Slashdot Mirror

← Back to Stories (view on slashdot.org)

Tech Support Scammers Used Victims' Webcams To Secretly Record 'Testimonials' For YouTube (gizmodo.com)

Posted by msmash on from the clever-minds dept.

A team of scammers sneakily filmed dozens of Australians by remotely accessing their webcams, then uploaded those videos onto YouTube, according to Australian news outlet ABC. From a report: The victims were reportedly lured in through a false tech support operation. One victim, Geoff Sussman, told ABC he looked online for a service that could help him download Adobe software. He says he was duped by a fake Adobe support page claiming to provide "Support for Adobe Australia," and called a 1-800 number on the site. The number led him to an operation called Macpatchers, which told him he had a virus and asked him to download software to give them remote access to his computer. This is a common scam technique, but Macpatchers seems to have taken it a step farther and asked him to read a script that appeared on the screen, claiming he was pleased with the service. Unbeknownst to him, Macpatchers were accessing his camera, and recorded the statement. The group then reportedly uploaded the video to YouTube along with the videos of 68 other victims -- a chorus of fake testimonials recommending the service. A man who describes himself as a "scam-baiter" uncovered the operation and shared his finding with ABC. He told ABC that Macpatchers recommended he check out their reviews.

50 comments

  1. "Free" = Red Alert by Tablizer · · Score: 1

    I have a relative who fell for a "free Microsoft service" scam. (No cam here.) The family eventually had to lock their credit and bunches of other headaches because of stolen personal info.

    He fell for it for two reasons. First, he's up there in age and not so clear-thinking these days. Second, he's a cheap-skate and didn't want to pay for real service. The idea of "free" always made him giddy, even before his marbles started slipping away.

    --
    Table-ized A.I.
    1. Re:"Free" = Red Alert by KiloByte · · Score: 1

      Second, he's a cheap-skate and didn't want to pay for real service. The idea of "free" always made him giddy

      Funny that, the idea of "paying" for software makes me, well, not quite giddy. So who's falling for a scam here?

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    2. Re:"Free" = Red Alert by Tablizer · · Score: 1

      the idea of "paying" for software makes me, well, not quite giddy

      OSS stuff can "break" also. OSS's lousy UI's are often a big source of problems & confusion. As much as I despise MS, their UI's are on average slightly better than OSS competitors, probably because they actually test them with real people. OSS should admit it usually sucks when it comes to UI's.

      Something needs to be done about the "giant menu tree of options". It's outgrown it's day. Put all the options into a relational-like system along with synonyms and synopsis's and make them more naturally searchable, almost in a Google sense. Still have tree-menus, fine, but don't make them the only navigation mechanism.

      --
      Table-ized A.I.
    3. Re:"Free" = Red Alert by KiloByte · · Score: 2

      OSS stuff can "break" also.

      The big difference is the right to repair. When proprietary stuff breaks, all you can do is curse the vendor ("tech support" my ass). With OSS, as long as it's not a problem with lousy undocumented hardware (most of the woes these days), you always have the recourse of fixing it yourself, and then sharing your fix with others.

      This by the way is my biggest beef with systemd: it's a big tangle of spaghetti code, with no pieces supposed to be user serviceable. Things done the Unix way are easy to fix by a sysadmin with working knowledge of shell and no special programming ability.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    4. Re:"Free" = Red Alert by Anonymous Coward · · Score: 0

      I'm all for OSS, but LOL, are you suggesting that the demented old geezer in the OP's post make his own fixes for the broken open source software he downloaded?

    5. Re:"Free" = Red Alert by Darinbob · · Score: 1

      My mom fell for this 3 times so far (and avoided one other). She doesn't understand the concept because these guys were helping her "for free". Every time I explained not to do this, and please always call me for help. I think though that she wants some amount of independence here.

    6. Re:"Free" = Red Alert by Gavagai80 · · Score: 1

      Free software is great -- but free services always have a catch. Unless it's a registered charity organization, the odds that someone is donating their time to a random stranger are quite low.

      --
      This space intentionally left blank
    7. Re:"Free" = Red Alert by Anonymous Coward · · Score: 0

      Something needs to be done about the "giant menu tree of options". It's outgrown it's day. Put all the options into a relational-like system along with synonyms and synopsis's and make them more naturally searchable, almost in a Google sense. Still have tree-menus, fine, but don't make them the only navigation mechanism.

      Sounds like what Ubuntu was doing with Unity before they gave up on it.

      Also sounds like what Atom does (and other similar editors).

    8. Re:"Free" = Red Alert by Tablizer · · Score: 1

      One of the reasons OSS documentation is so crappy is because geeks often have a hard time putting themselves in the shoes of a regular user. It's one of the reasons why geek social skills are often not the sharpest tool in our kit.

      --
      Table-ized A.I.
  2. People are stupid. News at 9. by Anonymous Coward · · Score: 1

    Need we say anything more?

    1. Re:People are stupid. News at 9. by cayenne8 · · Score: 2
      I mean, I understand there are a LOT of non-tech types....

      But seriously, someone needs help to figure out how to download and install Adobe software?!?!!?

      I mean, let's face it, it takes a bit of tech to even be able to USE Adobe software....so, if you're able to use it, I'd think you'd have at least enough savvy to go to the website, follow the instructions to download and double click the installer file...?

      --
      Light travels faster than sound. This is why some people appear bright until you hear them speak.........
    2. Re:People are stupid. News at 9. by Anonymous Coward · · Score: 1

      But did they install the Adobe software or not? If they went through all the trouble of getting access to the computer and recording the guy they could at least fulfill his original request. It's not like installing software is hard for someone with that level of competence.

    3. Re:People are stupid. News at 9. by Anonymous Coward · · Score: 2, Interesting

      But seriously, someone needs help to figure out how to download and install Adobe software?!?!!?

      Dude, seriously, never let your own understanding of computers make you forget just how little some people know about them. Suddenly they have one and don't know much about it, and it's a big scary thing.

      I mean, let's face it, it takes a bit of tech to even be able to USE Adobe software

      What, like, viewing a PDF for instance?

      These tech support scams still work, because obviously people still fall for them. By the time you're setting up a web page to claim to be the people to call, and getting users to unknowingly record YouTube testimonials ... you've taken that to a degree of sophistication that the people who will fall for this kind of scam will be unable to avoid.

      I mean, my god, you find it via a Google search, check on YouTube and see testimonials, and then you call.

      There are corporate executives who would fall for this.

      This isn't cold calling, this is actively building pages that show up in searches so people call you. Short of knowing the initial website is a scam, that's awfully hard for someone to guard against.

    4. Re:People are stupid. News at 9. by xvan · · Score: 2

      I mean, my god, you find it via a Google search, check on YouTube and see testimonials, and then you call.

      I don't get that part of the scam. Isn't it cheaper to hire a bunch of fake testimonials? This is really sophisticated but I don't see the purpose.

    5. Re:People are stupid. News at 9. by Darinbob · · Score: 1

      Installing can be a scam in itself. Ie, you click "ok, "ok", "ok", because that's how they know to install software. So one of the first things I do when I visit my mom is go uninstall Chrome because it gets automatically installed when updating software unless you manually unclick a box. This used to be how you got all those stupid helper bars on the browser though that scam seems to be gone.

    6. Re:People are stupid. News at 9. by Anonymous Coward · · Score: 0

      I don't get that part of the scam. Isn't it cheaper to hire a bunch of fake testimonials? This is really sophisticated but I don't see the purpose.

      Because it makes it all the more believable.

      A variety of faces, skin colours, accents ... real people, not actors.

      It tells you how lucrative the scam is if it is worth making fake testimonials by exploiting the access they've gained to the user's machine.

      It's brilliant, and really creepy.

    7. Re:People are stupid. News at 9. by Mal-2 · · Score: 1

      It doesn't take any skill at all to use Flash. If anything, it takes skill to avoid its abuse by sites -- but merely using it is no different from using the browser in general.

      --
      How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
  3. I see by cascadingstylesheet · · Score: 2

    but Macpatchers seems to have taken it a step farther and asked him to read a script that appeared on the screen, claiming he was pleased with the service. Unbeknownst to him, Macpatchers were accessing his camera, and recorded the statement. The group then reportedly uploaded the video to YouTube along with the videos of 68 other victims -- a chorus of fake testimonials recommending the service.

    If you are willing to perform like a trained monkey, I'm not sure anything can help you.

    1. Re:I see by Anonymous Coward · · Score: 0

      Hey, but it was for a free tote bag or 50 percent off their bill or whatever, lol.

    2. Re:I see by Anonymous Coward · · Score: 0

      i WAs confused why anyone would do that but you sold me. If they said "Read this you love us script and we'll make it free" I would understand that.

    3. Re:I see by thegarbz · · Score: 1

      If you are willing to perform like a trained monkey, I'm not sure anything can help you.

      I'm sure we can find your pressure points and get you to dance for us too. The question is just what are they.

  4. Cthulhu Marketing by resistant · · Score: 4, Funny

    This shit is so evil as to be ... actively funny.

    Hey, you know what else would be funny? Tracking down the muppets that pull this crap and breaking their knees on video. It'd be a great testimonial for the baseball bats used. "See, they smash over and over without splintering! Buy Sweet Revenge brand baseball bats today!"

    --
    A truly excellent pizza parlor is a delight unto the heavens. Treasure the sauce and the toppings!
    1. Re:Cthulhu Marketing by laurencetux · · Score: 2

      NO NO NO
      if you are going to use a Bat it must be a Genuine Maple Slugger. And don't forget a nice level swing to the SIDE of the knees gets you a better result.

    2. Re:Cthulhu Marketing by Darinbob · · Score: 1

      I suspect some of these guys are semi-legit, they just don't know that they're enabling others. Ie, a small IT support team is partnered with the real scammers who put up the malware. What they know is that the person on the other end of the phone has "requested" support, and so they walk them through the steps of installing several remote support tools, uninstalling the unapproved anti-malware, etc.

    3. Re:Cthulhu Marketing by gweihir · · Score: 1

      It stops being funny when you think about how these "victims" are allowed to vote or have children. That is a real danger to others and society as a whole.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    4. Re:Cthulhu Marketing by Zontar+The+Mindless · · Score: 1

      When you care enough to use the best...

      --
      Il n'y a pas de Planet B.
    5. Re:Cthulhu Marketing by Cederic · · Score: 1

      Given the well documented impacts of age on peoples ability to engage in the world around them it's quite likely that a lot of these victims were highly successful contributors to society, and should now be getting some protection in return.

      Shit, enough US presidents go senile after they retire to keep a tech support scam running for a fair while.

  5. It's the industry's fault. by Anonymous Coward · · Score: 0

    The tech giants strive to make things as easy to use as possible, to increase their target audience to include the lowest common denominator of intelligence.

    These people are completely lacking in Internet street smarts. They do not have the critical thinking capacity to know how to smell a scam, how to avoid copycat sites, etc. It is dangerous for them to be let loose on the Internet.

    As a lifelong PC user, I recently used my dad's iPad...the browser won't even show you the URL you are accessing. Why in God's name???

  6. What a load of effort to filch a little. by Anonymous Coward · · Score: 0

    How come this is less and easier work than making money legitly? Anyone?

    1. Re: What a load of effort to filch a little. by c6gunner · · Score: 1

      For the same reason that pickpocketing is still a popular form of employment in many places; because there's a shortage of jobs, and an extreme shortage of jobs for those who have no education and limited skillsets.

      This kind of venture - as compared to pickpocketing - obviously takes more effort and money to set up in the first place, but it takes far less effort and money than setting up a real business with a tangible product which is in demand and competitively priced. When you're scamming people you don't really have to worry about pricing, demand, and competition (or at least not as much).

      It's an especially attractive line of business when you're living in some third world shithole and targeting people in first world nations. There's not much you can steal from your neighbours, let alone legitimately earn by selling to them, whereas fleecing a single westerner can keep you fed and happy for the next few weeks.

  7. what? by Anonymous Coward · · Score: 0

    I have a hard time understanding how someone could think that reading something out loud would be a vital step in fixing a computer.

  8. Part of the problem by Anonymous Coward · · Score: 0

    The other part is how much Adobe support sucks. I tried to unsubscribe from Photoshop and there was no way to do it online. I had to call their support center. The rep told me I had to wait until twelve months had passed from the sign up date, and I would only have a month window to cancel renewal.

    1. Re:Part of the problem by sakono · · Score: 1

      Adobe support was demanding I give them a new card for payment and canceled my sub even though the card was still good for 3 months and didn't care that the bank wouldn't send me a new card until the last month the card was good for. kept saying my card was expired every time I talked to them. Be nice if I could just buy the product instead of this stupid subing crap now.

  9. Start with the politicians.... by Anonymous Coward · · Score: 1

    Who allowed us to get to this point. Then the tech company CEOs who helped make the necessity of it believable. Then the developers who implemented it because their fat paychecks were more important than their morality.

    After we've gotten that far you can start beating on the citizenry for either voting these schmucks in, not educating themselves in regards to tech, or for falling for these scams.

    It's beatings all the way down.

  10. And they read it out loud? by MorePower · · Score: 2

    The part that weirds me out the most, they read the script out loud?
    I mean, they didn't think the webcam was on, and they were asked to read a script which supposedly no one could hear. But they read it out loud? And not even in a mumbling, under-their-breath voice, but a clear enough voice with convicing emotion that could be used in a marketing video? When they thought no one could hear them?

    1. Re:And they read it out loud? by Anonymous Coward · · Score: 0

      The part that weirds me out the most, they read the script out loud?

      Well that seems weird to you and me, but think about how common it is becoming to interact with a computer verbally now. Google, Amazon, Apple, Microsoft, all have voice input.

      I could imagine someone who isn't technically astute getting confused about this, especially if they were old enough they didn't grow up with computers.

  11. A fool and his money by mr_resident · · Score: 2

    Jesus Fucking Christ. This clown did everything but drive over to the scammer's house and hand them cash. Is it really a crime to take money from someone this gullible?

    1. Re:A fool and his money by gweihir · · Score: 1

      Still a crime, but the law is useless to fight this. Except maybe to require some minimal understanding of reality and how things work before declaring somebody a legal adult. Doing it by age does clearly not work.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:A fool and his money by Peter+P+Peters · · Score: 1

      Is it really a crime to take money from someone this gullible?

      It's actually a crime not to take it.

  12. Been there by Shemmie · · Score: 4, Interesting

    I had a spare VM image lying around when they called my parents. Was curious what they actually 'did'.

    Got me to download LogMeIn and guided me to Event Viewer. Pointed out "red crosses" as signs of a virus. They then proceeded to poke around the PC, occasionally firing up Regedit, and just generally looking through folders.

    At the end of the process, I explained I'd just been following along as I was curious what the patter was, he attempted to delete My Documents, My Pictures and My Music, and proceeded to swear at me for wasting his time.

    1. Re:Been there by Anonymous Coward · · Score: 2, Interesting

      Got me to download LogMeIn and guided me to Event Viewer. Pointed out "red crosses" as signs of a virus. They then proceeded to poke around the PC, occasionally firing up Regedit, and just generally looking through folders.

      Yup, I've heard this before ... essentially they bring up useless garbage that the victims have no idea what it means, and use that to support the "ah ha, I see the problem" bullshit.

      At the end of the process, I explained I'd just been following along as I was curious what the patter was, he attempted to delete My Documents, My Pictures and My Music, and proceeded to swear at me for wasting his time.

      It amazes me how people who are calling with the explicit knowledge they are scamming you feel you've "wasted their time".

      Sorry man, you're the lying asshole in this scenario (not you Shemmie =), you don't get to be all butt hurt that I've turned the tables. There is no way you can be part of this scam and not know full well it's a scam, so don't give me that innocent shit.

      At this point, I can only say that I'm awfully glad I sat my mother down a bunch of years ago and taught them how to spot scams and not to trust any incoming calls or emails. Now she's pretty quick to just say "fuck off" and hang up.

      The really sad thing, is the internet and caller-id spoofing has made a situation in which the only way to avoid being scammed is to have a degree of paranoia and distrust which would have been a clinical disorder not 20 years ago. Because there are so many people who really are out to get you.

    2. Re:Been there by vlueboy · · Score: 1

      At the end of the process [...] he attempted to delete My Documents, My Pictures and My Music, and proceeded to swear at me for wasting his time.

      It is disappointing and scary that scammers don't just hang up in the safety of their spoofed caller ID.

      The potential harm is deleting hundreds or thousands of pictures or your college papers / thesis or taxes just because their only goals are defrauding your for $$$ or destroying years of your digital memories.
      That this seems widespread among the scammers is worrying, and you'd almost believe that scammer-college is teaching this same type of retaliation to all scammers :)

      I've seen this kind of retaliation in a video where a techy guy on Youtube was documenting an attempt at scamming him.

      It is easy to picture many a senior citizen somewhere getting a scam call to go sour. You can imagine a catalyst being unexpectedly running into a declined credit card transaction, as if the scammer felt he had a right to feel indignant for having had a waste-of-time for an evil deed he failed to complete.

      The lack of automated local data redundancy thru file versioning on Windows is disturbing, especially given how popular ransomware is at achieving similar loss of both data and money.

    3. Re:Been there by Peter+P+Peters · · Score: 1

      Yup, I've heard this before ... essentially they bring up useless garbage that the victims have no idea what it means, and use that to support the "ah ha, I see the problem" bullshit.

      Sounds like a few doctors I've been to...

    4. Re:Been there by Anonymous Coward · · Score: 1

      As alluded to in the summary, one can search 'scambaiting' if they want to get a feel for how these kinds of scams typically go. I know of one streamer, kitboga, who does near-daily streams on Twitch. Mostly tech support scams, but sometimes others like IRS fraud. A really positive guy, especially for Twitch, but it helps offset the urge to take a baseball bat to a scammer's face.

    5. Re:Been there by Shemmie · · Score: 1

      The one consolation here - albeit maybe not for the non-tech senior in your example; they only soft-deleted; the files (Just the samples that come with a Windows install - or used to) ended up in the Recycle Bin.

    6. Re:Been there by vlueboy · · Score: 1

      It's worth checking out the recycle bin

      Thanks for your thread. One AC child post mentions the term "scambating" and my ddg searches were immediately useful. A result was titled "419 Eater - The largest scambaiting community on the planet!"

      I've got mixed feelings about realizing there are online communities doing this! If only we did something more to educate instead of fighting what isn't our war...

      Anyway, I would worry their potential for exposure to retaliation after each volunteer eventually starts appearing in logs repeatedly. I know nothing about Doxing or the volunteer scambaiters' armor / proxies. Maybe the IP addresses and telco details can give away the well-meaning folks to scammer-initiated swatting if the scammers pool a few of their own resources for black ops teams or something --it is more profitable for them to organize versus the anti-scam volunteers and the might even burn a little of their non-zero ill-earned profits to outsource their hero hunts...)

      Another led to a subreddit with this couple-day old post
      https://www.reddit.com/r/scamb...
      it says there is preliminary (unofficial) signs that VMware can be detected and glitched, but I would take these anonymous reports with a grain of salt till I learn more. I've heard of host VM exploits but not of who might use them outside of a security research lab till now

  13. Red Alert = Free by DontBeAMoran · · Score: 1

    https://downloads.tomsguide.co...

    --
    #DeleteFacebook
  14. Only going to get worse by cheesyweasel · · Score: 1

    My mother-in-law was hit with this one. As her "tech support guy", I then had to reformat her PC. They're very slick in gaining people's trust. They ask them to download the software and then read all their stored passwords out to them. Not only is it the money, but it also makes people feel stupid to anyone who finds out they fell for it. It's only going to get worse - what will happen once scammers can emulate other people's voices really well? What about fake photos too? Should old people no longer have a phone?

    1. Re:Only going to get worse by Peter+P+Peters · · Score: 1

      It's only going to get worse - what will happen once scammers can emulate other people's voices really well? What about fake photos too? Should old people no longer have a phone?

      I work in this game and I think even I'm screwed. My plans when I'm old are to move to a third world village with a pre-internet ways of doing everything. The technology is just going to be too good that even I won't be able to tell what's real and what isn't. So what hope does everyone else have?

  15. A freakin' Professor of Medicine! by Anonymous Coward · · Score: 0

    The ABC article includes a screenshot of the scam site, which is riddled with grammatical errors. The victim featured in the article is said to be a Professor of Medicine.

    Further proof that education does not equal intelligence and that age does not confer wisdom.

    Also worth noting that the victim is pictured using a Windows PC, not a Mac as the name of the scam outfit - Macpatchers - would lead you to believe.