Trolling the scammers
Old news, new article. A good read!Can you fix my Windows 95 computer?: How to troll a tech support scammer
Pity the poor employees of companies like Windows Technical Support"scammers who make money by "fixing" computers that were never broken in the first place. For the people who pose as Windows support technicians and cold call unsuspecting victims to warn them about bogus viruses, life is good as long as they can wrangle credit card numbers and remote PC access from the gullible.
The scammerwho is generally from India but claims to live in the same country as the victimtells whoever picks up the phone that their computer has been identified as having a virus. The scammer directs the user to look in the Windows Event Viewer, which shows a generally harmless list of error messages, and then says that this is a sign of serious infection. From there, the scammer convinces his mark to install a piece of software allowing remote access into the computer to clean up the problem, and to pay several hundred dollars in fees for the service. It's often known as the "ammyy" scam because users are sometimes directed to www.ammyy.com to install the remote desktop software.
Not everyone falls for it. The Federal Trade Commission (FTC) didnt, last week busting six fake tech support companies with names like Virtual PC Solutions and PCCare247 after having undercover agents pose as victims. Ars editor Nate Anderson didnt fall for it, either, playing a helpless victim on the phone for 15 minutes before revealing that he knew what had been going on the whole time.
On the lighter side, one reddit poster named aveilleux really wanted a tech support scammer to call him. Waiting for such an occasion, he had prepared an unpatched Windows 2000 virtual machine and a flash drive filled with viruses. After toying with the scammer by pretending not to know what a keyboard was, he let the "technician" take remote control over the system. He put the viruses in an archive titled "bank_data.zip" and put some you-will-want-to-scoop-your-eyes-out pictures from a notorious subreddit into a file called "passwords.zip." He recounts what happens next:
Naturally, the guy at the other end of the line grabs passwords.zip and bank_data.zip and uploads them to a fileshare server. (Why he didn't just use the LogMeIn VPN is beyond me.) I make a note of the deletion links. This takes maybe 45 minutes (I have a fast connection). After that's done, he snags some files from \WINNT\ (to grab registration info and such; of course, the system's data is all incorrect). I get a call from Jason [the scammer].
"Okay, Mister aveilleux. We have all the information we need and we'll be back in touch with you if we need anything."
"Thanks much, Jason. I hope you enjoy my data as much as I did."
"Never mind. Goodbye!"
If we lose this freedom of ours, history will record with the greatest astonishment, those who had the most to lose, did the least to prevent its happening.