[Owasp-austin] Phone Call Today (Too good not to share)

Albert R. Campa abcampa at gmail.com
Fri Jan 23 18:04:51 UTC 2015


Should have done this. lol
https://www.youtube.com/watch?v=6ftRs73dx4s

On Thu Jan 22 2015 at 3:28:47 PM James Hess <hessjd at gmail.com> wrote:

> This happened to me about a year ago as well. "Oh really? These errors
> just started?" I said. He said he was going to help me and proceeded to
> instruct me to click on the "Start" button. "Are you sure? I don't have a
> 'Start' button." I said. "It should be at the bottom left corner of your
> screen," he said. "I use Linux." He hung up.
>
> James
>
> On Thu, Jan 22, 2015 at 2:47 PM, David Vas <david.vas at ni.com> wrote:
>
>> I got a similar call and I pretended to play along. I don't know where
>> they called from but they claimed to be from Microsoft's server room, and
>> that they detected an issue. Basically the steps they wanted me to follow
>> would have been enough to give them remote access to my computer - think
>> not necessarily remote desktop, but RPC and the like, that the user can't
>> even notice most of the time. My guess is they either wanted to turn it
>> into part of a zombie network, or install some software they could steal
>> personal information with. After I told him I didn't do anything because I
>> know it's a scam, they quickly disconnected. (I got a second call few weeks
>> later, but then I was the one to disconnect)
>>  ------------------------------
>> *Dávid Vas*
>> Programmer Analyst
>> National Instruments
>>
>> O +1.512.683.5992
>>
>>
>>
>>
>>
>> From:        Josh Sokol <josh.sokol at owasp.org>
>> To:        "owasp-austin at lists.owasp.org" <owasp-austin at lists.owasp.org>,
>>
>> Date:        2015-01-22 14:39
>> Subject:        [Owasp-austin] Phone Call Today (Too good not to share)
>> Sent by:        owasp-austin-bounces at lists.owasp.org
>> ------------------------------
>>
>>
>>
>> I literally just had the most interesting phone call that I've ever
>> taken. A man called telling me that they had detected errors coming from my
>> computer. I immediately stopped him, told him he was trying to scam me, and
>> told him that I do security for a living. He immediately said "You got me"
>> and then proceeded to have a lengthy conversation with me about what he
>> does, who he is, and why he does it. His real name was Baroon and he is
>> from Uganda. He told me that he will take the user into their Event Viewer
>> and show them the errors there to make them think that there's a problem
>> with their system. Once they see that, he will offer to help them and have
>> them launch a session with them. They will offer to fix it for $300 (which
>> he said is far less than some of the scammers who charge $2k). He first
>> told me that it's the persons fault for being stupid, but then shared with
>> me that he knows it's wrong and he is interviewing and trying to change
>> jobs. I told him that I appreciated his honesty and I wished him well with
>> his search for a more reputable job. Crazy.
>>
>> ~josh________ _________________________ ______________
>> Owasp-austin mailing list
>> Owasp-austin at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-austin
>>
>>
>> _______________________________________________
>> Owasp-austin mailing list
>> Owasp-austin at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-austin
>>
>>
> _______________________________________________
> Owasp-austin mailing list
> Owasp-austin at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-austin
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20150123/6caf3679/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 5583 bytes
Desc: not available
URL: <http://lists.owasp.org/pipermail/owasp-austin/attachments/20150123/6caf3679/attachment.png>


More information about the Owasp-austin mailing list