back to article Tech support scammers mess with hacker's mother, so he retaliated with ransomware

Vengeful security boffin Ivan Kwiatkowski has infected the computer of an Indian tech support scammer with the Locky ransomware. Kwiatkowski inflicted the virus on the scammers after they attempted to fleece his parents. The retaliatory strike was easy for the French malware analyst; during a phone call with the scammers he …

  1. Mark 85 Silver badge
    Pint

    Sheer genius... Ivan deserves all of these that he wants <see icon>. I wish more of these scammers could be sent to malware hell.

    1. Jason Bloomberg Silver badge
      Mushroom

      Let's hope he hasn't pissed off the kind of people who would have him drinking those pints through a straw.

      As great as it is to see scum like this get their just rewards; engaging with them can be a dangerous game to play. Even just giving them abuse if they call can lead to endless silent phone calls which can quickly make lives a misery.

      Take care and think twice before getting involved in something which can easily escalate. These bastards do need nuking from space and we need to keep pressuring the authorities to take steps against them.

      1. Triggerfish

        I'm thinking of the Neil Stephenson Novel Reamde.

      2. superkuh

        Silent call attacks are annoying, but it's only making me stronger.

        You're absolutely right about the endless silent phone calls. They were targeting my city's area code last year and when they called me I took the chance to play around with them and insult them a bit. Initially the guy just called me back and manually insulted me in hilarious mangled english. But after a week that stopped and since then I've been getting ~5 silent calls a day from random numbers. It's super annoying.

        On the plus side it's given me the motivation to learn VOIP. I've set up my own SIP phone system with a DID number from my area. I'm slowly learning how to get detailed information on who's calling through what. I already knew enough computer tech to mess with them. But now I'm not far from knowing enough phone tech to do so.

  2. Destroy All Monsters Silver badge
    Childcatcher

    Oh man...

    Expecting the poor guy to get his gear confiscated and then get dragged before the beak in 15 seconds for "hacking". There will probably be a "hate crime" accusation thrown in too to round it off, because indjuns.

    If you do this vigilante stuff, better keep very quiet about it! Modern social democracy is nasty stuff.

    (Holy damn, 1 thumbs up and 1 thumbs down already ... I suspect the voting will be balanced on the long run)

    1. Doctor Syntax Silver badge

      Re: Oh man...

      'Expecting the poor guy to get his gear confiscated and then get dragged before the beak in 15 seconds for "hacking".'

      Perfectly good defence. He wanted to protect his parents and all other victims by getting rid of the CC details on the scammer's machine.

      'There will probably be a "hate crime" accusation thrown in too to round it off, because indjuns.'

      No problem. This was in France.

      1. Robert Helpmann?? Silver badge
        Childcatcher

        Re: Oh man...

        No problem. This was in France.

        In Texas, there used to be a defense for murder that was essentially "He needed killin'." The French have come up with the "Il avait besoin d'engouement" defense. Yippee ki-yay!

        1. Brian Miller

          Re: Oh man...

          Unfortunately, there really isn't a "he needed killin'" defense. Not today, at any rate.

          There is an old saying about a victim in a murder case who had bad or violent character.

          It goes like this: "He needed killin'." In essence, it was a justification for murder in the old days in Texas that the victim had horrible or violent character. You cannot argue he needed killing in Texas courts but in limited circumstances the defense may introduce evidence of prior acts of violent misconduct or threats of violence by the deceased which illustrate his violent character, Gutierrez v. State, 764 S.W.2d 796, 798 (Tex.Crim.App. 1989).

          There was a case in Kentucky in the 1870s about self defense, but nothing about the need to go out and proactively shoot somebody dead because it just had to be done.

        2. Pascal Monett Silver badge

          @ Robert Helpmann??

          No, it's just that the very concept of "hate crime" is specifically USAian.

  3. Anonymous Coward
    Anonymous Coward

    hmm... the wife once 'bought' a hair straightener from a dodgy Chinese site, I noticed what she was doing just as she clicked the pay button, made her cancel her cards and then looked into the site and noticed it was VERY vulnerable to SQL injection, dropped the customers and products tables from it... Hair straighteners never turned up...

    1. MrXavia
      Facepalm

      "Hair straighteners never turned up..."

      Ever consider that was because you dropped the tables?

      Poor web design and security doesn't instantly mean malicousness....

      1. Mutton Jeff
        FAIL

        I think the point was that it was open to anyone - taught them a valuable lesson!

        1. Anonymous Coward
          Anonymous Coward

          Yeah so...

          ...I'll remember that the next time I see a house with the door open, I'll just go in and take what I want...that'll learn 'em! All in the public spirited duty of care and lesson teaching philosophy, natch.

    2. FIA

      hmm... the wife once 'bought' a hair straightener from a dodgy Chinese site, I noticed what she was doing just as she clicked the pay button,

      When you say 'dodgy', do you mean 'actively serving malware or obviously scamming' or 'badly put together with poor engrish'?

      made her cancel her cards

      Wise precaution if you're unsure.

      and then looked into the site and noticed it was VERY vulnerable to SQL injection, dropped the customers and products tables from it... Hair straighteners never turned up...

      Erm... wow.... I really hope the answer to the first question was 'very very very dodgy' otherwise criminal damage and potentially destroying someone's lively hood seems a little extreme to not get some badly made hair straighteners. Especially if their only crime was bad web site design and poor ability in a second language.

    3. Anonymous Coward
      Anonymous Coward

      Probably would have happened anyway when Little Bobby Tables got his first credit card.

      1. Anonymous Coward
        Anonymous Coward

        Bobby?

        No, that would be bobby's cousin, Freddy customers, a.k.a. " Fredrick') DROP TABLE customers;--"

        1. bish

          Re: Bobby?

          https://xkcd.com/327/

    4. Just Enough
      FAIL

      well done

      You realise that by dropping those tables you made sure that a number of innocent customers, who had already paid, were then guaranteed to not receive anything for their money?

      The website may have been rubbish, but you have no proof that they were scammers. If anyone was ripping off customers it was you.

  4. David Roberts Silver badge
    WTF?

    Hair straighteners never turned up?

    How would they when you cancelled the credit card and dropped all their customer database details?

    Like swearing that tearing newspapers up keeps elephants out of your living room and pointing to the lack of elephants as proof.

    1. This post has been deleted by its author

    2. Anonymous Coward
      Anonymous Coward

      Re: Hair straighteners never turned up?

      A professional would have sent a mail informing the site of the issues and recommendations on how to fix it.

      Unless as earlier mentioned it was legitimately a scam site.

    3. jaywin

      Re: Hair straighteners never turned up?

      > Like swearing that tearing newspapers up keeps elephants out of your living room and pointing to the lack of elephants as proof.

      I find it easier just not to acknowledge them

      1. John Brown (no body) Silver badge
        Joke

        Re: Hair straighteners never turned up?

        "I find it easier just not to acknowledge them"

        Please don't be rude to elephants. They never forget. And they live longer than you.

    4. Doctor Syntax Silver badge

      Re: Hair straighteners never turned up?

      "Like swearing that tearing newspapers up keeps elephants out of your living room"

      Works every time.

  5. Prst. V.Jeltz Silver badge

    " dropped the net scum a call"

    I've not been lucky enough to have these scum ring me up , but do they usually leave their number so you can give it to the less gullible?

    1. Anonymous Coward
      Anonymous Coward

      "I've not been lucky enough to have these scum ring me up"

      I have, a few weeks ago, but I screwed up. In my excitement, as the guy was insisting that my "PC" had a virus, I took the piss out of him saying: "what you mean this computer in front of me with a big 'Apple' logo on it??"

      (In response to which he started insisting that their records show that I have a PC, and that their server was reporting a virus on it and that if I didn't let them help me sort it out they would have no choice but to deactivate my computer for security reasons ...)

      ...then realised what an ass I'd been, that having got angry and arrogant with the caller I'd fooled myself into leaking valuable information that I definitely should not have given them -

      1. That I do actually have a computer

      2. What make it is

      IT security lesson learned.

      1. Mark 85 Silver badge

        Next time, ask for the MAC addy or the serial number of the computer. That usually stops them dead in their tracks.

        I did ask one "which computer?, I have about 50 of them here." Ok.. I lied about the number but suddenly he changed his script to "it's all of them!!!!!!" You could practically hear the cash register ringing in the background.

      2. bish

        I have one Windows machine in the house, which I take good care of, and a bunch of Macs, Linux boxes, a FreeNAS system and a couple of Hackintosh NUCs on the TVs. Last time they called me, the Windows box wasn't even switched on, and I was sat in front of the TV in the lounge. I played along, but when they asked me to press the shortcut for Run, I didn't best impersonation of a panicked non-tech person, moaning that it wasn't doing anything and they were right but maybe too late to help me. They told me to open IE, oh noes! It's not there! They asked me what keys were on the bottom left of my keyboard (to filter out Mac users - nice touch, albeit somewhat late in the script) and I told them exactly what I saw on my Logitech wireless board. Utter confusion followed - they seemed to have chanced on a PC that was so utterly borked they couldn't do anything to demonstrate how borked it really wasn't. They escalated my call to a manager, who finally asked what was at the top left of my screen ("Well, there's a little apple and...") after a long pause, the first guy came back on, said "Hello, Sir? Go to hell, sir." And he hung up.

        I was left with mixed feelings - of course these guys are scammers and bottom feeders, but the anger in his voice revealed how hurt he was to have wasted his time (which is money). Yep, got my own back, and maybe made him think, but ultimately these scammers aren't doing it for giggles, they're doing it because it's a way to make money, and presumably their English isn't good enough to work in a more legitimate call centre. I can afford to mess these guys around for the better part of an hour, but if he's on performance related pay, coming up to the end of a shift and wastes his time on me when he could be wringing a couple of sales out of people like my parents, I've just cost him big. On the one hand, I'm delighted to be doing my bit to slow down the success of the scam, but on the other, I'm depressed to live in such a shitty world that an (at least) bi-lingual dude of around my age is sat in a call centre somewhere in India, extorting his way to paying the bills and putting food on the table.

        I dunno what the solution is, and maybe it's ridiculously post-colonial of me to assume the guy's poorer than me. Maybe his shitty scam job earns him £50k and he drives a Merc, but ultimately I think this kind of vigilante approach solves nothing for anyone. We probably all ought to pressure people in power to do more to address the issue.

        1. rototype

          "We probably all ought to pressure people in power to do more to address the issue."

          Unfortunately this won't work while money is being made as those in power just say - "You're making money - where's our cut" (tax/bung etc).

          Sadly this is not limited to the developing world or emerging economic growth zones but to virtually the whole world, disguised better and less blatent in more 'civilised' societies.

        2. Alan W. Rateliff, II
          Stop

          "We probably all ought to pressure people in power to do more to address the issue."

          This strategy is exactly the opposite of helping. What should really happen is people who are incensed about a particular problem should work to organize action rather than rely upon a surrogate agency of action to fix things. What governments eventually do is a pittance compared to the time, effort, and money put into lobbying action in the first place -- with no guaranteed results, at that. At least if someone puts their blood, sweat, and tears into working directly there is a far better chance of long-term, residual, tangible success.

          People and government change the world: one for the better and one for the worse.

        3. Shane McCarrick

          I get what you're saying- really I do- however, if you've ever had a parent, an elderly relative, or someone who is terrified of a computer come to you for help after having fallen for one of these scam calls- seeking help- you'll change your mind..........

          Yes- India is a subcontinent of quite remarkable inequalities- staggering poverty- things you quite simply wouldn't believe possible- but this is not an excuse for preying on vulnerable computer users in richer countries.

          As long as these guys get a 1-in-10 return rate on their scams (or whatever level is viable) they will keep at it.

          The Indian support centre scam is just another former colonial country deciding that its acceptable to extort your way out of poverty. The Nigerians have an utterly different mindset- and can afford to have a pisspoor return rate on their scams- when they're sending however many billion e-mails around the planet. The Indian approach- is just a bit more labour intensive- and better organised- but its extorting money from people who very often really can't afford it- and at the end of the day- the Nigerians, annoying as they are- aren't likely to wreck the boot disk of your parent's computer..........

          I don't know if there is a solution to all of this- even if you get a call centre closed- it really is a game of whack a mole- they'll be up to something new next week...........

          You or I may get our kicks from wasting their time- and its far more expensive to waste an Indian's time than it is a Nigerian's time- but ultimately- we're only playing games with them- only for a change we are in control of the board- whereas normally they are.........

          The world is an unfair place- and ideally neither the Indians (or the Nigerians- or anyone else) should have to resort to the lengths they do- to get by- but neither should our Mums and Dads- elderly relatives- or other randomers- get reefed by these people.

          I don't know whether there is a solution to any of this- other than educating people to the best of our abilities?

      3. Gritzwally Philbin

        Gah! Bad indeed.. if you had a half hour to kill and a VM you could have had some wild fun. I think the record I've managed to keep one of these asshats online trying to 'help' me with my Parallels VM was nearly 43 minutes. I use an ancient copy of Windows 95 to play the first version of Sim City on (yeah, I know) and it doesn't go online.. Imagine trying to get the thing to do so inside the VM, and me playing the 'daft older woman' who's computer is *just* used for online shopping and looking at pictures of the grandkids on facebook.. The best part is when they finally get around to asking how I connect to the internet, and when I tell them it is through a telephone line, you can hear the car crashing noises in their heads. "Um.. well I go online with a telephone modem.."

        "Oh, miss.. do you have a different telephone that you can use?"

        "No.."

        "Do you have a cell-phone?"

        "No!" getting irritated sounding now. "I have a telephone on my desk, it has a dial." spins dial of desktop rotary to make clicking noises.

        "I'm so sorry madam, we cannot help you."

        "But what about the viruses in my computer? Will it destroy my computer?"

        "I'm so sorry.."

        "Can you put me through to a higher level support?" sounding panicked now.. and around it goes.

        At the very last of it, after nearly three quarters of an hour, I finally got in the parting shot.. "You've just spent nearly 45 minutes trying to get into my computer.. so, before you go.. just one thing.. I HAVE A Macintosh and am running a PC virtually you scammer! Bwahahahah!"

        Funny, the calls stopped and it's been several months now.

      4. Anonymous Coward
        Anonymous Coward

        ...then realised what an ass I'd been, that having got angry and arrogant with the caller I'd fooled myself into leaking valuable information that I definitely should not have given them -

        1. That I do actually have a computer

        2. What make it is

        Err... you didn't give them your IP Address also though?

        Seems all they have is a phone number and computer brand.

        Unless you've still got an acoustic modem hooked up to that Apple, I don't think there's much risk.

    2. Steve Evans

      The ones I've received all had faked caller ID.

      But I still have fun with them... When I have the time I keep them on the phone for as long as possible, my current record is 45 minutes... Unfortunately this was beaten by my friend Dave... I haven't had a call since so have been unable to better him. (I think maybe I insulted them too much and actually got blacklisted).

      1. Nolveys Silver badge

        When I have the time I keep them on the phone for as long as possible, my current record is 45 minutes...

        My best is 3 hours. I had them trying to troubleshoot my non-existent fax machine, my then non-existent smart phone and my email client. They really wanted those financial details. I finally used an internet fax service to send them a Chase bank statement I found on Google images, pixilated to the point where it was barely not legible, followed by thirty pages of black.

        When the guy on the line was livid when he figured out what was going on. I never get calls anymore. :(

        1. Anonymous Coward
          Anonymous Coward

          "My best is 3 hours. I had them trying to troubleshoot my non-existent fax..."

          So you don't place much value on your time. The Indian scam call center operatives daily pay rate will be less than your hourly rate. The pay-off from one successful scam is equivalent to a year's pay for them. If they hit the jackpot - access to all the files on the PC of someone with savings they can steal enough to retire on.

          "I never get calls anymore..." so you suppose there's just one scammer originating all these calls or that they helpfully share data between scammers? I'm surprised you didn't get on the "random calls at 3:00am list" as punishment.

          The only fools here are the ones that waste their own time messing with the scammers. (With the possible exception of the guy who sent the scammers an infected file).

          My response is to put the phone down if I hear background call centre noise or an indian accent. It would be nice if the regional governments took action but they'd not want to stop so much foreign currency coming into the country even if it does mean the developed world considers the whole ethnic group and subcontinent to be a den of thieves.

          1. Wilseus

            "My response is to put the phone down if I hear background call centre noise or an indian accent."

            I can almost hear from here the clicking keyboards of all those outraged Guardian readers typing "RACIST!"

            1. Shane McCarrick

              Depends really- a lot of UK/US/IRE companies still use Indian call centres.

              I got a wholly legit call from an Indian call centre last week (when Virgin Media went titsup in most of Ireland). I let them query their cable modem (over a vodafone internet connection) which made them happy- and off they went. No idea what they determined- but it was 7-8 hours later before the internet connection was restored.

      2. Mr.Mischief

        Current record about 2 hours

        He called just when the hockey game was about to start. Said my PC had a virus. Told him that yes, it did seem slow and that I was having a problem running his software because I was getting popups. (I love Linux..!!) then told him to hang on while my "PC" booted while watching the first period. Making sure to check in now and then with strange "Virus" messages (telling him that I got a "Your PC is stoned" message is one not anyone has fallen for in like 15 years).

        During the first intermission, I tried running his "program" and said it was installing. He asked me to type a few things in, to run regedit and said the response was all the viruses in the system. I asked if I should delete it and thankfully he said "NOOOOO"

        During the second period, while waiting for the "program" to load we talked hockey, and what the job prospects at "Microsoft" and if he knew anyone.. when he finally started catching on, the missus (who is Indian BTW) picked up the phone and started talking to him. He was VERY forthcoming, going into detail about the company, where it was, how many people worked there, what the hours were and everything (even passing their phone number and address) until she asked for his manager and chewed his ear off. After a few obscenities he hung up, which prompted a call back, more yelling and then passing all of his information to the RCMP.

        Good times..

      3. Shane McCarrick

        Lol- I'm well and truly blacklisted too........

        I worked for a 3rd party company who did outsourced tech support on behalf of Dell- including o/s support (quite unusually- normally its just h/w support).

        I didn't reverse hack them- but I did string them on for an hour with various virtual machines- on three separate occasions. My favourite was letting them wreck the boot sequence- and then telling them I could just hit the big button with system restore on it- and letting them see that the machine was up and running again- and asking them are they sure the virus is gone- and giving them another bash at it.......... I actually felt sorry for one of them- they refused to give up trying- eventually I had to tell them I had to go- but they were welcome to another go- if they called back at 7PM the following evening (they never did).......... I know I shouldn't- but I actually admired their dogged persistence........ After that phone call- all the random calls dried up totally- I had been getting 2-3 a week- my wife took a few (shes a techie as well- but not as good at convincingly stringing them along).

        Honestly- I think they're getting wise to quite a few of us- its though I guess if they have 1-in-10 pay up- its still a good rate of return for them...........

    3. Doctor Syntax Silver badge

      "but do they usually leave their number so you can give it to the less gullible?"

      AFAICS from TFA the scam was a fake ad so there must have been a number to call given on the ad.

      1. Alan W. Rateliff, II
        Unhappy

        I have been waiting years to get one of these calls. Several people I know have gotten them, but never me. Nothing like feeling left out.

        Then one night I got it. Sadly, it was a particularly bad night, I was in a shite mood, tired, and hanging a light in the dining room. When the guy started with his spiel I knew my day had come and I had finally gotten THE call of my lifetime. He finished his introduction and I remained silent, dikes and wire nuts in one hand, light parts in the other. I let out a deep sigh as he asked if I was still there and I says, "I know who you are, I know this is bullshit, but I'm just not in the mood to f*(|< with you tonight. Would you mind calling back tomorrow?"

        Sadly, I have not heard back.

        1. Jamie Jones Silver badge
          Devil

          "He finished his introduction and I remained silent, dikes and wire nuts in one hand,"

          Blimey! Someone sure knows how to have kinky parties!

  6. Prst. V.Jeltz Silver badge

    so how exactly did card.png.zip unleash the locky ?

    1. Pascal Monett Silver badge

      It was an infected zip file. Windows opens it, displays the content and executes the code - because Windows is stupid like that.

      The fact that a scammer fell for such a basic, elementary trick demonstrates without question that this kind of scum is really among the bottom-feeders of society.

      1. anoco

        Now I know why I have 7zip as my default. It doesn't do that.

        1. Anonymous Coward
          Anonymous Coward

          @anoco

          "It doesn't do that."

          ... yet. I was under the same impression with (win)RAR, then all of a sudden an overflow exploit was found. I'm not saying you're insecure, but it's also no reason to get sloppy either.

    2. g00se
      WTF?

      Extension

      And not forgetting that the best of all OSs still hides "known file extensions" by default so the scammer would have just seen it as a png

      1. Prst. V.Jeltz Silver badge

        Re: Extension

        " Windows opens it, displays the content and executes the code"

        What really? so if i send my colleage cmd.exe in a zip file and he clicks on the zip file to display its contents he'll have a command prompt open up ?

        or is it some startup code feature of zip file where you name one of the files in the archive to be executed? (dount it , as i just made that up )

        I know you can get self extracting zips - but that is basicly an executable

        I just cant see how this guy forced the code on the scammer , without the scammer falling for some basic noob tricks like clicking on an exe cos it was named pic.jpg.exe

        posibly with file exts hidden

        1. Anonymous Coward
          Anonymous Coward

          Re: Extension

          I believe it's this combo:

          1) OS hides file extensions

          2) OS chooses program to run based on file extension

          3) Program handles file based on content rather than file extension

          4) Program doesn't warn that content does not match file extension OR careless user

          1. Triggerfish

            Re: Extension

            You can probably also guess that the guy opening it, assumed he was getting a legitemate email from someone who was exaclty the sort to be dumb enough to open unsolicited extensions and not the sort who would try to hack back. So he probably happily opened it, which is sorta ironic.

            1. Triggerfish

              Re: Extension

              sorry dumb bit harsh, someone who is not clued up on IT like those they target.

        2. Pascal Monett Silver badge

          Re: What really?

          My good Sir, you really need to read up on how many file extension exploits have targeted Windows users.

          It's as old as Moses' toes as just as corny.

        3. HamsterNet

          Re: Extension

          Its malware, Throw your standard knowledge of what needs to happen with opening, then executing a program out the door. In reality all it will need is a simple click on it to start the infection process.

      2. casaloco

        Re: Extension

        First thing I turn off on any PC I use.

  7. Potemkine Silver badge

    DTC (IYA)

    Well done Ivan, have no mercy for these scums

  8. chivo243 Silver badge
    Thumb Up

    all smiles

    This one brings a smile to my face. Well played Ivan!

  9. Lotaresco
    Thumb Up

    For this I have gone beyond LOL

    I think I'm now into "PMSL".

  10. Mutton Jeff
    Mushroom

    Hoisted by their own petard

    Nice

  11. Martijn Otto

    If you enjoy this sort of thing, you should check out https://forum.419eater.com/forum/index.php

  12. napalmDaz
    Coffee/keyboard

    YouTube Legend

    This guy, although young gives them a right run for their money!

    #lewistech

    https://www.youtube.com/user/LewissTech

  13. OchaiThenoo

    I was lucky enough

    To get one of these calls a couple of years ago. Managed to keep the guy on the phone for an increasingly frustrating 2 hours acting dumb, "what's a start button?", "how do I open the control panel?".

    Eventually I got bored and told him I was using Linux.

    1. SpottedCow

      Re: I was lucky enough

      When one of the ones I got said he was with Microsoft, I said "Hey, my cousin Bob works there, maybe you know him...."

      Yeah, ten minutes later of trying to find out if he might know Bob, I then said "And thanks for letting me know about my problem. I've worked in IT for twenty years, but occasionally, I miss something. I'll look into it." And hung up.

  14. tiggity Silver badge

    Legit hacking defence?

    He was offering to buy anti malware software, obviously the person communicating with him would be using the "superb" software they are selling so he wanted to test the usefulness of the AV product before purchase - AV test drive

  15. Anonymous Coward
    Anonymous Coward

    had one of my users fall for this recently . In his defence he *was* expecting a call from I.T. as he had logged a fault.

    1. I ain't Spartacus Gold badge

      Yeah, my Mum got the call from "TalkTalk" when she was expecting a real one. And their call centres are also in India, so it was hard to tell. Fortunately all they did with Team Viewer was to take her to the Western Union transfer website, at which point her scam alarms went off, and she called me to detoxify the computer.

      I recently read that not only had they lost all their users records, but their enineering database has also been hacked, so I'm not sure if this was just dumb luck or good planning from the scumbags.

  16. Solmyr ibn Wali Barad

    "Hello. Your computer has a virus."

    "Um, no, but yours has."

  17. Aodhhan Bronze badge

    Don't get too happy

    The fact the scammer immediately hung up is because he became wise on what was happening. Likely due to malware/virus protection on his end. This means the attack was halted.

    If the attack was successful, the scammer wouldn't have noticed and gone on with business as usual.

    Also, these guys aren't completely stupid. The system likely didn't allow any changes in most files/directories or registry, so a quick reboot and the system is back to normal.

    1. Alphebatical
      Boffin

      Re: Don't get too happy

      At my company, all customer-facing call center agents are on non-permanent VDIs like this and most programs used are actually webapps to begin with. They do have a mapped network drive to store some documents, but rebooting the VDI nixes the program(assuming a strange program is allowed to run) and their files can be recovered with Previous Versions. Even with Windows, you lose nothing.

  18. SysKoll

    I got my virus scammer into a furious antisemitic raving...

    I got a "Windows virus" call and told the guy to drop the act. He instantly started yelling at me in his heavily accented but grammatically correct English. He told me in no uncertain terms that he enjoyed scamming us idiotic Westerners and that all Americans were pawns of the Jews and this job was revenge for his country.

    Wow.

    I merely pointed out that I, dumb Westerner, was the one with a decent life while he, the righteous, was a parasite in a boiler room. He screamed incoherently and disconnected.

    That was fun!

    1. Doctor Syntax Silver badge

      Re: I got my virus scammer into a furious antisemitic raving...

      Should have asked him where he thought the telephone and computer he was using were invented.

    2. I ain't Spartacus Gold badge

      Re: I got my virus scammer into a furious antisemitic raving...

      My brother, quite an RP / BBC english voice, managed to wind one of them up into a screaming rage too. After he'd realised he'd been had our Indian friend screamed, "fuck off you fucking paki" at him. Much to my brother's credit he managed to avoid laughing, and replied, "no you fuck off, you phoned me."

      At which point they got into a bizarre 2 minute exchange consisting of the Indian guy saying, "fuck off!" but not hanging up, and my brother saying, "no, you fuck off first." By which point I was in pain from laughing.

      You'd have thought the guy would just want to get onto the next call, which might make some money, but I guess he was too pissed off.

  19. Anonymous Coward
    Anonymous Coward

    one down...

    One scammer down (for now, anyhow). Problem is you're playing whack-a-mole.

    Should have sent some phone-home malware that would lead to exposing the bad-dude's physical location. Needs to be some way to tie meaningful physical risk to the scammers, otherwise there will be a new crop right behind this dude.

  20. G.Y.

    HCF

    Where is the HCF op-code, now that we need it?

    (Halt &Catch Fire)

    1. Down not across Silver badge

      Re: HCF

      S/360, except it never actually existed (IIRC).

      Motorola 6800 $DD has been known to be documented as HCF, as it enters into an infinite loop reading all the memory sequentially. Useful for debugging.

      1. Dagg
        Devil

        Re: HCF

        On the PDP 11 (not the micro code version) the closest was 014747(octal) MOV -(PC),-(PC)

        You loaded into the last memory location and executed, it just filled the whole memory top to bottom with 014747.

  21. Anonymous Coward
    Anonymous Coward

    AI/Expert systems test runs

    Ringing up these kinds of scammers sounds like a fantastic application for newly developing AI / Expert Systems.

    eg, something which can get on the phone to them, sound credible, and take up their time for hours.

    Then run it in parallel to fill their call centre. And keep it that way, permanently. :D

  22. Mandoscottie
    Thumb Up

    lol the reg should send him some quality rewards

    I reckon Ivan deserves at least a BOFH mug! The BOFH would be proud of that lad :)

    hahahah he made my week :D

    1. I ain't Spartacus Gold badge
      Devil

      Re: lol the reg should send him some quality rewards

      No, the BofH would only be pleased. There were no cattle prods, or rolled up carpets and quicklime. So probably only a B+.

  23. Anonymous Coward
    Anonymous Coward

    Nice job

    I've always found that asking them if their mother is proud of what they do unleashes a torrent of angry abuse and a hang-up. YMMV.

  24. IanW

    Unmasked them recently

    TL/DR version. Microsoft Support called a friend's father, managed to get paid. Managed to de-anonymise their .co.uk URL with Nominet, traced the company directors back to 12 companies registered in Coventry. LinkedIn profile listed 600 strong call centre in Kolkata, India. Found the target bank account for payments was in Barclays in the UK. Reported to ActionFraud (bad name: should be called "CountFraud", do nothing but PR release statistics). Reported to Stevenage Trading Standards, who did a thorough job getting the bank account shut down, call whitelist only equipment installed at victims house.

    Take away is that continuous authority debit card payments are a pain; they follow account change transitions, and need bank HQ and local branch letters to invalidate. And now that one issue is fixed for the victim, have to sort the telesales folks selling useless vitamins.

    Happy to share scammers LinkedIn profile URL and name the Coventry Business Centre where they register their businesses in the UK. Would love their scams to end.

  25. annodomini2

    What's needed

    Custom malware to put backdoors in their system, hunt for the victim/payments db, refund all the victims and corrupt the DB.

  26. mr_souter_Working
    Unhappy

    i got one of these calls once.................

    i had every intention of winding him up and wasting time - but when he said he was "calling from windows", i just burst out laughing, told him in no uncertain terms what i thought of him, and hung up (over his protests that he was legitimate)

    i've told all my friends and family that if they ever get these calls, just to hang up on them - or tell them to phone me.

    never had another call from them :(

  27. moggie2002

    The only thing with talking to them yourself is it does waste time. Transfer them to Lenny instead, get on with life, and come to back to listen to the the fun when you have spare time.

  28. Stealthgyro

    Bomgar Enterprise Software, probably against their TOS

    I recognized that icon, so I wonder if you can get Bomgar to shutdown their licenses to that account. I don't think they would appreciate being associated with scammers.

  29. John 61
    Go

    I just say

    that my Acorn Electron can't access the internet, and that I've had the problem since 1991. Or "we don't need double glazing, thank you", then hang up. I've had the silent calls from a number in Falkirk (no doubt false) but I didn't really care as it wasn't me who was paying for the calls. They stopped a while ago.

  30. Jake Maverick

    Great story!

    Hope you changed his name though and took other methods to protect his identity...otherwise he's likely to get prosecuted for it in this ***ed up society we're surviving in :-(

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019