windows more than anything else? Because most localizations have the Windows button in the bottom LEFT hand corner...
  
  --
  WARNING! This girl exceeds the MAXIMUM SAFE standards established by the FDA for BRATTINESS
28. Re:Question- How did scammers do this? by wrook · 2012-05-24 20:33 · Score: 3, Informative
  
  Disclaimer: I used to work on the DMS-100 (perhaps I should post this as anonymous coward... :-P ) At least when i worked on it, there were plenty of bugs with respect to various features (especially 3-way call) and various agent types. Stupidly enough, although it was not the correct way to do things, the most common way to clear a call was to take down one end and then wait for the audit process to come around, notice that one end was down and take down the other end. If you hang up and then pick up the phone again, depending on what code paths you were going through, you could reconnect the call before the audit process tore it down. Unfortunately, it was a problem that was nearly impossible to fix because the DMS uses completely different code depending on agent types and features that are in use. You would practically have to go through all 30 million lines of code.
  It's been about 15 years since I worked there, so I can't remember very much any more, but I used to play party games demonstrating all the bizarre behaviour you could get your phone to do. The thing was that end users think of their phone as a kind of widget. They have no idea there's a computer in the switch directing things. When weird things happen they either blame themselves or come up with conclusions like the GP (the scammers figured out how to hold the line up). Just bad code, that's all.
Bummer is, it works by Toe,+The · 2012-05-24 09:26 · Score: 5, Insightful

Scammers (and spammers) wouldn't do this stuff if it didn't pay off.
Even though these guys were idiots, they still manage to scam people. So what does that say about their victims? Ugh.
1. Re:Bummer is, it works by fuzzyfuzzyfungus · 2012-05-24 09:40 · Score: 2
  
  I'd suspect comparative advantage in action: These were phone scammers. The techie scammers are out there dumping drive-by downloads and building attack toolkits for sale. The less technical ones are falling back on their people skills and doing social engineering attacks...
2. Re:Bummer is, it works by Belial6 · 2012-05-24 12:06 · Score: 3, Insightful
  
  I would really like to agree with you at least a little bit, but it isn't 1995 anymore. Waving off ignorance as "I don't understand computers" isn't a valid answer anymore. It is basic safety when using a telephone not to give out credit card numbers or any other personal information to someone that calls you. Not typing things into your computer and giving access to someone that calls you isn't "Computer Knowledge" it is "Telephone Knowledge", and the telephone has been in wide use long enough that claiming you don't know how to use it isn't a valid answer either.
Can you blame them? by Anonymous Coward · 2012-05-24 09:34 · Score: 2, Insightful

Where are the calls coming from? Probably India or some impoverished nation. Some of the people working in those call centers really need the $2.00 a day that they make so that they can feed their family.
I'd do some shady shit too if I had to in order to survive and so would you. So don't judge too harshly and don't yell or belittle the guy on the phone. Don't hate the player, hate the game...
1. Re:Can you blame them? by X0563511 · 2012-05-24 09:39 · Score: 5, Insightful
  
  Don't hate the player, hate the game...
  No. I hate both.
  
  --
  For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
2. Re:Can you blame them? by fuzzyfuzzyfungus · 2012-05-24 09:41 · Score: 3
  
  Your 'peak hatred' attitude is disguistingly defeatist.
  
  Hate player, the game, the phrase 'don't hate the player, hate the game' and anybody who uses that phrase. And you'll still have plenty to go around!
3. Re:Can you blame them? by Tanktalus · 2012-05-24 09:48 · Score: 2
  
  Where are the calls coming from? Probably India or some impoverished nation.
  Yes, from India. I've had them on the line more than a few times, and even strung them along in a VirtualBox session once, too. Except that I stopped it when they asked for actual money and explained to them that everything they said was a lie, starting with their names. They hung up that time. Another time I simply asked them why they liked scamming people, and the guy yelled at me as if to be offended by this. That was entertaining - knowing that I knew more about what they were talking about than they did, he wasn't going to be able to browbeat me into agreeing he actually was with Microsoft.
  Any way, the accent can't be missed. It has been thick every time. Of course, in this day and age, the accent alone doesn't mean it's not Microsoft :-(
4. Re:Can you blame them? by Jeng · 2012-05-24 09:54 · Score: 5, Insightful
  
  Damn straight I can blame them.
  You don't see me trying to scam Bill Gates or some other bullshit.
  If you are at the level where you are pulling these scams internationally over not only the internet, but also calling your victims, then you are not starving and you are probably a little better educated than those around you. These are the people that are dragging down their societies instead of building them up.
  I not only blame them, I would like to shoot them for the betterment of their communities.
  
  --
  Don't know something? Look it up. Still don't know? Then ask.
5. Re:Can you blame them? by Sir_Sri · 2012-05-24 09:59 · Score: 5, Insightful
  
  You realize that fraud and scamming people in india is a crime too right?
  I don't begrudge and indian guy a job at Infosys or IBM or actual microsoft. You may not like outsourcing, but you can't fault someone for taking a decent job that's a step up from what they have, and you can't expect them to feel bad about taking your job when you get paid 50x as much as they do.
  But you still don't feel bad for the guy trying to rob you on the street in New Delhi. He's as much a criminal by indian standards as by western ones.
  I admit, there *is* a grey area. Not the area you talked about. But there is a grey area. I feel bad for people there who have to pay bribes to buy a train ticket (which is everyone), and I feel worse when they come here and think they have to do the same thing. But there is a matter of different cultures, and pervasive corruption and ciminality that honest people can't avoid. Fine, I'll forgive some of that. But trying to theft is theft, and I have relatively little tolerance for it, and none at all when it's an intentional organized corporate activity.
6. Re:Can you blame them? by budgenator · 2012-05-24 10:35 · Score: 2
  
  Ah the good old days when hacking meant connecting stepper motor to an Etch-a-sketch to use with the computer they had just finished wire-wrapping last week.
  
  --
  Apocalypse Cancelled, Sorry, No Ticket Refunds
7. Re:Can you blame them? by Anonymous Coward · 2012-05-24 11:10 · Score: 5, Funny
  
  I'm going to setup a VM with a desktop showing me raping Shiva, shooting and dismembering a cow while holding the Pakistani flag and taking a shit on a set of cricket stumps. The audio would be interesting.
8. Re:Can you blame them? by NemoinSpace · 2012-05-24 14:57 · Score: 3
  
  Why don't you go back to responding to Nigerian email scams instead of posting variations of liberal ethics on slashdot?
  People of honor will do whatever they have to do to make it through the day. And they will do it honorably - or die trying.
  Scumbags however, will be scumbags their whole life and will count on morons like you to justify their pathological behavior.
  Usually guys like this tend to congregate in town inhabited by guys like you. Then of course you will call upon guys like me to take care of your "problem" for you. Because of course, you prefer to remain anonymous cowards, all the while spewing your superior social intellect.
  /end ass ream.
Not surprising by Baloroth · 2012-05-24 09:35 · Score: 4, Insightful

Hardly surprising their tech know-how was stone-age. If they were actually competent, they wouldn't be running some lame over-the-phone scam like this. They would either be working a legitimate job or running a large-scale botnet somewhere. The vast majority of criminals are stupid, because smart people either don't get into crime or don't do low-level crap like this.

--
"None can love freedom heartily, but good men; the rest love not freedom, but license." --John Milton
1. Re:Not surprising by oxdas · 2012-05-24 09:51 · Score: 5, Funny
  
  There are much better outlets for exceptional scammers and thieves; politics and wall street seem popular right now.
2. Re:Not surprising by Anonymous Coward · 2012-05-24 10:05 · Score: 2, Interesting
  
  Their goal is to sell the "product", not recover the machine. As soon as they have the victim's money, their job is finished.
I got one of these, too by J053 · 2012-05-24 09:37 · Score: 4, Funny

Happened just the other day. They didn't claim to be from Microsoft, though. I asked the caller what OS was on my computer, and she said "Either XP or 7". I don't have any Windows systems in my house, and the call was interrupting something else I wanted to do, so I just said "Wrong!" and hung up.
1. Re:I got one of these, too by Lumpy · 2012-05-24 09:54 · Score: 4, Interesting
  
  Now see this would be fun, fire up a VM with Ubuntu 11 on it and let them have a go.
  Or better yet, a windows Skinned XFCE. it looks right but nothing is right......
  
  --
  Do not look at laser with remaining good eye.
2. Re:I got one of these, too by jamesh · 2012-05-24 10:05 · Score: 2
  
  Me too, only i do have windows. I played dumb for a bit - she asked me to open event viewer and look for any warning or error messages (there always are) which would indicate my computer was infected. I told her there were none. We went around in circles for ages with her getting me to re-open event viewer, scroll down, etc, to find this "proof" that my computer was infected. After a while she started asking every few minutes if I still wanted to continue the call. Eventually I told her i'm bored of this and hung up.
  I suspect that a lot of these "first level" support people who actually call you then eventually pass you on are people who responded to "make money from home" ads, and are just as stupid as the people they are trying to scam.
3. Re:I got one of these, too by chuckymonkey · 2012-05-24 10:27 · Score: 2
  
  I think a good tactic is to do what this guy did or something similar. Waste as much of their time as you can because they're not going to make any money off of you and the longer you tie them up the less profitable they are.
  
  --
  "Some books contain the machinery required to create and sustain universes."-Tycho
4. Re:I got one of these, too by Anonymous Coward · 2012-05-24 10:39 · Score: 5, Funny
  
  I had a call from these guys once.
  I set up a new user account in Ubuntu, and then ran the remote access software they asked me to download in Wine.
  The remote software sort of started to work, and connected to something their end, but didn't work enough to give any desktop access.
  I was running wireshark too, so could see which IP addresses it was talking to.
  So, I just kept babbling stuff, and pretending I did not know how to set up the remote access software properly. Then I started dropping hints about 'the base firewall' and 'asking the officer on duty' to make it seem like I was on a militery base. Then I said that the commander of the computer section wanted to talk the them, and the phone went dead.
5. Re:I got one of these, too by neonsignal · 2012-05-24 11:28 · Score: 4, Funny
  
  A elderly friend of my parents got one of these scam calls; the caller at the end of the line explained to her that "they could see that there was a problem with her computer" and that they could help her to fix it. She said "there sure is a problem; I took it down to the rubbish tip last month".
6. Re:I got one of these, too by Anonymous Coward · 2012-05-24 18:42 · Score: 4, Funny
  
  My Mum, continously gets these... One day when I was at her house, she got a call... This is when the fun began... The call goes as follows.
  Indian Woman: Hello I am calling from Windows. We have seen that your pc has a virus. We would like to remove the virus from Microsoft.
  My Mum: I don't understand my computer is fine. Where are you calling from?
  Indian Woman: I am calling from Windows. Our software has informed us that you have a virus, and needs to be removed?
  My Mum: I'm just going to put someone else on the phone.
  Indian Woman: OK
  My Mum: *passes phone to me
  Me: *mash 6 random phone buttons.* Hello Madam, you have fallen into a continuously monitored phone number. You have made so many calls pretending to represent Microsoft falsly, that we at Microsoft are now starting to monitor these calls, and have provided a service to record and trace calls.
  Indian Woman: I HAVE DONE NOTHING WRONG! (screamed)
  Me: Never the less madam you have twice used our trademarked name Windows. and presented yourself as an employee of Microsoft. Therefore you are breaching various trademark rules and copyright rules. In addition you are liable in the uk for libel as the calls are being recorded.
  Indian Woman: I HAVE DONE NOTHING WRONG!!! (screamed even louder in a higher pitched voice)
  Me: Never the less you have broken the law. These calls are being recorded, and you have been on the call for a long enough period now for our technical team to have traced the call back to your place of operations. The Indian police should be contacting you within the next few days. To assist them with our joint operations to stop this scam.
  Indian Woman: I HAVE DONE NOTHING WRONG!!! (now shouted in such a pitch that it hurt my ears)
  Phone: click duuuuuuuuuuuuuuuuuuuuuuuu .
What I do by Mortimer82 · 2012-05-24 09:43 · Score: 4, Insightful

I say "Okay, hold on a moment please." I then leave the phone call active, put the phone on my desk or something and do something else until they get bored.
1. Re:What I do by Archangel+Michael · 2012-05-24 09:52 · Score: 4, Insightful
  
  I do that, except I'll go back every couple minutes or so and say .. can you hold on, I really want to talk to you, but I have to finish this one thing ..
  I keep a log of how long they will hang on ... the current record, for some insurance company, was nearly 35 minutes before they hung up. They did call back three time afterwards ... but didn't hold on much more than a couple minutes.
  My goal, keep them online, but not making a sale for as long as I can. If everyone took 30 minutes for each of these sales type calls and never actually buying, then they would stop calling, as the profit margins would sink.
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
2. Re:What I do by jamesh · 2012-05-24 10:08 · Score: 2
  
  "Hang on, I just need to find my credit card" will get them waiting for longer.
3. Re:What I do by The+Mister+Purple · 2012-05-24 10:10 · Score: 5, Interesting
  
  I once worked for a place that was going through a bankruptcy. Even though all creditors had theoretically been dealt with, there were still a couple collection agencies that chose to not understand that. Because I'm not intimidated by veiled lawsuit threats (or unveiled ones, for that matter), I wound up being "the guy who screens calls". I got quite good at stalling, getting "interrupted" and generally dragging out calls. This eliminated most of the collection calls with a couple of weeks of this treatment. However, there was one collector who, despite getting worked into a frothing rage on a regular basis, kept calling. Eventually, after he had raged for a bit and was catching his breath (I like to think I shortened his life by several years), I explained my tactics to him. At first, he didn't get it, but after I explained that I knew about call time metrics and that I was messing his up on purpose, he REALLY freaked out. After another 5 minutes or so, I pointed out that keeping on the line with me wasn't improving his numbers. He never called back after that.
  Just remember: at a certain point, they aren't wasting your time - they are wasting their own time and amusing you in the process.
  
  --
  "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." Feynman
4. Re:What I do by dasunt · 2012-05-24 10:30 · Score: 2
  
  My goal, keep them online, but not making a sale for as long as I can. If everyone took 30 minutes for each of these sales type calls and never actually buying, then they would stop calling, as the profit margins would sink.
  Or we'd see telemarketers being the driving force behind a Turing-test-passing AI
  ;)
5. Re:What I do by Anonymous Coward · 2012-05-24 10:40 · Score: 5, Funny
  
  Time kept on line:
  2 days ago: 53 mins
  months ago: 1hr 47mins
  Useful lines ...
  "I've got my credit card and I really need your help"
  "yeah, I think it has a virus ... it takes literally 10mins to boot" (make 'em wait 10mins)
  "oh, you meant the PC, not the Mac, hold on" ... 10mins
  "The screen has gone blue and it's crashed... I'll reboot" ... 10mins
  "Someone's at the door, I'll be back" ... 5 mins
  "My wife turned it off while I was downstairs, sorry" ... 10mins
  "I bought a ferrari last week, I got a yellow one. Do you like ferraris"...5 mins
  "What's your job? I break legs for a living" (at this point they got suspicious)
6. Re:What I do by houghi · 2012-05-24 11:02 · Score: 3, Interesting
  
  http://egbg.home.xs4all.nl/counterscript.html
  
  --
  Don't fight for your country, if your country does not fight for you.
7. Re:What I do by Beardo+the+Bearded · 2012-05-24 11:04 · Score: 4, Insightful
  
  One time the woman wouldn't take no for an answer.
  "Listen, do you get paid by the hour or by the call?"
  "By the call."
  "So I've told you I'm not interested, why waste your time? Hang up and move on."
  "Well, I..." *lightbulb on sound* "Good night, sir."
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
8. Re:What I do by Mana+Mana · 2012-05-24 16:02 · Score: 2
  
  This must have been in the 1990s, that's when Abrahan & Straus*, A&S don't you know, got caught hiring unethical bill collectors willing to illegally go after debt-free post-bankruptcy individuals. Eventually this story broke nationally in the news, and A&S was prosecuted either criminally or civilly in the US courts. It went bad for them, as it should, as the bankruptcy law process washes away the old so as to start anew. A&S suffered very bad publicity for their lack of intelligence.
  Anyway, I knew someone who owed A&S/Stern's, went successfully through bankruptcy, whom months later received a hesitant, soft spoken, hemming-hawing telephone call that caused this cleared debtor to say: Are you trying to say you're a bill collector for A&S?
  This person thought (pre-news story, btw) the caller was either a scammer or a retardate, thus he gave him his bankruptcy lawyer's phone number so as to have his concern addressed. Weeks later a different, nastier collector calls, and threatens and blusters and says he'll sue: Go ahead, said the collectee, there is no debt, send me the proof as the law requires! he says finally. More greater bigger bluster comes his way.
  So collectee says, OK give me your name, your company name and your phone number where you can be reached during business hours. Collectee calls his bankruptcy lawyer and says to the receptionist he knows well, ``wazzup, why didn't you handle these idiots.'' She says, I did, in fact hold on, I'll conference you in whilst I call this second guy, you listen silently on the line. He did.
  She spoke with 2nd dude, nastier dude, explained how they should already know this is post-bankruptcy expunged, but anyhow here's the bankruptcy certificate, via fax, again, that idiot number one had already received weeks earlier as a courtesy. Nasty dude complained that collectee was mean, unreasonable, and yelled at him.
  This is priceless, she said, yes, he did, he was angry, as I had already talked, faxed, and dealt with this with his colleague weeks ago, and how they were violating the law. To that he said farewell and was never heard from again. A year later the news broke on what A&S/Stern's was illegally collecting null debt via threats and harassment.
  Long way of saying, if this ever happens to you, contact your State Attorney General (to fuck them over), your bankruptcy lawyer (to clear your mind), and for deserving riches hire a vicious, civil attorney to sue the collector and their original client for un mucho dinero settlement or for grande winning verdict damages!
  * aka Stern's
9. Re:What I do by snowgirl · 2012-05-24 18:03 · Score: 2
  
  I had a collection agency just recently call both my parents suggesting that they were going to be serving process to them for a debt that I owe. I immediately suspected something was up, because that just sounded inconsistent with legal process as I understood it, and my mom was just like "whatever, my daughter will deal with it, I'll just pass the information on." My dad however freaked out suggested that I was going to go to jail and other things, and that if they accept the process for me that they'll be entangled into the suit somehow.
  I called them up, and talked to them for a bit. They implied that there was already legal action pending, but then I let them know that I was uncollectable (even if they sued, and had a valid debt, and a judgement, there would be nothing to collect), and then they seemed to imply that there was no pending legal action. They also suggested that they were a law office, but admitted when I pressed that they didn't have any lawyers on staff, but hired them on as needed. The whole thing sounded fishy, and having a good idea of my rights, I played it heavy handed, and threatened them back and stuff. ("I'll fight this in court, just to raise the cost for you, and you still won't collect anything, because I'm uncollectable.") Overall, it was a fairly enjoyable phone call for me... being able to bludgeon debt collectors back is cathartic...
  Later, I talked to a lawyer friend who commented that yeah, the whole deal was illegal, and if we could identify them that I could sue them for $1,000, and also get the debt cleared. The people were fly-by-night though, and seemed to be using Google Voice or something and when we tried to call back, got no response.
  
  --
  WARNING! This girl exceeds the MAXIMUM SAFE standards established by the FDA for BRATTINESS
And the fix is easy by DigiShaman · 2012-05-24 09:46 · Score: 4, Informative

Reboot the PC. Just after POST (power on self test), tap the F8 key once a second to invoke Windows boot options. Choose "Safe Mode". Click the Start button and type in MSCONFIG. Select "Normal Startup" under the General tab. Reboot again and all should be well. Assuming you didn't provide CC info or let them install any other application.
I'd love to know what public IP they're hiding behind.

--
Life is not for the lazy.
so BAD even YOUR MOM won't fall for this by Thud457 · 2012-05-24 09:53 · Score: 3, Interesting

These "Dave from Houston" fuckheads have called my house repeatedly. Unfortunately, I haven't been home to screw with them. Even my wife felt bad for these pitiful lamebrains when she told them none of our computers run Windows. And then these disorganized half-wits can't remember the FAILED on their previous calls, so they call back again.

--
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Five Times by whisper_jeff · 2012-05-24 09:56 · Score: 2

I've been called by these morons five (yes, FIVE) times so far. Lately, they've taken to calling me at 1:00 or 2:00 in the morning. Now, getting a call from a scammer is annoying - getting a call from a scammer in the middle of the night when you're sound asleep makes you want to stab someone in the throat. Or maybe that's just me...
I hope these pricks die in a fire.
Had one of those idiots too. by mwvdlee · 2012-05-24 10:01 · Score: 5, Interesting

I had one of these guys on the line a while back. Coincidentally while I was fixing some issues with the PC at my computer-illiterate parents' house. Apparently they called a few times before but they only spoke english (with a very heavy indian accent) and my dad wouldn't even know how to order a beer in english, so their "conversations" ended without any harm done.
They directed me to try all different kinds of command line tools that would display long lists of errors (which is was supposed to do on a healthy system). I checked everything he told me to do by first searching on google and within a few minutes I got to a webpage detailing the phone script the scammers were using.
Oddly enough I told him that I was checking everything on Google first and even told him I found this website, but we still went on for nearly 15 minutes or so (he was paying for the phone bill, I could see no harm in making it expensive). I kept asking him questions and calling him out on his lies (literally calling it lies), but still he kept going. At some point it was all some morbid curiosity trip for me, eager to find out how far this could possibly go. He even kept talking after I told him I had enough fun and was going to hang up. I can't quite understand why he kept wasting so much of his time when I identified him as a scammer after the first two minutes and told him so.
I can understand how they could fool a less informed computer user though.

--
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
1. Re:Had one of those idiots too. by JustSomeProgrammer · 2012-05-24 10:22 · Score: 2
  
  I think the people they hire to run the phone lines are paid for minutes on the phone.
Re:Deplorable by bobbied · 2012-05-24 10:12 · Score: 2, Insightful

Right, like the script kitties could tell they where dealing with a Mac much less have a workable scam for Mac they could talk the hapless Apple user though over the phone. If it ain't windows, they ain't getting anywhere cause they usually only know windows.
Before my ISP started blocking port 80,I ran an Apache web server on a stand alone Linux box in my DMZ that had nothing but a single HTML page on it. 99.99% of the access logs where exploits that only worked on Windows products and multiple break in attempts where from the same IP over and over. If they where too ignorant to look at the server type before they tried to break in, or if they somehow figured that what didn't work 15 seconds ago might work this time then it sure fits the view that they are pretty unsophisticated in their approaches when they are trying to break in.
Just running an OS other than Windows offers significant protection from the bulk of web based attacks. Not that it makes breaking in any harder mind you, it's just that most of the "hackers" out there don't know the difference between Red Hat, Ubuntu or Windows and usually cannot even understand what an IP address is much less a TCP port because they just run the tool somebody else wrote for them. These folks don't scare me.
Of course there are a FEW folks who don't fall into what I call "Script Kitties" class, and they are really the dangerous ones because they understand that it is not the breaking in, but the exploitation of getting access that matters. Most of these guys/gals are not going to call you on your phone unless they have reason to target you, and you can bet they won't resort to such low tech methods described in this article.

--
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
I recorded one by Barryke · 2012-05-24 10:32 · Score: 4, Interesting

Three months ago i got a similar call, recorded the conversation (me playing the silly user and him trying to scam me) and forgot to put it online.
So here it is slashdot, i created this page just for you:
http://barrystaes.nl/scambait/
(click the AMR file, its the original file my Android phone recorded and 10x smaller)

--
Hivemind harvest in progress..
1. Re:I recorded one by anilg · 2012-05-24 23:30 · Score: 4, Informative
  
  L.O.L!
  It's funnier to me because you probaby did not catch him swearing in hindi. At around 17:32 he goes "madarchod have you put the dot", which transates to "Motherf**ker have you put the dot", and you go "Dot, yes".
  Then at 19:28 he goes "kahan se ... behenchod" which is roughly "Where did this sisterf**ker come from?".
  And then the end was epic! A++ would hear more recorded conversations
  
  --
  http://dilemma.gulecha.org - My philospohical short film.
An awesome telemarketing call I got by Teppy · 2012-05-24 10:33 · Score: 5, Funny

I have a rule for dealing with telemarketers - if they admit they're telemarketing right away, I'll nicely tell them I'm not interested. If they lie, then anything goes. Here's what happened to someone that called me from a "security company:"

Her: Is the business owner there?
Me: Are you telemarketing?
Her: No.
Me: Ok, this is the owner, how can I help you?
Her: Are you aware of the security threats faced by businesses that use the internet?
Me: Oh, yes, I'm well aware of threats. There are all sorts of threats when you're in business.
Her: Does your business use PCs?
Me: Security is a big problem, lawsuits.
Her: Ok, well, we offer a comprehensive...
Me: Because you know, you can be sued for all sorts of things. Employers can be sued by their employees. Business owners have to be very careful.
Her: (Trying to get back to her script) Yes, I'm aware of that. Well anyway, if your business is one of the millions...
Me: For instance, sexual harassment lawsuits, those are a huge concern if you're in business.
Her: I don't think that's ...
Me: Do you realize that people can sue their employer for harassment just because they receive unwanted sexual advances while at work?
Her: No, I didn't, but...
Me: (whispering) So... what are you wearing?
1. Re:An awesome telemarketing call I got by gman003 · 2012-05-24 12:46 · Score: 5, Funny
  
  Oh, I do this all the time to political surveys. Started out just re-using some Monty Python bits ("I believe America should be an anarcho-syndicalist commune...")
  I'm pretty sure the Republicans' database lists me as a registered Communist and practicing Norse pagan who believes gay marriage should be mandatory, thinks abortion should be illegal "except for ugly chicks like Hillary", supports using nuclear weapons to secure the Canadian border, watches exclusively Fox News, and has voted for Ron Paul in every election since '92. They seem to have caught on - they haven't called at all since 2010 or so.
  If the Democrats ever call, I'm telling them I'm a monarchist, an ordained Coptic Orthodox deacon, and a veteran of the Third Punic War. I may even claim responsibility for the assassination of William McKinley.
2. Re:An awesome telemarketing call I got by kaliann · 2012-05-24 13:27 · Score: 2
  
  I have no mod points, but I loled, and I thank you.
Get them to hang up the quickest. by Necronomicode · 2012-05-24 10:44 · Score: 4, Informative

I've had numerous calls like this. I've taken a number of different stances on dealing with it. On the last one I didn't really have the time or patience so it went like this:-
Them: "Sir, we are ringing you about the errors on your computer".
Me: "Oh, this scam again, trying to get money from people that don't know any better. I don't know how you get away with it, you should be ashamed or yourselves, ashamed!"
Them: "Brrrrrrr....".
Quickest hang up yet. Felt kinda sorry for the poor woman reading the script but if you're gonna work for 'Evil Inc.' then that's what you get.
Other good tactics:
"Oh, I'm out of work, actually could you lend me fifty quid?"
"This is GCHQ madam, the UK government security center - it is a criminal offence to have access to our secure servers. Are you a terrorist?"
"On mondays my papa sings my happy song, huh, huh, huh"
Since they have a script maybe we should make one for us, just to see how they like it :-)
1. Re:Get them to hang up the quickest. by Beardo+the+Bearded · 2012-05-24 11:09 · Score: 5, Funny
  
  One time I got a call from a guy trying to sell a travel service. I try to be polite, since my wife did telemarketing to get through school.
  "How often do you travel?"
  "I can not leave the country at this time."
  "Uh, okay, what about your family, kids?"
  "They are quite young, so they wouldn't travel without a parent."
  "Okay, what about your wife?"
  "I have been advised by my lawyer not to answer any questions about the whereabouts of my wife."
  "..."
  "..."
  "You, uh, you have a good night sir."
  
  --
  
  ---
  ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
I'm from Windows Computer by JoeCommodore · 2012-05-24 11:09 · Score: 2

Most of them know better than to say actual company names so they usually start with something like:
"Hello, Sir, I am calling from Windows Computer..."
Which I usually state what's windows computer, never heard of em... etc. Some of the other posts do give me more ideas. :-D

--
"Enjoy what you're doing! If it becomes drudgery, you're doing it wrong!" - Jim Butterfield
Re:Deplorable by CCarrot · 2012-05-24 11:09 · Score: 4, Funny

Right, like the script kitties could tell they where dealing with a Mac...
I just had this adorable image in my head of a bunch of kittens (picture Royale commercials) gamboling around an iMac, batting the mouse around, laying on the top of the monitor and pawing at the screen, puzzled innocence in their wide blue eyes as they try to figure out where the food comes out. Awww... :)
I think the term is actually 'script kiddies', due to the (usual) youth of the wanna-be bad asses. It's simply the difference between the voiced alveolar stop 'd' and the voiceless alveolar stop 't', so it's easy to misinterpret in speech.
Okay, phonetics info-break over, now back to your regularly scheduled discussion...

--
"I love animals! Some are cute, others are tasty, what's not to like?" - Betsy Schroeder, Jeopardy contestant
I've had a few of these. by epp_b · 2012-05-24 12:22 · Score: 3, Funny

I've gotten a few of these calls. Some idiot with a foreign accent claiming to be "from Windows" (seriously, those were their words).

My mom gotten them too; she immediately hangs up the phone. One of the scammers actually the gall to call her not two seconds later to scold her that hanging up the phone was rude!

I have a similar idea to this guy, except I'd make a little more fun, though I wasn't sure it would work until now. I'm delighted to see that they use a remote control program. My plan is to let them into a sandboxed VM where I'll have prepared a webpage that launches 500 goatse popups or something. I'll record my session, too, but, uh ... just the phone call ;)

I can't wait to get another one of these calls.

*rubs hands together with an evil grin*
Re:Deplorable by kiwimate · 2012-05-24 15:16 · Score: 2

How can you be that knowledgeable about computers and exploits and still use the word "where" four times in two paragraphs when you should've used "were"? This is why they think they can get away with it, people - an enormous lack of linguistic awareness!
Re:Had a call JUST like this about 1 month ago by mcgrew · 2012-05-25 05:35 · Score: 2

Why was this happening from an otherwise excellent program? Single Core CPU trying to run multithreaded code I suspect (yes, multithreaded code actually SLOWS DOWN due to overheads it has, on 1 core systems).
It's simple: Microsoft makes money on every non-Apple computer sold. If they can slow your old box down enough to frustrate you, you'll buy a new computer and they've sold another copy of Windows.
I suspect this is why Windows runs slower and slower as the machine ages. I suspect it's engineered to, just to make you buy a new PC!
Back when I upgraded from 98 to XP, I'd just done a wipe and reinstall of 98 a week before installing XP (got XP because I stupidly forgot to check to see if I had driver disks for hardware and none of the drivers were available on the internet for 98, only XP). One of the installation screens bragged that XP was faster than 98. Well, it was faster than 98 was before I reinstalled 98, but actually a little slower than the freshly installed 98.
The best free AV is Linux.

--
Free Martian Whores!