[Owasp-austin] Phone Call Today (Too good not to share)

David Vas david.vas at ni.com
Thu Jan 22 20:47:24 UTC 2015

I got a similar call and I pretended to play along. I don't know where 
they called from but they claimed to be from Microsoft's server room, and 
that they detected an issue. Basically the steps they wanted me to follow 
would have been enough to give them remote access to my computer - think 
not necessarily remote desktop, but RPC and the like, that the user can't 
even notice most of the time. My guess is they either wanted to turn it 
into part of a zombie network, or install some software they could steal 
personal information with. After I told him I didn't do anything because I 

know it's a scam, they quickly disconnected. (I got a second call few 
weeks later, but then I was the one to disconnect)
Dávid Vas
Programmer Analyst
National Instruments

O +1.512.683.5992

From:   Josh Sokol <josh.sokol at owasp.org>
To:     "owasp-austin at lists.owasp.org" <owasp-austin at lists.owasp.org>, 
Date:   2015-01-22 14:39
Subject:        [Owasp-austin] Phone Call Today (Too good not to share)
Sent by:        owasp-austin-bounces at lists.owasp.org

I literally just had the most interesting phone call that I've ever taken. 

A man called telling me that they had detected errors coming from my 
computer. I immediately stopped him, told him he was trying to scam me, 
and told him that I do security for a living. He immediately said "You got 

me" and then proceeded to have a lengthy conversation with me about what 
he does, who he is, and why he does it. His real name was Baroon and he is 

from Uganda. He told me that he will take the user into their Event Viewer 

and show them the errors there to make them think that there's a problem 
with their system. Once they see that, he will offer to help them and have 

them launch a session with them. They will offer to fix it for $300 (which 

he said is far less than some of the scammers who charge $2k). He first 
told me that it's the persons fault for being stupid, but then shared with 

me that he knows it's wrong and he is interviewing and trying to change 
jobs. I told him that I appreciated his honesty and I wished him well with 

his search for a more reputable job. Crazy.

Owasp-austin mailing list
Owasp-austin at lists.owasp.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20150122/8f014609/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 5583 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20150122/8f014609/attachment.png>

More information about the Owasp-austin mailing list