Inside an International Tech-Support Scam

[DGUtley]

Inside an International Tech-Support Scam

How a computer hacker infiltrated a phone scam operation — exposing fraudsters and their schemes


One night that spring, his curiosity got the better of him. “It was part nosiness and part intellectual curiosity,” Jim said. “I'm a problem solver and I wanted to get to the bottom of what these people wanted.” So he returned one of the calls.
The person who answered asked if he could access Jim's computer to diagnose the problem. Jim granted access, but he was ready; he had created a “virtual computer” within his computer, a walled-off digital domain that kept Jim's personal information and key operations safe and secure. As he played along with the caller, Jim recorded the conversation and activity on his Trojan horse setup to find out what he was up to. It took mere moments to confirm his hunch: It was a scam.

1140-fraud-factory-office1.imgcache.rev.web.900.518.jpg

Intrigued by the experience, Jim started spending his evenings getting telephone scammers online, playing the dupe, recording the interactions and then posting videos of the encounters on YouTube. It became, if not a second career, an avocation—after-dinner entertainment exposing “tech support” scammers who try to scare us into paying for unnecessary repairs.

1140-fraud-command-center.imgcache.rev.web.700.403.jpg

Then one day in 2018, Jim's evening forays took an unexpected turn. A tech support scammer called from India and went through the normal spiel, but then he asked Jim to do something unusual: to log in to the scammer's computer using a remote-access software program called TeamViewer. Later on, Jim found out why: The developers of TeamViewer had discovered that criminals in India were abusing their software, so they temporarily banned its use from computers initiating connections from India. But there was a loophole: It didn't stop scammers from asking U.S. and U.K. consumers like Jim to initiate access into computers in India.


Hence, the scammer's request. The voice on the phone talked Jim through the connection process, then told him to initiate a “switch sides” function so the caller could “be in charge” and look through Jim's computer. Presented with this opportunity, Jim acted quickly. Instead of “switching sides,” he took control of the criminal's computer and locked the scammer out of his own computer. Lo and behold, mild-mannered programmer Jim Browning had complete access to all of the scammer's files and software. And he was able to see everything the scammer was frantically trying to do to regain control.
This bit of digital jujitsu changed everything. Over the next few months, Jim figured out ways to infiltrate the computers of almost every scammer who tried to victimize him. “My process worked on almost every remote access program out there, certainly the ones most popular with scammers, like TeamViewer, AnyDesk or FastSupport.” He also figured out how to secretly install software that recorded what the scammers were doing — without them even knowing it.
Suddenly, Jim was sitting on some powerful knowledge. But as Spider-Man was told, with great power comes great responsibility. Jim wondered, What should I do with what I've learned?

1140-fraud-factory-script.imgcache.rev.web.700.403.jpg


1140-fraud-factory-laughing.imgcache.rev.web.700.403.jpg


1140-fraud-cash-box-mailing.imgcache.rev.web.700.409.jpg


Inside an International Tech-Support Scam (aarp.org)

[RMNIXON]

I recall getting calls from people with Indian accents claiming they were from Microsoft many years ago, but I hung up of course. They don't patch software issues over the phone!

[Dr. Who]

It always amazes me how trusting people are when it comes to believing these scammers. I've encountered the pop-ups that claim all manner of dastardly viruses have infected my computer, freezes the browser or produces some alarming sound and provides a contact number to remedy "the problem". Pffft. I just kill the browser. I always run robust anti-virus/computer security software that scans for everything. I also don't answer any phone number I don't recognize and these scammers rarely leave voicemail. I guess I'm just very skeptical. I operate on the basic premise that no one wants to give you anything for free. As to computers, logically, why would anyone other than a scammer be checking for problems on people's computers? Good computer techs are busy, they aren't searching the internet randomly for customers. Furthermore, why would anyone honest be scanning your computer for viruses just because you clicked a cleverly disguised, misrepresented link?

The same principle applies to every other kind of scam that people perpetrate. If it seems like some stranger is trying to give you something for free or provide you with an unsolicited favor, it's a scam. There is no such thing as a free lunch. Banks and the government simply don't deal with financially sensitive or tax issues by asking for your personal information. They either contact you by mail, or if by phone their identity shows up on on the display - they also provide you with your sensitive information once they confirm your identity - they aren't asking you for it.

I guess, since I've been working with computers and even building them since we moved past the Commodore 64, I don't freak out all that easily about computer anomalies, and can tell the difference between fake and real problems, but really, common sense should inform people when they are being scammed this transparently. At any rate, it seems that we need some PSA's educating people about these kind of scams because common sense isn't all that common.