[colug-432] "Interesting" Phone Call
Bill Baker
bill_chris at earthlink.net
Fri Jun 22 20:01:44 EDT 2012
What phone number shows up on your caller ID when they call in? I have
a habit of sending people to voicemail if I don't recognize the number,
but I might have to make an exception for these people.
On 06/22/2012 05:15 PM, Angelo McComis wrote:
> I had the same call. I asked "which computer since there are 4 here". He
> says it doesn't matter. ???
>
> The guy had thick Hindi accent. I asked where he was calling from. He
> said New Jersey. I asked where in NJ and he tells me a city. I pulled up
> Google Earth and Yelp and located some Indian restaurants in the area.
> Asked if he goes there for lunch. Asked if his office is by the big
> park. If he ever goes to the park. I also pulled some local news. There
> was a big apartment complex fire. Asked if he saw it on tv.
>
> Never did go to his website. Told him I was typing it in (I wasn't). And
> kept asking him questions while I was waiting for the site to come up.
>
> I think (hope) I made a nice dent in his call stats for the day.
>
>
> On Jun 22, 2012, at 3:16 PM, Chris Embree <cembree at ez-as.net
> <mailto:cembree at ez-as.net>> wrote:
>
>> I saw a video of exactly what you're describing. The guy was fast
>> enough to spin up a Win VM and play along for a while. They of course
>> wanted to charge him for the service. ;)
>>
>> You can probably find it on YouTube. I forget where I saw the link...
>> I am not your google monkey ;) or !LMGTFY
>>
>> On Fri, Jun 22, 2012 at 4:03 PM, Rick Troth <rmt at casita.net
>> <mailto:rmt at casita.net>> wrote:
>>
>> May I quote you on this?
>>
>> I'm giving a talk next week on SSL. It will include "trust models"
>> and will lead to PGP and SSH and stuff like that.
>>
>> One of the points will be "water cooler leaks", ie: that the biggest
>> security holes are human.
>>
>> This story is just too juicy to pass up!
>>
>> -- Rick; <><
>>
>>
>> On Fri, Jun 22, 2012 at 3:55 PM, <jep200404 at columbus.rr.com
>> <mailto:jep200404 at columbus.rr.com>> wrote:
>> > I got an "interesting" phone this afternoon from someone who
>> > claimed that my Microsoft Windows computer was sending them
>> > messages with passwords and other nifty secrets, and that they
>> > were calling to help me remove the bad software that sending
>> > the secrets. He asked if I was in front my computer. I asked
>> > if the problem was due specifically to MS Windows, and he
>> > confirmed yes. When I said that I did not have a Windows
>> > computer, he said he must have the wrong number and hung up.
>> > He had a south asian accent.
>> >
>> > When he asked if I was in front of my computer, I think he was
>> > going to have me go to some web site that would take over
>> > my computer under the guise of "helping me".
>> >
>> > If I had been thinking quicker, I would have booted Knoppix on
>> > a computer with no hard drive, then play along. With more
>> > preparation, wireshark, honeypots, and friends would be fun.
>> > A fun question _before_ visiting the sucker web site would
>> > be to ask what my IP address is (since they are getting
>> > messages from my computer) and how they got from my IP address
>> > to my phone number.
>> >
>> > _______________________________________________
>> > colug-432 mailing list
>> > colug-432 at colug.net <mailto:colug-432 at colug.net>
>> > http://lists.colug.net/mailman/listinfo/colug-432
>>
>>
>>
>> --
>> -- R; <><
>> '::1, sweet ::1'
>>
>> _______________________________________________
>> colug-432 mailing list
>> colug-432 at colug.net <mailto:colug-432 at colug.net>
>> http://lists.colug.net/mailman/listinfo/colug-432
>>
>>
>> _______________________________________________
>> colug-432 mailing list
>> colug-432 at colug.net <mailto:colug-432 at colug.net>
>> http://lists.colug.net/mailman/listinfo/colug-432
>
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
More information about the colug-432
mailing list