Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You know the typical phone call with an strange country code, and as you pick up the phone a person claims that your computer has been hacked and offers help, and so on...
So, I just got one of these calls on the way to work and asked them to please call me back in the evening when I'm home. I think it'll be fun to mock the scammer a little.
Of course I'm not providing any access to my home computer. So instead I'm planning use a linux host to start a VM with a windows guest, then stablish contact with the scammer from this VM.
As a minimum, I thought it would be fun to waste this guys time with a pointless connection to an fresh installed VM with no personal information on it.
As for security, I think these scammer are really only prepared for the uninformed windows users providing direct access to their machine, but just to make sure, any information if they could gain access to the host machine from within the VM guest? Would it add an extra security layer to start a VM from inside another VM? In this case, would be better Linux Host->Linux guest->Win guest, or Linux Host->Windows Guest->Windows Guest.
And also, any idea on how to gain access to his computer and try to get hold of his identity during the call? I'm not sure what kind of systems they use and how to explore them. Possibly get his IP address and report to his ISP or VPN?
I personally would not. Never allow them access to your computer regardless.
The experts say to just hangup but I like to verbally abuse the caller. One time I told the caller he was full of crap and hung up. He actually called me back to scold me. I have not had a live windows scam call in quite awhile.
There was someone on this forum (unfortunately I can't remember his name) who used to keep these people hanging on the phone for hours while he pretended to be trying to follow their instructions. He would keep complaining to them that he couldn't find the buttons they wanted him to click on. Finally he would say, "Do you think it's because I'm using Linux?"
Distribution: Ubuntu based stuff for the most part
Posts: 1,173
Rep:
There are some guys on Twitch that stream their calls with these guys. Not sure if they post any of the precautions they take, but that would be a good place to look for info.
There are videos out there on YouTube about hackers hacking scammers - some are funny. The implication is that you have a clean "sandboxed" environment you would have to give them access to that you can use to determine their IP and try to abuse their system with it.
I personally would not do this because of the risk. Not to say the far end are skilled hackers but never underestimate an adversary. Having said this, I used to hack phishers back in the day when it first started. Would trace the exploit back to the hosting site, tell the site owner and report the phisher.
As for security, I think these scammer are really only prepared for the uninformed windows users providing direct access to their machine, but just to make sure, any information if they could gain access to the host machine from within the VM guest? Would it add an extra security layer to start a VM from inside another VM? In this case, would be better Linux Host->Linux guest->Win guest, or Linux Host->Windows Guest->Windows Guest.
If you can't already answer those questions yourself, you're not ready to be taking the risks of giving someone access to your network.
As pointed out, there are ways to waste their time - and yours - without taking such risks.
Quote:
And also, any idea on how to gain access to his computer and try to get hold of his identity during the call?
I'm fairly sure discussing this would be a violation of the LQ Rules.
Again, as others say, there are plenty of people on Twitch/YouTube/etc that regularly do this sort of thing - perhaps you would be better reaching out to them instead.
Having said this, I used to hack phishers back in the day when it first started. Would trace the exploit back to the hosting site, tell the site owner and report the phisher.
Most financial institutions have a special email address for reporting phishing scams. I track those down from their websites and keep them in my address book. When I get a phishing email, I make all the headers visible, copy them in above the text, and forward it to the organisation concerned. Sadly, most of them never say thank you.
Distribution: openSUSE, Raspbian, Slackware. Previous: MacOS, Red Hat, Coherent, Consensys SVR4.2, Tru64, Solaris
Posts: 2,800
Rep:
Quote:
Originally Posted by haphaeu
You know the typical phone call with an strange country code, and as you pick up the phone a person claims that your computer has been hacked and offers help, and so on...
So, I just got one of these calls on the way to work and asked them to please call me back in the evening when I'm home. I think it'll be fun to mock the scammer a little.
My in-laws got one of these and they were "this close" to forking over a credit card number. I shudder to think what would have happened if the missus hadn't been there to visit when the call came in---she shut it down before anything awful happened.
I got one of these and I strung the caller along for a while until he said on that he was "on my Windows" and could see that it had been hacked. At that point I said "Oh, you are are you" and called him an idiot and a liar after telling him that I don't even run Windows. (If memory serves, by then, even my work laptop running Win7 had been replaced with a RedHat laptop.) I haven't gotten another of those calls since. Maybe because I immediately put the number in my mobile phone call blocker or maybe I've just been fortunate.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.