[colug-432] "Interesting" Phone Call

Chris Embree cembree at ez-as.net
Fri Jun 22 16:16:23 EDT 2012


I saw a video of exactly what you're describing.  The guy was fast enough
to spin up a Win VM and play along for a while.  They of course wanted to
charge him for the service. ;)

You can probably find it on YouTube.  I forget where I saw the link... I am
not your google monkey ;)  or !LMGTFY

On Fri, Jun 22, 2012 at 4:03 PM, Rick Troth <rmt at casita.net> wrote:

> May I quote you on this?
>
> I'm giving a talk next week on SSL.  It will include "trust models"
> and will lead to PGP and SSH and stuff like that.
>
> One of the points will be "water cooler leaks", ie: that the biggest
> security holes are human.
>
> This story is just too juicy to pass up!
>
> -- Rick; <><
>
>
> On Fri, Jun 22, 2012 at 3:55 PM,  <jep200404 at columbus.rr.com> wrote:
> > I got an "interesting" phone this afternoon from someone who
> > claimed that my Microsoft Windows computer was sending them
> > messages with passwords and other nifty secrets, and that they
> > were calling to help me remove the bad software that sending
> > the secrets. He asked if I was in front my computer. I asked
> > if the problem was due specifically to MS Windows, and he
> > confirmed yes. When I said that I did not have a Windows
> > computer, he said he must have the wrong number and hung up.
> > He had a south asian accent.
> >
> > When he asked if I was in front of my computer, I think he was
> > going to have me go to some web site that would take over
> > my computer under the guise of "helping me".
> >
> > If I had been thinking quicker, I would have booted Knoppix on
> > a computer with no hard drive, then play along. With more
> > preparation, wireshark, honeypots, and friends would be fun.
> > A fun question _before_ visiting the sucker web site would
> > be to ask what my IP address is (since they are getting
> > messages from my computer) and how they got from my IP address
> > to my phone number.
> >
> > _______________________________________________
> > colug-432 mailing list
> > colug-432 at colug.net
> > http://lists.colug.net/mailman/listinfo/colug-432
>
>
>
> --
> -- R;   <><
> '::1, sweet ::1'
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20120622/cf6c7515/attachment.html 


More information about the colug-432 mailing list