LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-29-2020, 03:13 AM   #1
haphaeu
LQ Newbie
 
Registered: Jan 2018
Posts: 12

Rep: Reputation: Disabled
How to hack a "computer problem call" scam?


You know the typical phone call with an strange country code, and as you pick up the phone a person claims that your computer has been hacked and offers help, and so on...

So, I just got one of these calls on the way to work and asked them to please call me back in the evening when I'm home. I think it'll be fun to mock the scammer a little.

Of course I'm not providing any access to my home computer. So instead I'm planning use a linux host to start a VM with a windows guest, then stablish contact with the scammer from this VM.

As a minimum, I thought it would be fun to waste this guys time with a pointless connection to an fresh installed VM with no personal information on it.

As for security, I think these scammer are really only prepared for the uninformed windows users providing direct access to their machine, but just to make sure, any information if they could gain access to the host machine from within the VM guest? Would it add an extra security layer to start a VM from inside another VM? In this case, would be better Linux Host->Linux guest->Win guest, or Linux Host->Windows Guest->Windows Guest.

And also, any idea on how to gain access to his computer and try to get hold of his identity during the call? I'm not sure what kind of systems they use and how to explore them. Possibly get his IP address and report to his ISP or VPN?

Last edited by haphaeu; 10-29-2020 at 03:15 AM.
 
Old 10-29-2020, 08:10 AM   #2
michaelk
Moderator
 
Registered: Aug 2002
Posts: 20,642

Rep: Reputation: 3651Reputation: 3651Reputation: 3651Reputation: 3651Reputation: 3651Reputation: 3651Reputation: 3651Reputation: 3651Reputation: 3651Reputation: 3651Reputation: 3651
I personally would not. Never allow them access to your computer regardless.

The experts say to just hangup but I like to verbally abuse the caller. One time I told the caller he was full of crap and hung up. He actually called me back to scold me. I have not had a live windows scam call in quite awhile.

Last edited by michaelk; 10-29-2020 at 08:48 AM.
 
Old 10-29-2020, 08:15 AM   #3
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 4,841
Blog Entries: 14

Rep: Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729
There was someone on this forum (unfortunately I can't remember his name) who used to keep these people hanging on the phone for hours while he pretended to be trying to follow their instructions. He would keep complaining to them that he couldn't find the buttons they wanted him to click on. Finally he would say, "Do you think it's because I'm using Linux?"
 
Old 10-29-2020, 09:04 AM   #4
rtmistler
Moderator
 
Registered: Mar 2011
Location: USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 9,058
Blog Entries: 13

Rep: Reputation: 4145Reputation: 4145Reputation: 4145Reputation: 4145Reputation: 4145Reputation: 4145Reputation: 4145Reputation: 4145Reputation: 4145Reputation: 4145Reputation: 4145
Amusement is where you find it, I guess.

There's better use of my time not gabbing with sales people, scammers, and/or fanatics.

I agree that it's best to avoid any situation where you're potentially allowing someone to get exactly what they're trying to get.

Last edited by rtmistler; 10-29-2020 at 09:06 AM.
 
Old 10-29-2020, 09:59 AM   #5
uteck
Member
 
Registered: Oct 2003
Location: Elgin,IL,USA
Distribution: GalliumOS on Chrombook
Posts: 552

Rep: Reputation: 155Reputation: 155
There are some guys on Twitch that stream their calls with these guys. Not sure if they post any of the precautions they take, but that would be a good place to look for info.
 
Old 10-29-2020, 10:07 AM   #6
sevendogsbsd
Senior Member
 
Registered: Sep 2017
Distribution: Slackware
Posts: 2,115

Rep: Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911Reputation: 911
There are videos out there on YouTube about hackers hacking scammers - some are funny. The implication is that you have a clean "sandboxed" environment you would have to give them access to that you can use to determine their IP and try to abuse their system with it.

I personally would not do this because of the risk. Not to say the far end are skilled hackers but never underestimate an adversary. Having said this, I used to hack phishers back in the day when it first started. Would trace the exploit back to the hosting site, tell the site owner and report the phisher.
 
1 members found this post helpful.
Old 10-29-2020, 10:34 AM   #7
boughtonp
Member
 
Registered: Feb 2007
Location: UK
Distribution: Debian
Posts: 789

Rep: Reputation: 562Reputation: 562Reputation: 562Reputation: 562Reputation: 562Reputation: 562
Quote:
Originally Posted by haphaeu View Post
As for security, I think these scammer are really only prepared for the uninformed windows users providing direct access to their machine, but just to make sure, any information if they could gain access to the host machine from within the VM guest? Would it add an extra security layer to start a VM from inside another VM? In this case, would be better Linux Host->Linux guest->Win guest, or Linux Host->Windows Guest->Windows Guest.
If you can't already answer those questions yourself, you're not ready to be taking the risks of giving someone access to your network.

As pointed out, there are ways to waste their time - and yours - without taking such risks.


Quote:
And also, any idea on how to gain access to his computer and try to get hold of his identity during the call?
I'm fairly sure discussing this would be a violation of the LQ Rules.

Again, as others say, there are plenty of people on Twitch/YouTube/etc that regularly do this sort of thing - perhaps you would be better reaching out to them instead.

 
1 members found this post helpful.
Old 10-29-2020, 10:43 AM   #8
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware
Posts: 4,841
Blog Entries: 14

Rep: Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729Reputation: 2729
Quote:
Originally Posted by sevendogsbsd View Post
Having said this, I used to hack phishers back in the day when it first started. Would trace the exploit back to the hosting site, tell the site owner and report the phisher.
Most financial institutions have a special email address for reporting phishing scams. I track those down from their websites and keep them in my address book. When I get a phishing email, I make all the headers visible, copy them in above the text, and forward it to the organisation concerned. Sadly, most of them never say thank you.
 
1 members found this post helpful.
Old 10-29-2020, 12:50 PM   #9
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 9,900

Rep: Reputation: 4462Reputation: 4462Reputation: 4462Reputation: 4462Reputation: 4462Reputation: 4462Reputation: 4462Reputation: 4462Reputation: 4462Reputation: 4462Reputation: 4462
https://arstechnica.com/information-...rly-two-hours/
 
Old 11-02-2020, 02:19 PM   #10
rnturn
Senior Member
 
Registered: Jan 2003
Location: Illinois (SW Chicago 'burbs)
Distribution: openSUSE, Raspbian, Slackware. Older: Coherent, MacOS, Red Hat, Big Iron IXs: AIX, Solaris, Tru64
Posts: 2,169

Rep: Reputation: 362Reputation: 362Reputation: 362Reputation: 362
Quote:
Originally Posted by haphaeu View Post
You know the typical phone call with an strange country code, and as you pick up the phone a person claims that your computer has been hacked and offers help, and so on...

So, I just got one of these calls on the way to work and asked them to please call me back in the evening when I'm home. I think it'll be fun to mock the scammer a little.
My in-laws got one of these and they were "this close" to forking over a credit card number. I shudder to think what would have happened if the missus hadn't been there to visit when the call came in---she shut it down before anything awful happened.

I got one of these and I strung the caller along for a while until he said on that he was "on my Windows" and could see that it had been hacked. At that point I said "Oh, you are are you" and called him an idiot and a liar after telling him that I don't even run Windows. (If memory serves, by then, even my work laptop running Win7 had been replaced with a RedHat laptop.) I haven't gotten another of those calls since. Maybe because I immediately put the number in my mobile phone call blocker or maybe I've just been fortunate.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
The latest Windoze support scam phone call taylorkh General 15 08-12-2019 04:31 PM
LXer: Raspberry Pi OS Update to hack WiFi Hack LXer Syndicated Linux News 0 08-20-2017 03:12 PM
Hack, hack, hacking away!! cousinlucky General 6 07-09-2015 02:01 PM
Help With Java Problem Please"""""""""""" suemcholan Linux - Newbie 1 04-02-2008 07:02 PM
Hack Hack anoop_chandran Linux - General 9 12-07-2001 11:38 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:44 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration