Can any of you tell, from the accent of this English, WHERE

[Thane]

On Wed, 27 Aug 2014 06:58:58 +0000, Ned Turnbull wrote:

Thanks for posting this and - good job by the way.

I've posted a link to this in NANAE. (news.admin.net-abuse.email). The
Indian scammers have long been a topic of amusement amongst the members.

Thane

 

[Mack A. Damia]

On Wed, 27 Aug 2014 22:23:19 -0600, rbowman <bowman@montana.com>
wrote:

Ned Turnbull wrote:

I spoke with the police department, who pretty much has confirmed that
the files they wanted me to download are not the payload. Those files
are merely legitimate remote access programs.


http://www.techcentral.co.za/we-scam-the-indian-call-centre-scammers/50579/

It was a slow day at TechCenter so the guy played dumb to the point of
downloading Support.me to a dummy computer to see what the scammers would
do.

Or when you get a call......

"Just a minute please."

Hit a few buttons to make some tones. "This is the call." Then
disguise your voice.

"This is Chief Inspector Columbo from Interpol. I am calling from our
office in South Africa, and this call is presently being traced. You
will be charged under international law with Attemped Fraud and will
be prosecuted to the full extent of the law. You are looking at a
minimum of ten years in prison. We will see you soon."

See how quickly he hangs up.

--

 

[Geoffrey S. Mendelson]

Mack A Damia wrote:

"This is Chief Inspector Columbo from Interpol. I am calling from our
office in South Africa, and this call is presently being traced. You
will be charged under international law with Attemped Fraud and will
be prosecuted to the full extent of the law. You are looking at a
minimum of ten years in prison. We will see you soon."

That's just silly. Everyone knows that since Obama became president
he's cut back on "boots on the ground". No one is going to come visit
and arrest him. A drone, however, is on it's way now, and its controller
is locating him using his internet access.



Geoff.
--
Geoffrey S. Mendelson, N3OWJ/4X1GM/KBUH7245/KBUW5379

 

[rbowman]

Ned Turnbull wrote:

I spoke with the police department, who pretty much has confirmed that
the files they wanted me to download are not the payload. Those files
are merely legitimate remote access programs.

http://www.techcentral.co.za/we-scam-the-indian-call-centre-scammers/50579/

It was a slow day at TechCenter so the guy played dumb to the point of
downloading Support.me to a dummy computer to see what the scammers would
do.

 

[Steve Hayes]

On Wed, 27 Aug 2014 22:23:19 -0600, rbowman <bowman@montana.com> wrote:

Ned Turnbull wrote:

I spoke with the police department, who pretty much has confirmed that
the files they wanted me to download are not the payload. Those files
are merely legitimate remote access programs.


http://www.techcentral.co.za/we-scam-the-indian-call-centre-scammers/50579/

It was a slow day at TechCenter so the guy played dumb to the point of
downloading Support.me to a dummy computer to see what the scammers would
do.

Well that gives most of the answers about how they operate and what they're
after.


--
Steve Hayes from Tshwane, South Africa
Web: http://www.khanya.org.za/stevesig.htm
Blog: http://khanya.wordpress.com
E-mail - see web page, or parse: shayes at dunelm full stop org full stop uk

 

[Ned Turnbull]

On Wed, 27 Aug 2014 22:23:19 -0600, rbowman wrote:

http://www.techcentral.co.za/we-scam-the-indian-call-centre-scammers/50579/

It was a slow day at TechCenter so the guy played dumb to the point of
downloading Support.me to a dummy computer to see what the scammers would
do.

Thanks for sharing that story, which I read, with interest, as I never
went further than to download the requested package.

On the entire net, unfortunately, very few people actually followed
the Indian Support Scam to fruition, as most stop at the credit card
details, as this guy did in that article.

The *only* published scam that I know of that went further, was the
sting by the US government article, which shows the next steps.

0. Indian caller calls victim (generally unsolicited)
1. Indian caller informs them their PC has been sending reports.
2. If persuasion is needed, Indian caller shows them event viewer.
3. Victim downloads Support.me or similar remote-sharing software
4. Victim provides the machine-specific ID to the Indian caller.
5. Indian caller accomplice logs in & brings up PayPal.
6. Victim enters in credit card information for $300 fee.
..... If victim plays dumb, the callers delete important files!
7. Victim has $300 withdrawn plus much more in wire transfers.

As far as I can tell from the published videos and audio, none
of which go the full mile, the Indian scammers do *not* install
keyloggers or other malware (but, certainly, they could).

They just try to pull as much money out of you as they can.

 

[Ned Turnbull]

On Thu, 28 Aug 2014 09:33:06 +0200, Steve Hayes wrote:

Well that gives most of the answers about how they operate and what they're
after.

Actually, almost all the published videos *stop* at the paypal form
point, as did this malwarebytes researcher did also:
http://www.wired.co.uk/news/archive/2013-04/11/malwarebytes

I can't find a *single* video that actually allows valid information to
be entered into the paypal form, so, we don't really know (other than
from the US Government Sting Operation previously noted) what they do
*after* that.

Of course, none of us would be willing to get to that level of
understanding ...

 

[Adrian Tuddenham]

Frank <frankdotlogullo@comcast.net> wrote:

On 8/27/2014 10:15 AM, rbowman wrote:
Ned Turnbull wrote:

Can any of you tell from whence this caller came from, based on his
English accent (as he attempts to 'repair' my home Windows PC)?

I play that game a lot and I'm dealing with legitimate support people at
some large software companies. Sometimes I cop out, tell them I'm hard of
hearing, and can we please move the conversation to email.

Most fun I ever had was telling a guy that I could not understand him.
When he demurred, I asked if there was a white person there I could
speak to. He went berserk and I hung up.

I strung along a young woman up to the point where she gave me a URL,
then I said I needed to ask her a question before I went any further:
"Does you mother know you are behaving worse than a prostitute?". Her
reply revealed an unexpected fluency in vernacular English.


--
~ Adrian Tuddenham ~
(Remove the ".invalid"s and add ".co.uk" to reply)
www.poppyrecords.co.uk

 

[Adam Funk]

On 2014-08-27, the Omrud wrote:

On 27/08/2014 20:40, Mark Lloyd wrote:

For a lot of calls I get, caller ID NAME shows as one of:
....
Those, I don't answer let the answering machine get it. Fewer than .1%
leave a message. It's like they know what they're selling isn't
worthwhile, and if you have a chance to think about it you won't want it.

The auto-diallers which these scammers use can recognise an answering
machine and so do not put the call through to a human but just drop it.

I haven't tried this yet (I get very few unwanted calls, for some
reason), but I have heard that if you record the "out of service"
error tone at the beginning of your outgoing message, auto-diallers
will recognize it & often delete your number from their list.


--
I have a natural revulsion to any operating system that shows so
little planning as to have to named all of its commands after
digestive noises (awk, grep, fsck, nroff).
[The UNIX-HATERS Handbook]

 

[John Robertson]

On 08/28/2014 7:21 AM, Adam Funk wrote:

On 2014-08-27, the Omrud wrote:

On 27/08/2014 20:40, Mark Lloyd wrote:

For a lot of calls I get, caller ID NAME shows as one of:
....
Those, I don't answer let the answering machine get it. Fewer than .1%
leave a message. It's like they know what they're selling isn't
worthwhile, and if you have a chance to think about it you won't want it.

The auto-diallers which these scammers use can recognise an answering
machine and so do not put the call through to a human but just drop it.

I haven't tried this yet (I get very few unwanted calls, for some
reason), but I have heard that if you record the "out of service"
error tone at the beginning of your outgoing message, auto-diallers
will recognize it & often delete your number from their list.

That has been talked about and appears to be somewhat effective.

http://lifehacker.com/343595/trick-automated-phone-bots-into-never-calling-you-again

They may be on to that trick by now, after all this has been available
since around 2005.

Wikipedia has a number of tones recorded that may be fun to play with:

http://en.wikipedia.org/wiki/Special_information_tones

If it is successful please report back!

John :-#)#

--
(Please post followups or tech inquiries to the newsgroup)
John's Jukes Ltd. 2343 Main St., Vancouver, BC, Canada V5T 3C9
(604)872-5757 or Fax 872-2010 (Pinballs, Jukes, Video Games)
www.flippers.com
"Old pinballers never die, they just flip out."

 

[amdx]

On 8/27/2014 8:17 AM, Ned Turnbull wrote:

On Wed, 27 Aug 2014 09:26:01 +0200, Steve Hayes wrote:

in nearly all of them the accent has sounded Indian to me.

That's interesting.
Do you know if the accent is particular to any specific region?

Here's a neat quiz to give a location by words you use.
Only good in the US though. I bet the government is developing such a
program for homeland security.

http://www.nytimes.com/interactive/2013/12/20/sunday-review/dialect-quiz-map.html?_r=2&


I took it and it said I was probably from Grand Rapids, Detroit or
Toledo. Darn close to Kalamazoo Mi., where I was born and lived for
about 40 years. Apparently I didn't loose my native speech even though I
have lived in Florida for 20 years.

Mikek

---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com

 

[Michael A. Terrell]

Hans Aberg wrote:

On 2014/08/27 19:20, Michael A. Terrell wrote:

Hans Aberg wrote:

On 2014/08/27 15:16, Ned Turnbull wrote:
On Wed, 27 Aug 2014 08:17:18 -0400, Mayayana wrote:

Indeed. And don't people have caller ID?

I don't have caller ID on my landline, unfortunately.

Here in Sweden, one typically has to order it from the phone company and
pay a few bucks a month. For mobile phones, it is built into the
protocol, so they always have it.


Caller ID isn't available to people who use the Lifeline phone
service.

That's bad, because malicious phone calls typically have withheld Caller
ID and do not leave a message on the answering machine.

You can't have anything other than local phone service for
that type of account.

What is this and why can't one have Caller ID presentation on that?

It is a zero frills landline service for the disabled or senior
citizens to have access to medical help. They remove the federal taxes,
in exchange for giving you basic service at a low price.

<http://www.fcc.gov/guides/lifeline-and-link-affordable-telephone-service-income-eligible-consumers>


--
Anyone wanting to run for any political office in the US should have to
have a DD214, and a honorable discharge.

 

[Michael A. Terrell]

Tony Hwang wrote:

Latest call is from Pakistan for duct cleaning job, blah, blah.

Tell them they were cleaned last week, by their company. Then ask just
how bad is their workmanship.


--
Anyone wanting to run for any political office in the US should have to
have a DD214, and a honorable discharge.

 

[Michael A. Terrell]

rbowman wrote:

Ned Turnbull wrote:

I spoke with the police department, who pretty much has confirmed that
the files they wanted me to download are not the payload. Those files
are merely legitimate remote access programs.


http://www.techcentral.co.za/we-scam-the-indian-call-centre-scammers/50579/

It was a slow day at TechCenter so the guy played dumb to the point of
downloading Support.me to a dummy computer to see what the scammers would
do.

An hour and eight minutes of a guy messing with a fake support site,
until his throw away cell phone fails:

<https://www.youtube.com/watch?v=tGGpgieEewI&list=UUMeZ9Zwz5tWw9_kaZzzjZ5w>


--
Anyone wanting to run for any political office in the US should have to
have a DD214, and a honorable discharge.

 

[Adam Funk]

On 2014-08-28, John Robertson wrote:

On 08/28/2014 7:21 AM, Adam Funk wrote:
On 2014-08-27, the Omrud wrote:

On 27/08/2014 20:40, Mark Lloyd wrote:

For a lot of calls I get, caller ID NAME shows as one of:
....
Those, I don't answer let the answering machine get it. Fewer than .1%
leave a message. It's like they know what they're selling isn't
worthwhile, and if you have a chance to think about it you won't want it.

The auto-diallers which these scammers use can recognise an answering
machine and so do not put the call through to a human but just drop it.

I haven't tried this yet (I get very few unwanted calls, for some
reason), but I have heard that if you record the "out of service"
error tone at the beginning of your outgoing message, auto-diallers
will recognize it & often delete your number from their list.



That has been talked about and appears to be somewhat effective.

http://lifehacker.com/343595/trick-automated-phone-bots-into-never-calling-you-again

They may be on to that trick by now, after all this has been available
since around 2005.

Well, I guess they have 3 or 4 choices:

1. delete numbers that result in an out-of-service tone;
2. keep all numbers in the list & continue to waste money (maybe not
much) dialling numbers that are out of service;
3a. let ASR try to analyse the voice messages after the tone to decide
whether to keep or delete the numbers;
3b. pay someone to listen to the messages to do that.

Wikipedia has a number of tones recorded that may be fun to play with:

http://en.wikipedia.org/wiki/Special_information_tones

Interesting, thanks.


--
Master Foo said: "A man who mistakes secrets for knowledge is like
a man who, seeking light, hugs a candle so closely that he smothers
it and burns his hand." --- Eric Raymond

 

[Ned Turnbull]

On Fri, 29 Aug 2014 15:24:27 -0400, Michael A. Terrell wrote:

An hour and eight minutes of a guy messing with a fake support site,
until his throw away cell phone fails:

This was published today, where they had the scammers on for two hours,
and it was *exactly* the same script used on me earlier this week!

http://blog.emsisoft.com/2014/08/29/what-happens-when-a-tech-support-scammer-cold-calls-a-security-expert/

I suspect this scam is going to hit most of you, so, be ready with
the Virtual Machine, and the recorder (or just hang up, depending on
your investigative personality quotient).

 

[rbowman]

amdx wrote:

I took it and it said I was probably from Grand Rapids, Detroit or
Toledo. Darn close to Kalamazoo Mi., where I was born and lived for
about 40 years. Apparently I didn't loose my native speech even though I
have lived in Florida for 20 years.

Interestingm but it listed Madison and Milwaukee WI and Rockford IL. I've
been through all three, which is about as close as I've gotten.

 

[Michael A. Terrell]

Ned Turnbull wrote:

On Fri, 29 Aug 2014 15:24:27 -0400, Michael A. Terrell wrote:

An hour and eight minutes of a guy messing with a fake support site,
until his throw away cell phone fails:

This was published today, where they had the scammers on for two hours,
and it was *exactly* the same script used on me earlier this week!

http://blog.emsisoft.com/2014/08/29/what-happens-when-a-tech-support-scammer-cold-calls-a-security-expert/

I suspect this scam is going to hit most of you, so, be ready with
the Virtual Machine, and the recorder (or just hang up, depending on
your investigative personality quotient).

They have never been on the line more than five minutes before they
curse me out, and hang up.



--
Anyone wanting to run for any political office in the US should have to
have a DD214, and a honorable discharge.

 

[Steve Hayes]

On Sat, 30 Aug 2014 03:54:33 +0000 (UTC), Ned Turnbull
<NedTurnbull@example.com> wrote:

On Fri, 29 Aug 2014 15:24:27 -0400, Michael A. Terrell wrote:

An hour and eight minutes of a guy messing with a fake support site,
until his throw away cell phone fails:

This was published today, where they had the scammers on for two hours,
and it was *exactly* the same script used on me earlier this week!

http://blog.emsisoft.com/2014/08/29/what-happens-when-a-tech-support-scammer-cold-calls-a-security-expert/

I suspect this scam is going to hit most of you, so, be ready with
the Virtual Machine, and the recorder (or just hang up, depending on
your investigative personality quotient).

I think you have to string them along for a while. If you just hang up they
seem to call back, unless there are thousands of freelance scammers with the
same script.


--
Steve Hayes from Tshwane, South Africa
Web: http://www.khanya.org.za/stevesig.htm
Blog: http://khanya.wordpress.com
E-mail - see web page, or parse: shayes at dunelm full stop org full stop uk

 

[Ned Turnbull]

On Sat, 30 Aug 2014 01:56:02 -0400, Michael A. Terrell wrote:

They have never been on the line more than five minutes before they
curse me out, and hang up.

Reminds me of Jury duty.
Within one or two questions, I always get "Juror number 7, you are excused"...