Slashdot Mirror
When Antivirus Scammers Call the Wrong Guy
ancientribe writes "Phony AV scammers posing as Microsoft dialed the wrong number when they inadvertently phoned a security researcher at home. He lured them into a honeypot to study their actions, and posted the video online here. His main takeaway: they were 'Stone Age' when it came to their tech know-how."
So they're exactly like Norton, McAfee, and CA?
There's no -1 for "I don't get it."
Scammers (and spammers) wouldn't do this stuff if it didn't pay off.
Even though these guys were idiots, they still manage to scam people. So what does that say about their victims? Ugh.
the call is coming from inside the house!
Don't hate the player, hate the game...
No. I hate both.
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
Well... There used to be a slight delay (like 10 seconds) between the "on hook" (current stops flowing in the loop) and the processing of the "on Hook" condition by the switch. This was to avoid disconnecting calls for momentary current breaks such as when you where dialing a rotary phone or if the user was doing a hook "flash" to switch between parties in a 3-way call. In some cases this delay has been emulated by recent phone system designs for compatibility reasons or simply because that's the way things used to work and the spec still calls for it. These days, I don't think there are many land line phones doing rotary dial and processing flash hook signals, at least in the industrialized world.
This feature was what caused the "Telemarketers have total control of my phone when they call and I can't hang up on them!" rumor from yesteryear. I'm betting that this was the reason you couldn't hang up on them. Next time hang up and wait about 20 seconds and I'll bet you will get a dial tone when you pick up.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
There are much better outlets for exceptional scammers and thieves; politics and wall street seem popular right now.
Damn straight I can blame them.
You don't see me trying to scam Bill Gates or some other bullshit.
If you are at the level where you are pulling these scams internationally over not only the internet, but also calling your victims, then you are not starving and you are probably a little better educated than those around you. These are the people that are dragging down their societies instead of building them up.
I not only blame them, I would like to shoot them for the betterment of their communities.
Don't know something? Look it up. Still don't know? Then ask.
You realize that fraud and scamming people in india is a crime too right?
I don't begrudge and indian guy a job at Infosys or IBM or actual microsoft. You may not like outsourcing, but you can't fault someone for taking a decent job that's a step up from what they have, and you can't expect them to feel bad about taking your job when you get paid 50x as much as they do.
But you still don't feel bad for the guy trying to rob you on the street in New Delhi. He's as much a criminal by indian standards as by western ones.
I admit, there *is* a grey area. Not the area you talked about. But there is a grey area. I feel bad for people there who have to pay bribes to buy a train ticket (which is everyone), and I feel worse when they come here and think they have to do the same thing. But there is a matter of different cultures, and pervasive corruption and ciminality that honest people can't avoid. Fine, I'll forgive some of that. But trying to theft is theft, and I have relatively little tolerance for it, and none at all when it's an intentional organized corporate activity.
I had one of these guys on the line a while back. Coincidentally while I was fixing some issues with the PC at my computer-illiterate parents' house. Apparently they called a few times before but they only spoke english (with a very heavy indian accent) and my dad wouldn't even know how to order a beer in english, so their "conversations" ended without any harm done.
They directed me to try all different kinds of command line tools that would display long lists of errors (which is was supposed to do on a healthy system). I checked everything he told me to do by first searching on google and within a few minutes I got to a webpage detailing the phone script the scammers were using.
Oddly enough I told him that I was checking everything on Google first and even told him I found this website, but we still went on for nearly 15 minutes or so (he was paying for the phone bill, I could see no harm in making it expensive). I kept asking him questions and calling him out on his lies (literally calling it lies), but still he kept going. At some point it was all some morbid curiosity trip for me, eager to find out how far this could possibly go. He even kept talking after I told him I had enough fun and was going to hang up. I can't quite understand why he kept wasting so much of his time when I identified him as a scammer after the first two minutes and told him so.
I can understand how they could fool a less informed computer user though.
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
I once worked for a place that was going through a bankruptcy. Even though all creditors had theoretically been dealt with, there were still a couple collection agencies that chose to not understand that. Because I'm not intimidated by veiled lawsuit threats (or unveiled ones, for that matter), I wound up being "the guy who screens calls". I got quite good at stalling, getting "interrupted" and generally dragging out calls. This eliminated most of the collection calls with a couple of weeks of this treatment. However, there was one collector who, despite getting worked into a frothing rage on a regular basis, kept calling. Eventually, after he had raged for a bit and was catching his breath (I like to think I shortened his life by several years), I explained my tactics to him. At first, he didn't get it, but after I explained that I knew about call time metrics and that I was messing his up on purpose, he REALLY freaked out. After another 5 minutes or so, I pointed out that keeping on the line with me wasn't improving his numbers. He never called back after that.
Just remember: at a certain point, they aren't wasting your time - they are wasting their own time and amusing you in the process.
"For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." Feynman
On some phone systems (for example Luxembourg during the eighties), only the caller can hang up a line.
cpu6502, do you remember if you were in Luxembourg in the eighties when this happened?
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
I have a rule for dealing with telemarketers - if they admit they're telemarketing right away, I'll nicely tell them I'm not interested. If they lie, then anything goes. Here's what happened to someone that called me from a "security company:"
...
Her: Is the business owner there?
Me: Are you telemarketing?
Her: No.
Me: Ok, this is the owner, how can I help you?
Her: Are you aware of the security threats faced by businesses that use the internet?
Me: Oh, yes, I'm well aware of threats. There are all sorts of threats when you're in business.
Her: Does your business use PCs?
Me: Security is a big problem, lawsuits.
Her: Ok, well, we offer a comprehensive...
Me: Because you know, you can be sued for all sorts of things. Employers can be sued by their employees. Business owners have to be very careful.
Her: (Trying to get back to her script) Yes, I'm aware of that. Well anyway, if your business is one of the millions...
Me: For instance, sexual harassment lawsuits, those are a huge concern if you're in business.
Her: I don't think that's
Me: Do you realize that people can sue their employer for harassment just because they receive unwanted sexual advances while at work?
Her: No, I didn't, but...
Me: (whispering) So... what are you wearing?
I had a call from these guys once.
I set up a new user account in Ubuntu, and then ran the remote access software they asked me to download in Wine.
The remote software sort of started to work, and connected to something their end, but didn't work enough to give any desktop access.
I was running wireshark too, so could see which IP addresses it was talking to.
So, I just kept babbling stuff, and pretending I did not know how to set up the remote access software properly. Then I started dropping hints about 'the base firewall' and 'asking the officer on duty' to make it seem like I was on a militery base. Then I said that the commander of the computer section wanted to talk the them, and the phone went dead.
Time kept on line:
2 days ago: 53 mins
months ago: 1hr 47mins
Useful lines ... ... it takes literally 10mins to boot" (make 'em wait 10mins) ... 10mins ... 10mins ... 5 mins ... 10mins
"I've got my credit card and I really need your help"
"yeah, I think it has a virus
"oh, you meant the PC, not the Mac, hold on"
"The screen has gone blue and it's crashed... I'll reboot"
"Someone's at the door, I'll be back"
"My wife turned it off while I was downstairs, sorry"
"I bought a ferrari last week, I got a yellow one. Do you like ferraris"...5 mins
"What's your job? I break legs for a living" (at this point they got suspicious)
One time I got a call from a guy trying to sell a travel service. I try to be polite, since my wife did telemarketing to get through school.
"How often do you travel?"
"I can not leave the country at this time."
"Uh, okay, what about your family, kids?"
"They are quite young, so they wouldn't travel without a parent."
"Okay, what about your wife?"
"I have been advised by my lawyer not to answer any questions about the whereabouts of my wife."
"..."
"..."
"You, uh, you have a good night sir."
---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
I'm going to setup a VM with a desktop showing me raping Shiva, shooting and dismembering a cow while holding the Pakistani flag and taking a shit on a set of cricket stumps. The audio would be interesting.
Um. No. My phone works just fine. I also disconnected the line which should have terminated the call immediate, but the scammer was still talking when I reconnected the line. (I figure they were using some override built into the POTS.)
Such a feature doesn't exist in DMS-100 (unless an engineer is doing a dialtone plunge, but that's not a DMS feature, that's an actual set or test head connected to the line keeping it open). More likely, you have a marginal short on your line, and when you "hung up", the short was low enough at the time to trick the DMS into thinking that there was still a phone of the hook, so it didn't close the line. Depending on the amount of T-R leak that's happening, you may never notice it when you're using the phone, but it could still be enough to trick the DMS into thinking your phone's off the hook.
Of course, in a situation like that, chances are you'd have no dial tone at all, because the DMS would self-disconnect from the line to avoid being damaged, and they wouldn't have been able to ring your line at all, as it would sound busy (or forward to voicemail if you have that line option) with the DMS in PLO state. I suppose if it's a swinging short it could work the way you're describing, but the chances are slim enough that it's equally possible you're just making it up. I'd have to see a 12-point metallic test to know for sure what the problem is with your line, but assuming you're telling the truth, my money's on a swinging tip-ring short.
I guess, maybe, if you're on FTTH and the ONT is bugged out (or you have a problem with your inside wiring), it could behave like that, too. Usually with FTTH I don't see anywhere near the kind of weird shit that I see on copperline, though.
The other possibility is as folks have suggested, 3-way calling. If you hang up and pick up shortly afterwards, it's the same effect as pressing the "flash" or "link" button on your phone, and the DMS will put the first call on hold to allow you to dial a 2nd number. If it triggered when you hung up, it would suggest a defective phone.
Obligatory disclaimer: I do work for the local phone company, and one of my many job functions has been troubleshooting/diagnosing this kind of weird behaviour in order to determine if a field tech visit is needed. I have seen the problem you're describing before, but usually it's followed by a loss of dialtone within an hour after the fact.
Yeah, Club Fed (Lompoc FPC) was real hell. They made me write AP/AR financial software for the BOP using Clipper Summer '87 on an XT. Before getting in the computer department at Lompoc I was on the irrigation crew (think hay fields) with Ivan Boesky humping lines of sprinklers through tall wet grass.
When I got out I went back to broadcast engineering, keeping local radio stations on the air. Then the Internet started and I worked with some locals and people from Seattle to get more than 9 dial-up lines in my small town. Found a good geek woman and we both ended up in Seattle working for Wolfe.net where I answered a cry from Malda for bandwidth. Seems that slashdot's T1 wasn't able to deal with the load and they were looking for someone to host images. I was at an ISP that had a whopping T3 so I set up an old Pent 90 with slackware and apache and handed it over to them. We hosted images.slashdot.org for about a year or so.
At that ISP I took to heart the spammers of the day, mostly teen customers that wanted to "make money fast." I would first try to call them and advise them that it was against the AUP, but would often get the parents. If that didn't work I'd disable the account until the parents would call (of course, they paid the bill.) This was back in the dial-up days and you could do that stuff.
Anyway, my wife and I rode the I-boom up and down, saved some money and now live on an Indian reservation looking over Puget Sound. I now spend my days as an independent field tech going around and fixing things. Life is good.
-- I have a private email server in my basement.