[Owasp-austin] Phone Call Today (Too good not to share)

James Hess hessjd at gmail.com
Thu Jan 22 21:25:05 UTC 2015

This happened to me about a year ago as well. "Oh really? These errors just
started?" I said. He said he was going to help me and proceeded to instruct
me to click on the "Start" button. "Are you sure? I don't have a 'Start'
button." I said. "It should be at the bottom left corner of your screen,"
he said. "I use Linux." He hung up.


On Thu, Jan 22, 2015 at 2:47 PM, David Vas <david.vas at ni.com> wrote:

> I got a similar call and I pretended to play along. I don't know where
> they called from but they claimed to be from Microsoft's server room, and
> that they detected an issue. Basically the steps they wanted me to follow
> would have been enough to give them remote access to my computer - think
> not necessarily remote desktop, but RPC and the like, that the user can't
> even notice most of the time. My guess is they either wanted to turn it
> into part of a zombie network, or install some software they could steal
> personal information with. After I told him I didn't do anything because I
> know it's a scam, they quickly disconnected. (I got a second call few weeks
> later, but then I was the one to disconnect)
>  ------------------------------
> *Dávid Vas*
> Programmer Analyst
> National Instruments
> O +1.512.683.5992
> From:        Josh Sokol <josh.sokol at owasp.org>
> To:        "owasp-austin at lists.owasp.org" <owasp-austin at lists.owasp.org>,
> Date:        2015-01-22 14:39
> Subject:        [Owasp-austin] Phone Call Today (Too good not to share)
> Sent by:        owasp-austin-bounces at lists.owasp.org
> ------------------------------
> I literally just had the most interesting phone call that I've ever taken.
> A man called telling me that they had detected errors coming from my
> computer. I immediately stopped him, told him he was trying to scam me, and
> told him that I do security for a living. He immediately said "You got me"
> and then proceeded to have a lengthy conversation with me about what he
> does, who he is, and why he does it. His real name was Baroon and he is
> from Uganda. He told me that he will take the user into their Event Viewer
> and show them the errors there to make them think that there's a problem
> with their system. Once they see that, he will offer to help them and have
> them launch a session with them. They will offer to fix it for $300 (which
> he said is far less than some of the scammers who charge $2k). He first
> told me that it's the persons fault for being stupid, but then shared with
> me that he knows it's wrong and he is interviewing and trying to change
> jobs. I told him that I appreciated his honesty and I wished him well with
> his search for a more reputable job. Crazy.
> ~josh________ _________________________ ______________
> Owasp-austin mailing list
> Owasp-austin at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-austin
> _______________________________________________
> Owasp-austin mailing list
> Owasp-austin at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-austin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20150122/568dc900/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 5583 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20150122/568dc900/attachment.png>

More information about the Owasp-austin mailing list