Slashdot Mirror

← Back to Stories (view on slashdot.org)

Turning the Tables On "Phone Tech Support" Scammers

Posted by timothy on from the mouthwatering-shadenfreude dept.

mask.of.sanity writes A security pro has released a Metasploit module that can take over computers running the Ammyy Admin remote control software popular among "Hi this is Microsoft, there's a problem with your computer" tech support scammers. The hack detailed in Matthew Weeks' technical post works from the end-user, meaning victims can send scammers the hijacking exploit when they request access to their machines. Victims should provide scammers with their external IP addresses rather than their Ammyy identity numbers as the exploit was not yet built to run over the Ammyy cloud, according to the exploit readme. This is much more efficient than just playing along but "accidentally" being unable to follow their instructions.

3 of 210 comments (clear)

  1. Re:How about by Wycliffe · · Score: 5, Interesting

    THEM: Hi this is Microsoft and...
    US: hang up
      Done. Fuck this war.

    That's exactly what they want. It's the same reason that scammers say they are from nigeria even when they aren't.
    They don't want to talk to you. They want the non-gullible to hang up as quickly as possible so they can quickly find
    the little old lady who they can steal from. They called my mom and luckily she had 2 things going for her. First,
    she doesn't know enough to actually follow their instructions and second, she called me. Otherwise she would
    probably be out some money and I would be left cleaning up the mess. So sure, it's easier to hang up on them but
    you are actually doing them a favor and helping them out by doing so.

  2. TeamViewer by bhlowe · · Score: 4, Interesting

    I had a "Microsoft" guy walk me through installing TeamViewer. After twenty minutes of goofing with him, I said it was installed (which it already was).. When he asked for my team viewer ID, I asked for him to give me his ID first. They didn't and were mad I wasted their time. But.. it makes me think that the TeamViewer company might be able help track down these jerks.

  3. Windows is updating by jmv · · Score: 4, Interesting

    I like to get these scammers on the line for as long as possible, but without wasting my time. So far, what I've seen to work well was "Oh, my computer just crashed, I need to reboot" and "Now windows is applying updates". This means they'll wait without me having to think of stuff to tell them. Any other effective tricks?

    --
    Opus: the Swiss army knife of audio codec