A French security blogger named Ivan Kwiatkowski was incensed when scammers tried to scam his parents by pretending to be Microsoft helping them sort out virus problems.
Ivan decided to find out more about these scammers and see if he could turn the tables on them. He called the number his parents had called and a lady named Patricia answered. He spun her a yarn about his computer having problems with Zeus virus and could she help.
Oh yes she could.
It is typical with these scams, for the scammer to install software on the victim’s PC supposedly to ‘see how bad the problem is’ but in fact to use a cheat so as to show the extent of the ‘fake’ problem’ and maybe to look for credit card details and passwords etc.
Ivan had setup a PC off the network so he could let the scammer have a look around safely.
He allowed Patricia to take control of the PC and install her software. She told him she’d found that the PC had 1452 viruses and she could supply anti-virus software and fix it for $189.90. Ivan told her he’d buy the software in Paris where he lives and the conversation ended, to the scammers surprise.
But Ivan wasn’t finished yet – he phoned back and spoke with a new scammer, Dileep, who checked the situation and offered to clean the PC of viruses and install anti-virus protection for $299.99.
Ivan offered to buy the package but when it came to giving credit card details – he had fake card details to use but pretended he couldn’t read very well so when the card number was rejected he claimed poor eyesight was the problem. After numerous attempts he had a brainwave. Ivan had j.Locky ransomware on disk as he had been researching it recently.
He convinced Dileep to accept a photo of the card so he could read the numbers himself, but Ivan send the photo with j.Locky attached.
The scammer didn’t know it but j.Locky would be busy in the background encrypting all of his files then would demand a ransom to have them released.
Scam the scammer.
Nice one Ivan
To read the original account of the scam, go to https://blog.kwiatkowski.fr/?q=en/node/30
If you have any experiences with scammers, spammers or time-wasters do let me know, by email.