“Take your sweet time”—how I scammed a tech support scammer for nearly two hours

Tech support scammers in India got trapped on the phone with me for nearly two hours, and all they got was a revocation of their remote access software ID. (credit: Aurich Lawson)

Technical support scams are the bottom of the barrel for cyber-crime. Using well-worn social engineering techniques that generally only work on the least sophisticated computer users, these bootleg call-center operations generally use a collection of commercially available tools to either convince their victims to pay exorbitant fees for "security software" or to extort them to gain control of their computer. And yet, these schemes continue to rake in cash for scammers.

We’ve dealt with them before at Ars, but this week I got an opportunity to personally engage with a scam operation—so naturally, I attempted to inflict as much damage on it as possible.

On Monday afternoon, I got a phone call that someone now probably wishes they never made. Caller ID said the call was coming from "MDU Resources," but the caller said he was calling from "the technical support center." He informed me there were "junk files" on my computer slowing it down, and he was going to connect me with a technician to help fix the problem.

Read 93 remaining paragraphs | Comments

Source: Risk Assessment – Ars Technica @ January 27, 2017 at 05:10AM