The Internet gets mad?and hilarious?in exposing an obnoxious tech-related scam.
Aurich Lawson / Thinkstock
Pity the poor employees of companies like ?Windows Technical Support??scammers who make money by ?fixing? computers that were never broken in the first place. For the people who pose as Windows support technicians and cold call unsuspecting victims to warn them about bogus viruses, life is good as long as they can wrangle credit card numbers and remote PC access from the gullible.
The scammer?who is generally from India but claims to live in the same country as the victim?tells whoever picks up the phone that their computer has been identified as having a virus. The scammer directs the user to look in the Windows Event Viewer, which shows a generally harmless list of error messages, and then says that this is a sign of serious infection. From there, the scammer convinces his mark to install a piece of software allowing remote access into the computer to clean up the problem, and to pay several hundred dollars in fees for the service. It?s often known as the ?ammyy? scam because users are sometimes directed to www.ammyy.com to install the remote desktop software.
Not everyone falls for it. The Federal Trade Commission (FTC) didn?t, last week?busting six fake tech support companies?with names like Virtual PC Solutions and PCCare247 after having undercover agents pose as victims. Ars editor Nate Anderson didn?t fall for it, either, playing a helpless victim on the phone for 15 minutes before revealing that he knew what had been going on the whole time.
But the serious ?scam trolls? elevate scammer-baiting to an art form, sometimes wasting as much as two hours on the phone as they see just how long a scammer will stay on the line. The tech support scam is an international phenomenon, and the scam trolls likewise come from across the globe. Many record their interactions with the scammers and post them for the world to hear?and learn from. Here?s how the masters do it.
Please wait two hours while my dial-up connects to CompuServe
While some troll scammers as a public service to prevent people from being victimized, others are simply out for laughs. Case in point: a?person calling himself ?Ted? kept a scammer on the phone for nearly two hours, recording the last 43 minutes and?posting them to SoundCloud?last week.
?Thank you for two hours of your time, you dumb motherf****r?
A good troll is a prepared troll, and Ted was ready. He dragged out the call by pretending to connect his Windows 95 and Windows Vista computers to CompuServe via dial-up Internet, by providing an expired credit card number, and by providing absurd answers to basic questions.
Ted spent much of his call pretending to struggle to connect to the Internet. ?OK, so you want me to connect to the Internet with this. God, it?s an hour and eight minutes we?ve been on the phone, this is taking forever. All right, hold on, so this is called?I need to connect it to the phone. It?s called an acoustic coupler? Hold on one second. All right, it?s not connecting to my CompuServe account for some reason. Let me try my AOL account, hold on.?
Ted switched back and forth between his Windows 95 and Windows Vista computers. On Vista, Ted claimed he couldn?t follow the scammer?s instructions until he finished installing the non-existent Service Pack 3 (Vista only has two service packs).
Ted asked the scammer if he could make his Windows 95 computer run as fast as his Windows Vista one, and professed his desire to be a good citizen. ?I want this machine to be secured, for sure,? he said. ?And I don?t want my machine being dangerous, for sure, I mean that would be bad, that would be very bad, I don?t want it to be bad, I want it to be good. I?m a responsible Internet user, I don?t want to be some of these hacker types that infect the Web and stuff like that.?
The scammer tried to direct Ted to the ammyy website:
Ted: So, I?m connected to CompuServe. What now, what do you need me to do?
Scammer: I need you to open the website, www.
Ted: Hold on. www, d-o-t
Scammer: No, it?s not d-o-t. It?s www. Full stop.
Ted: Www dot full stop, yup.
Scammer: Sir, it?s not like that, it?s not like that. Sir, how do you open up any website, sir? www.google.com. www.yahoo.com?
Ted: Yes. Oh, I see what you?re saying. I was confused, sorry. So what site do I open? You want me to go to fullstop.com?
Scammer: Sorry?
Ted: You said to go to fullstop.com, right?
Scammer: No. No sir. www.ammyy.com.
Through it all, Ted periodically replays the dial-up modem connection sound when he has to ?reconnect,? tells the scammer he doesn?t have Internet Explorer but uses Mosaic to surf the Web, and claims to be worried about his online banking because he wants to move a large amount of money out of his account. After initially providing an expired credit card number, Ted gives the scammer a real one?or at least one that sounds authentic enough for the scammer to start verifying Ted?s birth date and other information.
Scammer: Confirm your date of birth, please.
Ted: Oh yes.
Scammer: Will you confirm it please?
Ted: Did you give it to me? What is it, what do you have?
Scammer: No, you need to tell me your date of birth.
Ted: OK. Oh, you want my date of birth right now. It?s June.
Scammer: June?
Ted: Yes.
Scammer: Ok, like, uh, June 12th?, June 10th, when is it, sir?
Ted: Oh yes. June 12th.
Scammer: Can you confirm me the year?
Ted: 1950.
Suddenly, Ted is claiming to be hot and tense and says, ?I need to take off my pants, it?s way too hot.? Next, he tells the scammer to address him less formally.
?You don?t have to keep calling me ?sir,?? Ted said. ?I mean, we?ve been on the phone an hour and 50 minutes together. My friends call me ?Cinnamon.? If you want to call me Cinnamon, that?s fine.? (The scammer actually starts calling Ted ?Cinnamon.?)
Once the scammer says Ted will have to pay $700 to fix his computer and for ongoing support, Ted tells him to add $50 for himself because of how helpful he?s been. The scammer happily accepts the tip? just before Ted concludes with a brutal, ?Thank you for two hours of your time, you dumb motherfucker,? and hangs up the phone.
Your scam is bad, and you should feel bad
?You don?t have any kind of regret that you?re preying on people who don?t have computer knowledge, that you?re picking on elderly people, that you?re trying to scam people??
Each tech support scam call has some bit of weirdness. The technicians insist they?re not from Microsoft, they?re actually from ?Windows technical support? or something similar. They sometimes tell victims that their computers are not infected with viruses but with ?online infections,? which are ?much more powerful than local viruses? and can crash a computer at any time.
When they?re called out as scammers?or when their victims say they have Macs instead of Windows PCs?the scammers sometimes take to insulting the people they were trying to extort. At other times, they keep going through the script as if they?re still talking to a complete idiot. Eventually, they all hang up.
When it comes to calling out scammers for blatant lies and shaming them for criminal actions, no one did it better than BBC reporter Kate Russell. A year ago, Russell was told by her step-mother?about a call from a ?nice gentleman from an Indian call center? claiming that her computer was infected with a virus. Russell took the next call herself and posted the audio?for all to hear.
Russell asks the scammer to explain how he can know each time a computer is infected:
Scammer: In our London office we have got a server and, in that server we keep track of all the IP addresses, and if those IP addresses, if any of the IP addresses blinks in red that gives us an indication that there might be online malware infections that are in the system.
Russell: Let me get this straight. You?ve got servers in your head office which are connected to every computer in the country, and any time somebody has a piece of malware, you get a little flashing light.
The scammer goes on to say there is a ?master computer? used by the US Army and UK authorities, and that his firm can access its information through its server.
Russell: Your supercomputer that?s got a flashing light for everybody in the country connected to the Internet, it must be really huge. It must be amazing, I?d love to see it, because I really like shiny sparkly things with lots of flashing lights. Do you think I could come and see that computer?
Scammer: Absolutely.
Russell:?When could I come do that?
Scammer: We are open from 9am to 6pm, Monday through Friday.
Russell:?And where are you based?
Scammer:?It?s 123 Baker Street, Westminster, London.
Russell:?You gave my father an address of 124 Baker Street yesterday.
Scammer: The server is at 123, that is the server room. It is a different room for technicians, we are in 124 Baker Street.
Russell:?Have you ever heard of a program called BBC Click? The technology program?
Scammer: Yes.
Russell:?I?d really be interested. I?m one of the presenters on BBC Click. I?ve been working in the technology industry for 15 years. I?m a reporter. And I know for a fact that what you?re saying here is the biggest load of [bleeped] I?ve ever heard in my entire life. There is no way you have a server connected to the Internet that is monitoring millions and millions of IP addresses and will flash a red light at you if they?re infected with malware or a virus.
Scammer: Uh huh.
Russell:?Do you like coffee?
Scammer:?Yes.
Russell:?Because I also happen to know 124 Baker Street is a branch of Costa Coffee.?You know what, I have my own coffee machine at home so I don?t need to visit you to get coffee at 124 Baker Street. You guys are scamming people. I?ve had several people complain on the Internet to me already about the scams. You?re preying on old people, on people who haven?t got much computer information and technology knowhow, and I?m afraid I?ve been recording this telephone call and you can consider yourself being thoroughly investigated.
Incredibly, the scammer continues as if Russell had said nothing at all, saying ?OK, thank you for your time, we will be waiting for you. We will be open 9 to 6. Any time you feel you can just visit us and speak with the server team, OK??
But Russell wasn?t done. ?That?s all you have to say?? she added. ?You don?t have any kind of regret that you?re preying on people who don?t have computer knowledge, that you?re picking on elderly people, that you?re trying to scam people? I know for a fact you?re not going to just charge ?80, and actually what you?re doing is not removing a virus. You?re just deleting a few broken files from installations and service updates? Don?t you feel bad??
The scammer hung up.
The Internet gets angry, and clever
?While he was telling me about the dangers of all the harmless debug messages in Event Viewer I pulled up an elevated command prompt, ran ?netstat? and copied down the results.?
Russell is not the only one to get aggressive with a tech support scammer.?Just last week, a British man living in Germany named Steve Paine allowed a scammer to install remote desktop software on his computer so he could obtain the person?s IP address.
?Just to let you know, the call is being recorded here, and I?m a journalist and also a security expert,? Paine told the scammer. ?And I have also been communicating at the same time with some people who are on the Internet, this has been streamed live on the Internet. And I now have your IP address, your name, and your company name, and I will be following this up as a security issue because I believe you have tried to hack my computer. Do you understand what I?m saying? Hello??
On the lighter side, one reddit poster?named aveilleux?really?wanted a tech support scammer to call him. Waiting for such an occasion, he had prepared an unpatched Windows 2000 virtual machine and a flash drive filled with viruses. After toying with the scammer by pretending not to know what a keyboard was, he let the ?technician? take remote control over the system. He put the viruses in an archive titled ?bank_data.zip? and put some you-will-want-to-scoop-your-eyes-out pictures from a notorious subreddit into a file called ?passwords.zip.? He recounts what happens next:
Naturally, the guy at the other end of the line grabs passwords.zip and bank_data.zip and uploads them to a fileshare server. (Why he didn?t just use the LogMeIn VPN is beyond me.) I make a note of the deletion links. This takes maybe 45 minutes (I have a fast connection). After that?s done, he snags some files from \WINNT\ (to grab registration info and such; of course, the system?s data is all incorrect). I get a call from Jason [the scammer].
?Okay, Mister aveilleux. We have all the information we need and we?ll be back in touch with you if we need anything.?
?Thanks much, Jason. I hope you enjoy my data as much as I did.?
?I?m sorry??
?Never mind. Goodbye!?
One Ars commenter?with the username Albatron reports getting in on the action, feeding the scammers an elaborate set of lies.
?The ?Expert? directed me to install TeamViewer, which I did. I let him into my PC and watched him open Event Viewer and show me all the messages. While he was telling me about the dangers of all the harmless debug messages in Event Viewer I pulled up an elevated command prompt, ran ?netstat? and copied down the results,? Albatron writes. ?By then he had stopped talking and was asking me what I was doing. I told him I was ?backtracing? him and that I was ?behind 7 proxies?. I also told him I worked for the FBI as a DBA (none of which has a shred of truth). He told me he was only 17 and had been working at the company for just 14 days. I asked him where they were based out of and he told me Orlando.?
The tao of the troll
Are those who troll the scammers performing an important public service??While we hope the FTC crackdown?has a chilling effect, we?ve already seen??Windows Technical Support? squads continue to operate as if nothing is amiss.?If they?re making tens of millions of dollars, as the FTC claims, why would they stop? Ultimately, they?ll keep right on scamming until no one is gullible enough to fall for it anymore.
If the people trolling the scammers?even the ones who may just have a little too much free time on their hands?can help prevent the tech-illiterate among us from being duped, they?ll have made the world a little safer. Anyone who has ever visited the Internet knows that trolls often waste their talents by raining down insults on people for ?crimes? such as using one or another smartphone platform. But in this case, they have at the very least found a worthy target for their wrath.
??Can you fix my Windows 95 computer??: How to troll a tech support scammer | Ars Technica.
Related articles
?
Like this:
Be the first to like this.
This entry was posted on October 13, 2012, 12:38 PM and is filed under Social. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.
half time show halftime show 2012 kelly clarkson super bowl 2012 giants ok go peyton manning super bowl nsx
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.