Scam phone call from Microsoft?

Where to buy? Where can I find? How do I? Getting started.
betelgeuse
Posts: 4353
Joined: Thu Aug 29, 2013 1:24 am

Re: Scam phone call from Microsoft?

Post by betelgeuse » Wed Mar 17, 2021 11:05 pm

NukkuMatti wrote:
Wed Mar 17, 2021 10:52 pm
So how does that work when you live in Finland? As long as the scammer is not pressing charges in Finland at the police, you walk free?
The criminal code defines per crime whether the victim needs to request or it can be prosecuted regardless.

https://www.finlex.fi/en/laki/kaannokse ... 890039.pdf



Re: Scam phone call from Microsoft?

Sponsor:

Finland Forum Ad-O-Matic
 

FinnGuyHelsinki
Posts: 1439
Joined: Sun Nov 08, 2009 8:52 pm

Re: Scam phone call from Microsoft?

Post by FinnGuyHelsinki » Thu Mar 18, 2021 7:20 am

NukkuMatti wrote:
Wed Mar 17, 2021 10:01 pm
Example: burglar comes in your home and you wake up, he threatens / tries to stab you (to death) and you hit him with the baseball bat from next to your bed, on the head and he dies! Are you a murderer or innocent victim. How does that work in Finland?
The legal system will decide, after a police investigation, a prosecutor whether to press charges and if so, the court will decide if guilty or not.

In such cases it is about the level of threat, proportional use of force, and when and how the force is used, as a self defense or somehow otherwise. For example, a small person (A) against a huge bodybuilder (B), one attacking the other bare-fisted with the intent to kill; if A is the attacker, anything beyond restraining the attacker may be deemed excessive, if B is the attacker, even the use of a firearm may be deemed justified. There are no stand your ground or castle doctrine laws in Finland, a target of an attack doesn't get a free pass by default.

Considering your example, a baseball bat is pretty much on par with a knife as such, but other circumstances may swing it (no pun) either way. If everything happens suddenly, probably the resident is not suspected of any wrong-doing. If the events unfold in another way, for example, after the burglar attacking the resident, and the resident having defended oneself, the burglar starts to back off and run away, trying to escape and at that time the resident catches up with the burglar, kills him/her by hitting with a baseball bat, the resident has committed a crime as the immediate threat no longer existed and therefore the use of force was no longer (legally) justifiable.

Try to make a distinction between what you feel is justified, and what is legal, those are two different things.

NukkuMatti
Posts: 273
Joined: Fri Nov 20, 2015 9:51 pm

Re: Scam phone call from Microsoft?

Post by NukkuMatti » Mon Mar 22, 2021 10:13 am

FinnGuyHelsinki wrote:
Thu Mar 18, 2021 7:20 am
The legal system will decide, after a police investigation, a prosecutor whether to press charges and if so, the court will decide if guilty or not.

In such cases it is about the level of threat, proportional use of force, and when and how the force is used, as a self defense or somehow otherwise. For example, a small person (A) against a huge bodybuilder (B), one attacking the other bare-fisted with the intent to kill; if A is the attacker, anything beyond restraining the attacker may be deemed excessive, if B is the attacker, even the use of a firearm may be deemed justified. There are no stand your ground or castle doctrine laws in Finland, a target of an attack doesn't get a free pass by default.

Considering your example, a baseball bat is pretty much on par with a knife as such, but other circumstances may swing it (no pun) either way. If everything happens suddenly, probably the resident is not suspected of any wrong-doing. If the events unfold in another way, for example, after the burglar attacking the resident, and the resident having defended oneself, the burglar starts to back off and run away, trying to escape and at that time the resident catches up with the burglar, kills him/her by hitting with a baseball bat, the resident has committed a crime as the immediate threat no longer existed and therefore the use of force was no longer (legally) justifiable.

Try to make a distinction between what you feel is justified, and what is legal, those are two different things.
Agreed!

But, to get back to the original topic of these scammers, and the practices of Jim Browning and other scambaiters like Kitboga and scammersrevolt (perogi?):

It is my believe that in this case there is no crime committed by them, even if they would live in Finland, because they are granted access by the scammer: the scammer connects to the "victims" computer with a program (anydesk) that allows 2 way traffic, he does this out of free will therefore giving you access to his systems. This means there is no actual forced intrusion, access is given (knowing or unknowingly depending on the intelligence of the scammer) and therefore it is legal.
In the case the scammer use Teamviewer, they mostly even ask you to connect to their PC first, before they reverse the connection to prevent a warning pop up from Teamviewer regarding the use for scams
Even in the case of you setting up a "trap" by naming a RAT into a file with your banking details, it is the Scammer that chooses to use information from your computer which causes him to "invite" you to access his computer / network.
If it would not be legal, then Microsoft would not be allowed to sell their Windows10 because by using Microsoft, you give access to your network to Microsoft even if you do not want this (like me)... it takes a little bit of a windows guru to switch all this Microsoft telemetry off... (or you just download a tool for it).

So I do believe it is legal, even in Finland,....but if you have case law example of something similar that says otherwise, I would love to read up on it (even with google translate)...

FinnGuyHelsinki
Posts: 1439
Joined: Sun Nov 08, 2009 8:52 pm

Re: Scam phone call from Microsoft?

Post by FinnGuyHelsinki » Mon Mar 22, 2021 11:13 am

NukkuMatti wrote:
Mon Mar 22, 2021 10:13 am
But, to get back to the original topic of these scammers, and the practices of Jim Browning and other scambaiters like Kitboga and scammersrevolt (perogi?):
What you suggested was:
NukkuMatti wrote:
Mon Mar 22, 2021 10:13 am
If you feel adventurous, try to get your hands on a good PC with multiple monitors, multiple Virtual machines on it configured, a good remote access trojan (RAT) virus on your VM desktop disguised as banking details file, a command and control server on another VM for controlling the RAT (on the same PC) and play along, let him connect to your computer VM and lure him to copy the trojan.... after that you can do anything on his PC or even complete network...
And it definitely is illegal to access to someone's computer and network without their consent. No matter how much someone is thinking of doing the community a service, it does not change that. Being a target of phishing, hacking,,.. attack does not grant you the right to do the same to them in return.

Furthermore, trying to get even with criminals on your own may easily get you in more trouble (with little to be gained); identity theft, continuing harrassment and whatever else, which may not have happened unless making a clear target of yourself. They are the criminals, and if you (hopefully) are not, you have much more to lose. Best to cut your losses, learn from the experience and let the police do their job.

NukkuMatti
Posts: 273
Joined: Fri Nov 20, 2015 9:51 pm

Re: Scam phone call from Microsoft?

Post by NukkuMatti » Sun Mar 28, 2021 5:37 am

FinnGuyHelsinki wrote:
Mon Mar 22, 2021 11:13 am

And it definitely is illegal to access to someone's computer and network without their consent. No matter how much someone is thinking of doing the community a service, it does not change that. Being a target of phishing, hacking,,.. attack does not grant you the right to do the same to them in return.

Furthermore, trying to get even with criminals on your own may easily get you in more trouble (with little to be gained); identity theft, continuing harrassment and whatever else, which may not have happened unless making a clear target of yourself. They are the criminals, and if you (hopefully) are not, you have much more to lose. Best to cut your losses, learn from the experience and let the police do their job.
Yeah that is the thing, the German / Finnish / Swedish / UK / USA police cannot do their job because they do not have jurisdiction. The Indian police don't care enough because there is the understanding / opinion there is no crime committed in India...(theft).

And you make the assumption that access is acquired without their consent, that is by definition wrong because with their actions, they give you consent, THEY connect to your computer, that means 2 way traffic, otherwise you cannot connect.

In my example I just made it clear that the trap is set fro anyone who wants to steal your bank credentials, and this is where lays the nuance, no innocent person will be falling for the trap, only thieves...

That said, even than, the act of actually deleting the scammers files, which is supposedly illegal from a Finnish law point of view, is very difficult to prove for law enforcement. There is no evidence, the youtube video you make can be a staged event like for example the bounty hunter video's (almost all are staged). Research on you VM will be virtually impossible because with every restart of the VM, the evidence is gone. So basically I do not see the problem.

Further more, you should of course take precautions regarding your digital safety, hence the VM. Better is even a stand alone PC using a VPN with a spare cloned Harddrive for rebuild purposes in case of a virus, from what you run your VM, like as AGroot said in the unfortunate event the one in a million scammers that are actually skilled, escapes the VM (which works as your sandbox).

Besides of course the use of a unregistered prepaid phone to make the calls (better to use the phone service providers as explained by Jim Browning and others.

But, I have better things to do so my actions stop with just donating / becoming member, to the patreon websites of Jim Browning / Perogi (scammersrevolt) / Kitboga etc.

So for all you interested people: check these out... :lol: :lol:

https://www.youtube.com/c/ScammerRevolts/videos
https://www.youtube.com/c/JimBrowning/videos
https://www.youtube.com/c/KitbogaShow/videos
https://www.youtube.com/c/ScammersGotDeleted/videos

FinnGuyHelsinki
Posts: 1439
Joined: Sun Nov 08, 2009 8:52 pm

Re: Scam phone call from Microsoft?

Post by FinnGuyHelsinki » Sun Mar 28, 2021 8:52 pm

NukkuMatti wrote:
Sun Mar 28, 2021 5:37 am
That said, even than, the act of actually deleting the scammers files, which is supposedly illegal from a Finnish law point of view, is very difficult to prove for law enforcement. There is no evidence, the youtube video you make can be a staged event like for example the bounty hunter video's (almost all are staged). Research on you VM will be virtually impossible because with every restart of the VM, the evidence is gone. So basically I do not see the problem.
If you don't see a problem in breaking the law, I don't know what else to tell you.

NukkuMatti
Posts: 273
Joined: Fri Nov 20, 2015 9:51 pm

Re: Scam phone call from Microsoft?

Post by NukkuMatti » Thu Sep 09, 2021 8:27 pm

It seems that the amount of Microsoft support scams is increasing again, a little reminder for everyone:

DO not try this at home (without knowing what you do..)

How to keep busy in Corona time.....
Today I had so much fun,...
I have spent 3 hours of my too much free time, laughing my socks off, to waste 3 hours of the time of some Indian scammers..😎 🤣🤣😂
We have in Finland now again some invasion by phone from a "Microsoft support scam" (see youtube Jim Browning and Perogi for example, "scambaiter" is a good one too).

The Indian (accent) scammers called me yesterday (it began with a woman which then quickly was transferred to a man that said he is technical support).

However I had no suitable computer ready for him to screw up, so when they asked if I could go to my PC I had to ask them to call me back today.
So I prepared an old laptop which is running a program called "Deep Freeze" which makes everything you do after starting it up, disappear when you restart the laptop, like nothing happened and nothing is saved.
This is a nice function in case they put a virus on your PC or ransomware. Restart and all problems gone...

So I waited today for their call and they called.
I made a video of it with an old fashioned video camera, mainly for the sound and a little idea of what they try to do on your computer when you let them in.
I will edit the video because 3 hours is a bit too much..😱😱🤣🤪 and most of the time it was waiting anyway (and talking bullsh*t). Then I will post it to youtube and post the link maybe here... if I feel it is useful.

This is basically how the scam works:


They call you, then they try, with some stupid story, to convince you, you are having a problem on your PC and that you have been hacked...
It is important that you believe you have been hacked because it is the basis of their scam... while not so obvious in the beginning yet.

They will install several remote control programs so if they lose one connection, they might have another way to access your PC.
Then they will try to convince you that they are going to help you install safety features... nothing actually happens but the lazy bastards are just playing with you... biding their time.

They will several times ask you things about what you do on the PC and about banking, so after a while it becomes very clear they want you to log in to your bank for the reason of "installing encryption / safety measures" so they can CATCH the hackers... yeah right..🥱

So here you can already feel their plan.... they basically want soon to get access to your bank account to manipulate you to transfer a small sum somewhere or receive such sum.

Now it can go both ways but because Finland is not so well known for it's gift cards, so it will probably not end there, but in the end of the scam you will most likely see an altered page of your bank where it seems you got too much money from them and they will ask you to transfer it back to a Thai internet bank.
This is the moment a lot of victims lose their own money instead of non existent money of the scammer they say you got too much and need to pay back...
Well I wanted to see how they would handle the inability to go to your online bank from OP or Nordea etc. on the PC
They knew the bank names very well.

I told them I have only online banking with my phone by my finger print and my phone is locked by military encryption for my safety being 71 years old 😎🤪, by my Tech savvy son 🤣... so every attempt to install or even open the apple store will give me a popup tat says this action is not permitted, please contact your administrator. 🤣🤣🤣

So the scammer gave up on that one and tried to get access to my gmail... he wanted me to log in and while I log in show the password... yeah right... how dumb do these guys think I am... well that went wrong because again I said, hey I use email just on my phone.. he already forgot that I said I use the laptop for email.

Then he thought I would create a new email address, with my phone number... but I said I did not want that because google sells your info, so lets use a different email address as a reference...

Then he was getting enough of it (after 3 hours) and said he would continue to work on my PC but call back later...... NOT! 😂
After an hour I saw the mouse move and click while all remote programs were already closed, so he used a backdoor he implanted tot he laptop, so I clicked a window away while he was there and then it stopped, I waited another 5 minutes for him to call and then restarted the laptop, undoing everything he screwed up.

So......NEVER EVER LET MIRCROSOFT or any other for that matter get ACCESS TO YOUR PC...and certainly not open your banking page then....

Just tell them: Gadhe ki aulaad , which translates to something like: "you donkey's child" (got that one from a friend 😂)

So... I will start editing out the boring stuff and maybe soon upload some nice explaining video with this story (got 3 hours to cut small to let' s say 20 minutes 😱🤣)

Hope everyone else had as much fun today as me.. :lol:

May the force be with you all..

User avatar
agroot
Posts: 578
Joined: Sat Dec 22, 2018 5:04 pm

Re: Scam phone call from Microsoft?

Post by agroot » Sun Sep 12, 2021 11:58 am

NukkuMatti wrote:
Thu Sep 09, 2021 8:27 pm
So... I will start editing out the boring stuff and maybe soon upload some nice explaining video with this story (got 3 hours to cut small to let' s say 20 minutes 😱🤣)
Great work! :lol: :lol: :lol:


Did they install any rootkit or keyboard logging software?

NukkuMatti
Posts: 273
Joined: Fri Nov 20, 2015 9:51 pm

Re: Scam phone call from Microsoft?

Post by NukkuMatti » Mon Sep 20, 2021 1:15 pm

agroot wrote:
Sun Sep 12, 2021 11:58 am

Great work! :lol: :lol: :lol:

Did they install any rootkit or keyboard logging software?
No they probably run a session recorder on their end... with maybe a keylogger there.. to get my passwords etc... but I did not type any critical or known correct passwords anyway...

They just most likely installed a RAT (Remote Access Trojan) because before restarting the laptop, I first manually changed all login's for anydesk and showmypc and teamviewer and all the other remote access software, and let it run for another hour, and then after an hour I saw the mouse move. then I restarted the laptop. No more activity since then..

I had the laptop not on my home network either, just connected trough a phone hotspot..

But as said, I restarted the laptop and all rubbish was gone.
Nice program "Deep Freeze" from the company Faronics.. works good against randsomware as well.. The software basically creates a virtual hard drive when Windows starts up, where it writes all disk write operations to, which it uses for all disk operations, which is depending on your settings, copied to your real drive when closing, or discarded / removed / not saved to your real hard drive, when closing.

NukkuMatti
Posts: 273
Joined: Fri Nov 20, 2015 9:51 pm

Re: Scam phone call from Microsoft?

Post by NukkuMatti » Tue Oct 05, 2021 12:06 pm

I got a call again, from the same guys from Calcutta (captured the IP address with a Wireshark-like app on the phone used as hotspot, for the interested ones this is a good start: https://techwiser.com/wireshark-alterna ... or-android).

I was able to keep them busy for another hour, until they gave up after I mentioned I do not do internet banking at all.

The secondary route to get access to personal information is the email. They did not get in there as well hence I mentioned I use protonmail and it was set up by my son and I log in with my thumb print.. that I do not even know the password..

At the end the guy tried to stall and see if he could find anything on my laptop, he started a normal malicious software removal tool session from Microsoft defender and gave up after 15 minutes.

He did however install a backdoor which failed to shut down when closing windows, but after a reboot all was gone again 8)

Had a lot of fun laughing about the idiotic things they try to do to convince you there are hackers on your computer.

Scammer 0
Me 2 :lol:

User avatar
Oombongo
Posts: 1949
Joined: Mon May 01, 2006 11:19 am
Location: local sewer pipe

Re: Scam phone call from Microsoft?

Post by Oombongo » Wed Oct 06, 2021 11:13 am

Try to get their email address to send logs and instead send them dick pics :mrgreen:

Explaining the collection of dickpics to your partner, if any, would be another story

Perhaps you should start a blog or something about how you're screwing with the scammers
Image Image


Post Reply