When Antivirus Scammers Call the Wrong Guy

ancientribe writes "Phony AV scammers posing as Microsoft dialed the wrong number when they inadvertently phoned a security researcher at home. He lured them into a honeypot to study their actions, and posted the video online here. His main takeaway: they were 'Stone Age' when it came to their tech know-how."

Sounds familiar

[MrEricSir]

His main takeaway: they were 'Stone Age' when it came to their tech know-how."

So they're exactly like Norton, McAfee, and CA?

Re:Sounds familiar

[CanHasDIY]

His main takeaway: they were 'Stone Age' when it came to their tech know-how."

So they're exactly like Norton, McAfee, and CA?

How did this get modded 'Funny?'

That shit ain't funny, it's fucking Insightful.

Re:Sounds familiar

[dontmakemethink]

His main takeaway: they were 'Stone Age' when it came to their tech know-how."

So they're exactly like Norton, McAfee, and CA?

How did this get modded 'Funny?' That shit ain't funny, it's fucking Insightful.

How did this get modded 'Insightful'?

The GP was insightful. This shit ain't insightful, it's fucking Funny.

[Hint: to break the chain, mod this 'Informative'.]

Re:Sounds familiar

[sa1lnr]

"That shit ain't funny, it's fucking Insightful."

Great, now we're getting false funnies.

Re:Sounds familiar

[hairyfeet]

No shit, I don't know how many times i have had people bring in a machine and complains "Its so slow it has GOT to be a virus" and I find they are right...its a virus called norton or McCrappy. It never fails to amaze me how bad some of these AVs get when it comes to hogging, especially on laptops. I'll give them Avast or Comodo or if they REALLY know what they are doing MSE, but Horton and mcCrap are just fucking terrible! I have been told their enterprise version, at least with Norton, isn't like that so i have to say WTF? why can't you do that with the consumer version?

But the bitch is it isn't the PC bugs I've seen much of lately, win 7 and a decent AV have that problem pretty well handled, its the mobile scams. If you want to know more check my journal entry here but please folks, remember that many haven't got the exp we have so warn them about the phone scams, because the amount of variants i've seen in just the last week tell me this one is gonna spread and be nasty as all hell.

Re:Sounds familiar

These guys are dumber than that. The guy uses his personal email id for the payment gateway. His email is kunal_smart22@yahoo.in (Feel free to email him). He left is photograph at http://www.askmefast.com/categorydetail.php?cmd=ulist&userid=967853. He has even posted a question "Can i use this payment gateway for my call center which provide online technical support to usa,canada? " in the forum. I can also point out some security holes in his website, but I guess, I would doing more harm than good. So I will leave that out.

Re:Sounds familiar

[ozmanjusri]

I have been told their enterprise version, at least with Norton, isn't like that so i have to say WTF?

One of my (Fortune 100) clients has McAfee enterprise and I can vouch for the fact that it's horrible there too.

Just an example; what they call "Wasted Wednesday" has nothing to do with substance abuse, and everything to do with mandatory virus scans that make computers unusable for hours.

Re:Sounds familiar

[Fjandr]

It's the plural of the Latin 2nd declension noun "virius," which means "One who does not understand Latin."

Re:Sounds familiar

[kyrio]

Pretty much any third party report (third party = not paid for by anyone related to the reported) ranks MSE higher overall. Sure, Norton can catch them, but it kills your system doing so, even now. There are at least 5 other AV software (including MSE) that are better than Norton.

Re:Sounds familiar

[hairyfeet]

This is why i think words like "sheeple" or "corporate lemmings" is perfectly legitimate in certain contexts. because if an idea is bad and many do it...it is STILL A BAD IDEA and having many morons follow that bad idea doesn't magically make it good! I have dealt with Comodo Enterprise for some of my SMB customers and frankly it has everything except the crazy support costs, and unlike those other AVs you can actually get shit done while its running without it feeling like its tied a damned boat anchor around your machine.

I have always believed in using what you recommend and I've been running Comodo for a couple of years now with ZERO hassles or bullshit, hell I even have it on my kid's gamer boxes. When i went to show them how to turn off services in Comodo for when they game they said "What for? We just tell Comodo we want to run it and that's it" which frankly blew my mind because if there is one thing an AV will usually do its slow the hell out of gaming but nope, even with games it just didn't bog down their systems.

Contrast this with norton and mcAfee where I have yet to see it on a system that didn't feel like the entire system was running in slo mo. This is why I have been handing out Comodo to all my business customers and have started handing out to home users as well, because what damned good is an AV if it makes the whole system a royal PITA to use? To me the ultimate AV should ask you as few questions as possible and should only bother you when it has something important it needs your attention for and that's Comodo in a nutshell. the only time I hear from it is if it has blocked a site for having a malicious script or if i launch a program for the first time it asks whether or not I'd like it sandboxed, that's it. I just tell it what i want the default behavior to be for that program and it never asks again, it just does what its told.

How anyone can put up with a boat anchor AV is beyond me, I set up a test bed and tried all the different AVs simply because the AV I had been using (AVG) had become bloated and felt like a boat anchor. If you can't use the damned machine, what good is having it clean?

Re:Sounds familiar

[denis-The-menace]

You should have mentioned "Underated" so that you could end up with +5 Underated

Re:Sounds familiar

[mcgrew]

I've never seen that one before, congratulations! However, it just says (5). You have to click the 5 to see that every single moderator modded you "underrated".

How did you guys manage to hypnotise the moderators? Hey, moderators, could you mail me some cash?

Damn, it didn't work :(

Question- How did scammers do this?

[cpu6502]

I got a similar call to the guy in the article. So I hung up.

They called back, and I hung up again except the phone didn't hang up. I even held down the "on hook" button but the call would not terminate. Any ideas how the scammers accomplished this?

Re:Question- How did scammers do this?

[SScorpio]

In your rage you slammed down the receiver too hard and now the "on hook" button isn't registering correctly?

Re:Question- How did scammers do this?

the call is coming from inside the house!

Re:Question- How did scammers do this?

I'll use logmein to fix your phone issue.

Re:Question- How did scammers do this?

[ArsenneLupin]

On some phone systems (for example Luxembourg during the eighties), only the caller can hang up a line. If the callee "hangs up" it's not really hung up until the caller hangs up as well, and a malicious caller can tie up his victim's line as long as he wants.

Normally this is not an issue, as in a normal call both parties will hang up. However, back in the day, pranksters figured out that this was an excellent way of annoying call-in amateur ("pirate") radio stations, completely sabotaging their game shows this way...

Re:Question- How did scammers do this?

[Archangel+Michael]

I had a similar call about a month ago. My wife answered it and then hung up. I wish she would have handed the phone to me. I would have had a field day, acting stupid, and getting as much info as I could so that I could return their "favor".

Re:Question- How did scammers do this?

[CanHasDIY]

Um. No. My phone works just fine. I also disconnected the line which should have terminated the call immediate, but the scammer was still talking when I reconnected the line. (I figure they were using some override built into the POTS.)

...Which is precisely why man invented the airhorn.

Next time those bastards grab your line and won't let go, give them a really, really fucking loud reason to.

Re:Question- How did scammers do this?

[bobbied]

Well... There used to be a slight delay (like 10 seconds) between the "on hook" (current stops flowing in the loop) and the processing of the "on Hook" condition by the switch. This was to avoid disconnecting calls for momentary current breaks such as when you where dialing a rotary phone or if the user was doing a hook "flash" to switch between parties in a 3-way call. In some cases this delay has been emulated by recent phone system designs for compatibility reasons or simply because that's the way things used to work and the spec still calls for it. These days, I don't think there are many land line phones doing rotary dial and processing flash hook signals, at least in the industrialized world.

This feature was what caused the "Telemarketers have total control of my phone when they call and I can't hang up on them!" rumor from yesteryear. I'm betting that this was the reason you couldn't hang up on them. Next time hang up and wait about 20 seconds and I'll bet you will get a dial tone when you pick up.

Re:Question- How did scammers do this?

[Bromskloss]

On some phone systems (for example Luxembourg during the eighties), only the caller can hang up a line.

cpu6502, do you remember if you were in Luxembourg in the eighties when this happened?

Re:Question- How did scammers do this?

[bobbied]

I think a dialer would have no way to know that the called party was trying to hang up until the local switch processed the "on hook" (hang up) event. Looking at the SS7 ISUP signaling, there is nothing that would carry that information back to the caller that indicated a hook flash once the call was Answered.

As I recall the one commercial dialer I worked on years ago, we did listen for modem tones, but would pass any answered calls to the operators for processing. We could also hear the "Beep" from most answering machines and deal with that by calling back later, but it was hit/miss at best. We could also listen for silence, and only transfer calls that somebody said "hello" (actually anything else) to operators, but we would hang up on silence after a few seconds, not on a called party hook flash. All this was done to reduce the Long Distance charges and not pass bad calls to operators that where paid by the hour. The motive was $$ not because the called party might need to make a 911 call.

Re:Question- How did scammers do this?

[Zapotek]

I used to use a modem for that back in the dial-up days; when I wanted to go on-line but someone in the house was using the phone I sent a message to the modem via the terminal and it started screaching bloody murder.

Re:Question- How did scammers do this?

[slew]

I'm not a Pheaker, but as I understand it, there is a way to reverse the roles of the caller and the callee. It's useful for the 911 and the police as they can maintain the connection long enough to preform a trace.

My information is pretty dated, but as I recall, although theoretically you can do pretty much anything in the exchange (say like reverse roles and perform a trace), in practice, you probably can't do too much at the calling or called side unless it was the same exchange that handled the caller and callee (esp if it is a crufty old 5ESS). Of course with the current telephone network, no phreaking signals are accepted as the voice path and the signalling path is now totally separate... (In the United States, the last exchange that kind of stuff worked on was wawina and that ended in June 15, 2006)

Note that in SS7 (and it's messages, described by the ITU Q.764 standard which is freely available), either side can disconnect. If the calling party disconnects, a release request (REL) is sent to the terminating exchange and it's up to that exchange to release the line and send a release complete (RLC). If the terminating exchange is next to the police dept or 911**, that terminating exchange could theoretically could hold the line for a while for a trace (although intermediate exchanges may time this out, so you can't do this forever). The same is true for the called party disconnecting which initiates a REL going back to the originating exchange. In this case the originating exchange might hold the line for a while after receiving a REL, but even if the caller doesn't hang up, eventually it will release and send the RLC back to the terminating exchange and release the called line. For other than weird billing purposes, there's not much of a reason to switch caller and callee after a call starts as the caller's exchange is the one that usually initiates the billing record (unless you want to bill say both sides). I don't think you can cancel billing once it started on the caller's originating exchange on most systems.

**911 doesn't work by tracing your call through the network, it works by the orignating exchange sending the correct network address information about the caller in a call-origination message to the 911 exchange (similar to callerID).

Re:Question- How did scammers do this?

[realityimpaired]

Um. No. My phone works just fine. I also disconnected the line which should have terminated the call immediate, but the scammer was still talking when I reconnected the line. (I figure they were using some override built into the POTS.)

Such a feature doesn't exist in DMS-100 (unless an engineer is doing a dialtone plunge, but that's not a DMS feature, that's an actual set or test head connected to the line keeping it open). More likely, you have a marginal short on your line, and when you "hung up", the short was low enough at the time to trick the DMS into thinking that there was still a phone of the hook, so it didn't close the line. Depending on the amount of T-R leak that's happening, you may never notice it when you're using the phone, but it could still be enough to trick the DMS into thinking your phone's off the hook.

Of course, in a situation like that, chances are you'd have no dial tone at all, because the DMS would self-disconnect from the line to avoid being damaged, and they wouldn't have been able to ring your line at all, as it would sound busy (or forward to voicemail if you have that line option) with the DMS in PLO state. I suppose if it's a swinging short it could work the way you're describing, but the chances are slim enough that it's equally possible you're just making it up. I'd have to see a 12-point metallic test to know for sure what the problem is with your line, but assuming you're telling the truth, my money's on a swinging tip-ring short.

I guess, maybe, if you're on FTTH and the ONT is bugged out (or you have a problem with your inside wiring), it could behave like that, too. Usually with FTTH I don't see anywhere near the kind of weird shit that I see on copperline, though.

The other possibility is as folks have suggested, 3-way calling. If you hang up and pick up shortly afterwards, it's the same effect as pressing the "flash" or "link" button on your phone, and the DMS will put the first call on hold to allow you to dial a 2nd number. If it triggered when you hung up, it would suggest a defective phone.

Obligatory disclaimer: I do work for the local phone company, and one of my many job functions has been troubleshooting/diagnosing this kind of weird behaviour in order to determine if a field tech visit is needed. I have seen the problem you're describing before, but usually it's followed by a loss of dialtone within an hour after the fact.

Re:Question- How did scammers do this?

[Nethead]

I remember working C64 BASIC code to hack out call progress detection back in the early 80's. Had a Code-A-Phone where we pulled the 8042 microcontroler and emulated it with the C64. The Teltone/SSI chips (981, etc.) really saved our asses. Then I figured out how to brute-force calling card numbers with the hardware. Long story short, three years in Club Fed.

Re:Question- How did scammers do this?

[Nethead]

Yeah, Club Fed (Lompoc FPC) was real hell. They made me write AP/AR financial software for the BOP using Clipper Summer '87 on an XT. Before getting in the computer department at Lompoc I was on the irrigation crew (think hay fields) with Ivan Boesky humping lines of sprinklers through tall wet grass.

When I got out I went back to broadcast engineering, keeping local radio stations on the air. Then the Internet started and I worked with some locals and people from Seattle to get more than 9 dial-up lines in my small town. Found a good geek woman and we both ended up in Seattle working for Wolfe.net where I answered a cry from Malda for bandwidth. Seems that slashdot's T1 wasn't able to deal with the load and they were looking for someone to host images. I was at an ISP that had a whopping T3 so I set up an old Pent 90 with slackware and apache and handed it over to them. We hosted images.slashdot.org for about a year or so.

At that ISP I took to heart the spammers of the day, mostly teen customers that wanted to "make money fast." I would first try to call them and advise them that it was against the AUP, but would often get the parents. If that didn't work I'd disable the account until the parents would call (of course, they paid the bill.) This was back in the dial-up days and you could do that stuff.

Anyway, my wife and I rode the I-boom up and down, saved some money and now live on an Indian reservation looking over Puget Sound. I now spend my days as an independent field tech going around and fixing things. Life is good.

Re:Question- How did scammers do this?

[wrook]

Disclaimer: I used to work on the DMS-100 (perhaps I should post this as anonymous coward... :-P ) At least when i worked on it, there were plenty of bugs with respect to various features (especially 3-way call) and various agent types. Stupidly enough, although it was not the correct way to do things, the most common way to clear a call was to take down one end and then wait for the audit process to come around, notice that one end was down and take down the other end. If you hang up and then pick up the phone again, depending on what code paths you were going through, you could reconnect the call before the audit process tore it down. Unfortunately, it was a problem that was nearly impossible to fix because the DMS uses completely different code depending on agent types and features that are in use. You would practically have to go through all 30 million lines of code.

It's been about 15 years since I worked there, so I can't remember very much any more, but I used to play party games demonstrating all the bizarre behaviour you could get your phone to do. The thing was that end users think of their phone as a kind of widget. They have no idea there's a computer in the switch directing things. When weird things happen they either blame themselves or come up with conclusions like the GP (the scammers figured out how to hold the line up). Just bad code, that's all.

Bummer is, it works

[Toe,+The]

Scammers (and spammers) wouldn't do this stuff if it didn't pay off.

Even though these guys were idiots, they still manage to scam people. So what does that say about their victims? Ugh.

Re:Bummer is, it works

[Belial6]

I would really like to agree with you at least a little bit, but it isn't 1995 anymore. Waving off ignorance as "I don't understand computers" isn't a valid answer anymore. It is basic safety when using a telephone not to give out credit card numbers or any other personal information to someone that calls you. Not typing things into your computer and giving access to someone that calls you isn't "Computer Knowledge" it is "Telephone Knowledge", and the telephone has been in wide use long enough that claiming you don't know how to use it isn't a valid answer either.

Not surprising

[Baloroth]

Hardly surprising their tech know-how was stone-age. If they were actually competent, they wouldn't be running some lame over-the-phone scam like this. They would either be working a legitimate job or running a large-scale botnet somewhere. The vast majority of criminals are stupid, because smart people either don't get into crime or don't do low-level crap like this.

Re:Not surprising

[oxdas]

There are much better outlets for exceptional scammers and thieves; politics and wall street seem popular right now.

I got one of these, too

[J053]

Happened just the other day. They didn't claim to be from Microsoft, though. I asked the caller what OS was on my computer, and she said "Either XP or 7". I don't have any Windows systems in my house, and the call was interrupting something else I wanted to do, so I just said "Wrong!" and hung up.

Re:I got one of these, too

[Lumpy]

Now see this would be fun, fire up a VM with Ubuntu 11 on it and let them have a go.

Or better yet, a windows Skinned XFCE. it looks right but nothing is right......

Re:I got one of these, too

I had a call from these guys once.

I set up a new user account in Ubuntu, and then ran the remote access software they asked me to download in Wine.
The remote software sort of started to work, and connected to something their end, but didn't work enough to give any desktop access.
I was running wireshark too, so could see which IP addresses it was talking to.

So, I just kept babbling stuff, and pretending I did not know how to set up the remote access software properly. Then I started dropping hints about 'the base firewall' and 'asking the officer on duty' to make it seem like I was on a militery base. Then I said that the commander of the computer section wanted to talk the them, and the phone went dead.

Re:I got one of these, too

[neonsignal]

A elderly friend of my parents got one of these scam calls; the caller at the end of the line explained to her that "they could see that there was a problem with her computer" and that they could help her to fix it. She said "there sure is a problem; I took it down to the rubbish tip last month".

Re:I got one of these, too

My Mum, continously gets these... One day when I was at her house, she got a call... This is when the fun began... The call goes as follows.

Indian Woman: Hello I am calling from Windows. We have seen that your pc has a virus. We would like to remove the virus from Microsoft.
My Mum: I don't understand my computer is fine. Where are you calling from?
Indian Woman: I am calling from Windows. Our software has informed us that you have a virus, and needs to be removed?
My Mum: I'm just going to put someone else on the phone.
Indian Woman: OK
My Mum: *passes phone to me
Me: *mash 6 random phone buttons.* Hello Madam, you have fallen into a continuously monitored phone number. You have made so many calls pretending to represent Microsoft falsly, that we at Microsoft are now starting to monitor these calls, and have provided a service to record and trace calls.
Indian Woman: I HAVE DONE NOTHING WRONG! (screamed)
Me: Never the less madam you have twice used our trademarked name Windows. and presented yourself as an employee of Microsoft. Therefore you are breaching various trademark rules and copyright rules. In addition you are liable in the uk for libel as the calls are being recorded.
Indian Woman: I HAVE DONE NOTHING WRONG!!! (screamed even louder in a higher pitched voice)
Me: Never the less you have broken the law. These calls are being recorded, and you have been on the call for a long enough period now for our technical team to have traced the call back to your place of operations. The Indian police should be contacting you within the next few days. To assist them with our joint operations to stop this scam.
Indian Woman: I HAVE DONE NOTHING WRONG!!! (now shouted in such a pitch that it hurt my ears)
Phone: click duuuuuuuuuuuuuuuuuuuuuuuu .

Re:Can you blame them?

[X0563511]

Don't hate the player, hate the game...

No. I hate both.

Re:Can you blame them?

[fuzzyfuzzyfungus]

Your 'peak hatred' attitude is disguistingly defeatist.

Hate player, the game, the phrase 'don't hate the player, hate the game' and anybody who uses that phrase. And you'll still have plenty to go around!

What I do

[Mortimer82]

I say "Okay, hold on a moment please." I then leave the phone call active, put the phone on my desk or something and do something else until they get bored.

Re:What I do

[Archangel+Michael]

I do that, except I'll go back every couple minutes or so and say .. can you hold on, I really want to talk to you, but I have to finish this one thing ..

I keep a log of how long they will hang on ... the current record, for some insurance company, was nearly 35 minutes before they hung up. They did call back three time afterwards ... but didn't hold on much more than a couple minutes.

My goal, keep them online, but not making a sale for as long as I can. If everyone took 30 minutes for each of these sales type calls and never actually buying, then they would stop calling, as the profit margins would sink.

Re:What I do

[The+Mister+Purple]

I once worked for a place that was going through a bankruptcy. Even though all creditors had theoretically been dealt with, there were still a couple collection agencies that chose to not understand that. Because I'm not intimidated by veiled lawsuit threats (or unveiled ones, for that matter), I wound up being "the guy who screens calls". I got quite good at stalling, getting "interrupted" and generally dragging out calls. This eliminated most of the collection calls with a couple of weeks of this treatment. However, there was one collector who, despite getting worked into a frothing rage on a regular basis, kept calling. Eventually, after he had raged for a bit and was catching his breath (I like to think I shortened his life by several years), I explained my tactics to him. At first, he didn't get it, but after I explained that I knew about call time metrics and that I was messing his up on purpose, he REALLY freaked out. After another 5 minutes or so, I pointed out that keeping on the line with me wasn't improving his numbers. He never called back after that.

Just remember: at a certain point, they aren't wasting your time - they are wasting their own time and amusing you in the process.

Re:What I do

Time kept on line:
    2 days ago: 53 mins
    months ago: 1hr 47mins

Useful lines ...
    "I've got my credit card and I really need your help"
    "yeah, I think it has a virus ... it takes literally 10mins to boot" (make 'em wait 10mins)
    "oh, you meant the PC, not the Mac, hold on" ... 10mins
    "The screen has gone blue and it's crashed... I'll reboot" ... 10mins
    "Someone's at the door, I'll be back" ... 5 mins
    "My wife turned it off while I was downstairs, sorry" ... 10mins
    "I bought a ferrari last week, I got a yellow one. Do you like ferraris"...5 mins
    "What's your job? I break legs for a living" (at this point they got suspicious)

Re:What I do

[houghi]

http://egbg.home.xs4all.nl/counterscript.html

Re:What I do

[Beardo+the+Bearded]

One time the woman wouldn't take no for an answer.

"Listen, do you get paid by the hour or by the call?"

"By the call."

"So I've told you I'm not interested, why waste your time? Hang up and move on."

"Well, I..." *lightbulb on sound* "Good night, sir."

And the fix is easy

[DigiShaman]

Reboot the PC. Just after POST (power on self test), tap the F8 key once a second to invoke Windows boot options. Choose "Safe Mode". Click the Start button and type in MSCONFIG. Select "Normal Startup" under the General tab. Reboot again and all should be well. Assuming you didn't provide CC info or let them install any other application.

I'd love to know what public IP they're hiding behind.

so BAD even YOUR MOM won't fall for this

[Thud457]

These "Dave from Houston" fuckheads have called my house repeatedly. Unfortunately, I haven't been home to screw with them. Even my wife felt bad for these pitiful lamebrains when she told them none of our computers run Windows. And then these disorganized half-wits can't remember the FAILED on their previous calls, so they call back again.

Re:Can you blame them?

[Jeng]

Damn straight I can blame them.

You don't see me trying to scam Bill Gates or some other bullshit.

If you are at the level where you are pulling these scams internationally over not only the internet, but also calling your victims, then you are not starving and you are probably a little better educated than those around you. These are the people that are dragging down their societies instead of building them up.

I not only blame them, I would like to shoot them for the betterment of their communities.

Re:Can you blame them?

[Sir_Sri]

You realize that fraud and scamming people in india is a crime too right?

I don't begrudge and indian guy a job at Infosys or IBM or actual microsoft. You may not like outsourcing, but you can't fault someone for taking a decent job that's a step up from what they have, and you can't expect them to feel bad about taking your job when you get paid 50x as much as they do.

But you still don't feel bad for the guy trying to rob you on the street in New Delhi. He's as much a criminal by indian standards as by western ones.

I admit, there *is* a grey area. Not the area you talked about. But there is a grey area. I feel bad for people there who have to pay bribes to buy a train ticket (which is everyone), and I feel worse when they come here and think they have to do the same thing. But there is a matter of different cultures, and pervasive corruption and ciminality that honest people can't avoid. Fine, I'll forgive some of that. But trying to theft is theft, and I have relatively little tolerance for it, and none at all when it's an intentional organized corporate activity.

Had one of those idiots too.

[mwvdlee]

I had one of these guys on the line a while back. Coincidentally while I was fixing some issues with the PC at my computer-illiterate parents' house. Apparently they called a few times before but they only spoke english (with a very heavy indian accent) and my dad wouldn't even know how to order a beer in english, so their "conversations" ended without any harm done.

They directed me to try all different kinds of command line tools that would display long lists of errors (which is was supposed to do on a healthy system). I checked everything he told me to do by first searching on google and within a few minutes I got to a webpage detailing the phone script the scammers were using.

Oddly enough I told him that I was checking everything on Google first and even told him I found this website, but we still went on for nearly 15 minutes or so (he was paying for the phone bill, I could see no harm in making it expensive). I kept asking him questions and calling him out on his lies (literally calling it lies), but still he kept going. At some point it was all some morbid curiosity trip for me, eager to find out how far this could possibly go. He even kept talking after I told him I had enough fun and was going to hang up. I can't quite understand why he kept wasting so much of his time when I identified him as a scammer after the first two minutes and told him so.

I can understand how they could fool a less informed computer user though.

I recorded one

[Barryke]

Three months ago i got a similar call, recorded the conversation (me playing the silly user and him trying to scam me) and forgot to put it online.

So here it is slashdot, i created this page just for you:
http://barrystaes.nl/scambait/

(click the AMR file, its the original file my Android phone recorded and 10x smaller)

Re:I recorded one

[anilg]

L.O.L!

It's funnier to me because you probaby did not catch him swearing in hindi. At around 17:32 he goes "madarchod have you put the dot", which transates to "Motherf**ker have you put the dot", and you go "Dot, yes".

Then at 19:28 he goes "kahan se ... behenchod" which is roughly "Where did this sisterf**ker come from?".

And then the end was epic! A++ would hear more recorded conversations

An awesome telemarketing call I got

[Teppy]

I have a rule for dealing with telemarketers - if they admit they're telemarketing right away, I'll nicely tell them I'm not interested. If they lie, then anything goes. Here's what happened to someone that called me from a "security company:"

Her: Is the business owner there?
Me: Are you telemarketing?
Her: No.
Me: Ok, this is the owner, how can I help you?
Her: Are you aware of the security threats faced by businesses that use the internet?
Me: Oh, yes, I'm well aware of threats. There are all sorts of threats when you're in business.
Her: Does your business use PCs?
Me: Security is a big problem, lawsuits.
Her: Ok, well, we offer a comprehensive...
Me: Because you know, you can be sued for all sorts of things. Employers can be sued by their employees. Business owners have to be very careful.
Her: (Trying to get back to her script) Yes, I'm aware of that. Well anyway, if your business is one of the millions...
Me: For instance, sexual harassment lawsuits, those are a huge concern if you're in business.
Her: I don't think that's ...
Me: Do you realize that people can sue their employer for harassment just because they receive unwanted sexual advances while at work?
Her: No, I didn't, but...
Me: (whispering) So... what are you wearing?

Re:An awesome telemarketing call I got

[gman003]

Oh, I do this all the time to political surveys. Started out just re-using some Monty Python bits ("I believe America should be an anarcho-syndicalist commune...")

I'm pretty sure the Republicans' database lists me as a registered Communist and practicing Norse pagan who believes gay marriage should be mandatory, thinks abortion should be illegal "except for ugly chicks like Hillary", supports using nuclear weapons to secure the Canadian border, watches exclusively Fox News, and has voted for Ron Paul in every election since '92. They seem to have caught on - they haven't called at all since 2010 or so.

If the Democrats ever call, I'm telling them I'm a monarchist, an ordained Coptic Orthodox deacon, and a veteran of the Third Punic War. I may even claim responsibility for the assassination of William McKinley.

Get them to hang up the quickest.

[Necronomicode]

I've had numerous calls like this. I've taken a number of different stances on dealing with it. On the last one I didn't really have the time or patience so it went like this:-
Them: "Sir, we are ringing you about the errors on your computer".
Me: "Oh, this scam again, trying to get money from people that don't know any better. I don't know how you get away with it, you should be ashamed or yourselves, ashamed!"
Them: "Brrrrrrr....".

Quickest hang up yet. Felt kinda sorry for the poor woman reading the script but if you're gonna work for 'Evil Inc.' then that's what you get.

Other good tactics:
"Oh, I'm out of work, actually could you lend me fifty quid?"
"This is GCHQ madam, the UK government security center - it is a criminal offence to have access to our secure servers. Are you a terrorist?"
"On mondays my papa sings my happy song, huh, huh, huh"

Since they have a script maybe we should make one for us, just to see how they like it :-)

Re:Get them to hang up the quickest.

[Beardo+the+Bearded]

One time I got a call from a guy trying to sell a travel service. I try to be polite, since my wife did telemarketing to get through school.

"How often do you travel?"

"I can not leave the country at this time."

"Uh, okay, what about your family, kids?"

"They are quite young, so they wouldn't travel without a parent."

"Okay, what about your wife?"

"I have been advised by my lawyer not to answer any questions about the whereabouts of my wife."

"..."

"..."

"You, uh, you have a good night sir."

Re:Deplorable

[CCarrot]

Right, like the script kitties could tell they where dealing with a Mac...

I just had this adorable image in my head of a bunch of kittens (picture Royale commercials) gamboling around an iMac, batting the mouse around, laying on the top of the monitor and pawing at the screen, puzzled innocence in their wide blue eyes as they try to figure out where the food comes out. Awww... :)

I think the term is actually 'script kiddies', due to the (usual) youth of the wanna-be bad asses. It's simply the difference between the voiced alveolar stop 'd' and the voiceless alveolar stop 't', so it's easy to misinterpret in speech.

Okay, phonetics info-break over, now back to your regularly scheduled discussion...

Re:Can you blame them?

I'm going to setup a VM with a desktop showing me raping Shiva, shooting and dismembering a cow while holding the Pakistani flag and taking a shit on a set of cricket stumps. The audio would be interesting.

I've had a few of these.

[epp_b]

I've gotten a few of these calls. Some idiot with a foreign accent claiming to be "from Windows" (seriously, those were their words).

My mom gotten them too; she immediately hangs up the phone. One of the scammers actually the gall to call her not two seconds later to scold her that hanging up the phone was rude!

I have a similar idea to this guy, except I'd make a little more fun, though I wasn't sure it would work until now. I'm delighted to see that they use a remote control program. My plan is to let them into a sandboxed VM where I'll have prepared a webpage that launches 500 goatse popups or something. I'll record my session, too, but, uh ... just the phone call ;)

I can't wait to get another one of these calls.

*rubs hands together with an evil grin*

Re:Can you blame them?

[NemoinSpace]

Why don't you go back to responding to Nigerian email scams instead of posting variations of liberal ethics on slashdot?
People of honor will do whatever they have to do to make it through the day. And they will do it honorably - or die trying.
Scumbags however, will be scumbags their whole life and will count on morons like you to justify their pathological behavior.
Usually guys like this tend to congregate in town inhabited by guys like you. Then of course you will call upon guys like me to take care of your "problem" for you. Because of course, you prefer to remain anonymous cowards, all the while spewing your superior social intellect.
/end ass ream.