Later On

A blog written for those whose interests more or less match mine.

Inside an International Tech-Support Scam

leave a comment »

Cybercrime operates large-scale (for example, the current takedown of the oil pipeline that serves the East Coast of the US, which is going to hit hard as fuel supplies run low) and small-scale (individuals). Doug Shadel and Neil Wertheimer write for AARP:

A light rain fell and a cold gray mist hung over the street as Jim Browning arrived home from work. A middle-aged Irishman with a strong brogue, Jim is a software engineer at a midsize consulting firm, and on this workday, like most, there were few surprises. He shared a pleasant dinner with his wife, and when the dishes were cleared, he retreated to his office, shut the door, opened his computer and went undercover.

Jim Browning is not his real name. The alias is necessary to protect him and his family from criminals and law enforcement, as what he does in the privacy of his office may be morally upright but technically illegal. It’s a classic gray area in the netherworld of computer hacking, as we will explain. What is important to know is that back in 2014, it was the same annoying robocalls that you and I get most days that set Jim on his journey to become a vigilante.

A relative of Jim’s had told him about warnings popping up on his computer, and Jim, too, was besieged with recorded calls saying his computer was on the verge of meltdown, and that to prevent it he should call immediately. As a software expert, Jim knew there was nothing wrong with his system, but the automated calls from “certified technicians” didn’t stop. One night that spring, his curiosity got the better of him. “It was part nosiness and part intellectual curiosity,” Jim said. “I’m a problem solver and I wanted to get to the bottom of what these people wanted.” So he returned one of the calls.

The person who answered asked if he could access Jim’s computer to diagnose the problem. Jim granted access, but he was ready; he had created a “virtual computer” within his computer, a walled-off digital domain that kept Jim’s personal information and key operations safe and secure. As he played along with the caller, Jim recorded the conversation and activity on his Trojan horse setup to find out what he was up to. It took mere moments to confirm his hunch: It was a scam.

Intrigued by the experience, Jim started spending his evenings getting telephone scammers online, playing the dupe, recording the interactions and then posting videos of the encounters on YouTube. It became, if not a second career, an avocation—after-dinner entertainment exposing “tech support” scammers who try to scare us into paying for unnecessary repairs.

“Listening to them at first, honestly, made me sick, because I realized right away all they wanted to do was steal money,” Jim would later tell me. “It doesn’t matter if you are 95 or 15, they will say whatever they need to say to get as much money out of you as possible.” Jim saw, for example, how the callers used psychology to put targets at ease. “They say reassuring phrases like ‘Take your time, sir,’ or ‘Do you want to get a glass of water?’ And they will also try to endear themselves to older people, saying things like ‘You sound like my grandmother,’ or ‘You don’t sound your age—you sound 20 years younger.’ “

Jim’s YouTube videos garnered mild interest — a couple thousand views at best. For Jim, this didn’t matter. The engineer in him enjoyed solving the maze. At the least, he was wasting the scammers’ time. At best, his videos maybe helped prevent some cases of fraud.

Then one day in 2018, Jim’s evening forays took an unexpected turn. A tech support scammer called from India and went through the normal spiel, but then he asked Jim to do something unusual: to log in to the scammer’s computer using a remote-access software program called TeamViewer. Later on, Jim found out why: The developers of TeamViewer had discovered that criminals in India were abusing their software, so they temporarily banned its use from computers initiating connections from India. But there was a loophole: It didn’t stop scammers from asking U.S. and U.K. consumers like Jim to initiate access into computers in India.

Hence, the scammer’s request. The voice on the phone talked Jim through the connection process, then told him to initiate a “switch sides” function so the caller could “be in charge” and look through Jim’s computer.

Presented with this opportunity, Jim acted quickly. Instead of “switching sides,” he took control of the criminal’s computer and locked the scammer out of his own computer. Lo and behold, mild-mannered programmer Jim Browning had complete access to all of the scammer’s files and software. And he was able to see everything the scammer was frantically trying to do to regain control.

This bit of digital jujitsu changed everything. Over the next few months, Jim figured out ways to infiltrate the computers of almost every scammer who tried to victimize him. “My process worked on almost every remote access program out there, certainly the ones most popular with scammers, like TeamViewer, AnyDesk or FastSupport.” He also figured out how to secretly install software that recorded what the scammers were doing — without them even knowing it.

Suddenly, Jim was sitting on some powerful knowledge. But as Spider-Man was told, with great power comes great responsibility. Jim wondered, What should I do with what I’ve learned?

Scammers mock and make fun of victims

By now Jim had reverse engineered his way into dozens of scammers’ computers, sometimes four or five at a time. He would set his software to record, then leave for work as his computers did their thing. When he came home at night, he reviewed the footage. Often, he couldn’t believe what he saw: call after call of boiler room scammers — mostly in India — contacting older people — mostly in the U.S. and U.K. — and scaring them into spending money to fix a fake computer problem, or sending money based on other deceptions.

Jim posted these new videos, which gave an authentic, bird’s-eye view of how scammers operate. As a result, his YouTube channel jumped to tens of thousands of subscribers.

One night in May 2019, Jim found his way into the computer network of a large New Delhi boiler room. While lurking in their network, he noticed the company had installed closed-circuit television (CCTV) cameras so the bosses could monitor their employees. So Jim hacked his way into that network and was able to turn the cameras this way and that, capturing the facial expressions and attitudes of dozens of scammers in action.

In one remarkable scene, he . . .

Continue reading. There’s a lot more, including some actual examples.

Written by Leisureguy

10 May 2021 at 11:46 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.