[colug-432] "Interesting" Phone Call

Angelo McComis angelo at mccomis.com
Fri Jun 22 20:09:03 EDT 2012 

I don't remember now but IIRC it was an oddball like 123-456-7890 or
999-999-9999.

Obviously Skype routed.

I also try to quickly do a lookup via http://www.anireport.com on
number w/o name caller ids that show up.

Angelo


On Jun 22, 2012, at 7:03 PM, Bill Baker <bill_chris at earthlink.net> wrote:

> What phone number shows up on your caller ID when they call in?  I have
> a habit of sending people to voicemail if I don't recognize the number,
> but I might have to make an exception for these people.
>
> On 06/22/2012 05:15 PM, Angelo McComis wrote:
>> I had the same call. I asked "which computer since there are 4 here". He
>> says it doesn't matter. ???
>>
>> The guy had thick Hindi accent. I asked where he was calling from. He
>> said New Jersey. I asked where in NJ and he tells me a city. I pulled up
>> Google Earth and Yelp and located some Indian restaurants in the area.
>> Asked if he goes there for lunch. Asked if his office is by the big
>> park. If he ever goes to the park. I also pulled some local news. There
>> was a big apartment complex fire. Asked if he saw it on tv.
>>
>> Never did go to his website. Told him I was typing it in (I wasn't). And
>> kept asking him questions while I was waiting for the site to come up.
>>
>> I think (hope) I made a nice dent in his call stats for the day.
>>
>>
>> On Jun 22, 2012, at 3:16 PM, Chris Embree <cembree at ez-as.net
>> <mailto:cembree at ez-as.net>> wrote:
>>
>>> I saw a video of exactly what you're describing.  The guy was fast
>>> enough to spin up a Win VM and play along for a while.  They of course
>>> wanted to charge him for the service. ;)
>>>
>>> You can probably find it on YouTube.  I forget where I saw the link...
>>> I am not your google monkey ;)  or !LMGTFY
>>>
>>> On Fri, Jun 22, 2012 at 4:03 PM, Rick Troth <rmt at casita.net
>>> <mailto:rmt at casita.net>> wrote:
>>>
>>>    May I quote you on this?
>>>
>>>    I'm giving a talk next week on SSL.  It will include "trust models"
>>>    and will lead to PGP and SSH and stuff like that.
>>>
>>>    One of the points will be "water cooler leaks", ie: that the biggest
>>>    security holes are human.
>>>
>>>    This story is just too juicy to pass up!
>>>
>>>    -- Rick; <><
>>>
>>>
>>>    On Fri, Jun 22, 2012 at 3:55 PM,  <jep200404 at columbus.rr.com
>>>    <mailto:jep200404 at columbus.rr.com>> wrote:
>>>> I got an "interesting" phone this afternoon from someone who
>>>> claimed that my Microsoft Windows computer was sending them
>>>> messages with passwords and other nifty secrets, and that they
>>>> were calling to help me remove the bad software that sending
>>>> the secrets. He asked if I was in front my computer. I asked
>>>> if the problem was due specifically to MS Windows, and he
>>>> confirmed yes. When I said that I did not have a Windows
>>>> computer, he said he must have the wrong number and hung up.
>>>> He had a south asian accent.
>>>>
>>>> When he asked if I was in front of my computer, I think he was
>>>> going to have me go to some web site that would take over
>>>> my computer under the guise of "helping me".
>>>>
>>>> If I had been thinking quicker, I would have booted Knoppix on
>>>> a computer with no hard drive, then play along. With more
>>>> preparation, wireshark, honeypots, and friends would be fun.
>>>> A fun question _before_ visiting the sucker web site would
>>>> be to ask what my IP address is (since they are getting
>>>> messages from my computer) and how they got from my IP address
>>>> to my phone number.
>>>>
>>>> _______________________________________________
>>>> colug-432 mailing list
>>>> colug-432 at colug.net <mailto:colug-432 at colug.net>
>>>> http://lists.colug.net/mailman/listinfo/colug-432
>>>
>>>
>>>
>>>    --
>>>    -- R;   <><
>>>    '::1, sweet ::1'
>>>
>>>    _______________________________________________
>>>    colug-432 mailing list
>>>    colug-432 at colug.net <mailto:colug-432 at colug.net>
>>>    http://lists.colug.net/mailman/listinfo/colug-432
>>>
>>>
>>> _______________________________________________
>>> colug-432 mailing list
>>> colug-432 at colug.net <mailto:colug-432 at colug.net>
>>> http://lists.colug.net/mailman/listinfo/colug-432
>>
>>
>> _______________________________________________
>> colug-432 mailing list
>> colug-432 at colug.net
>> http://lists.colug.net/mailman/listinfo/colug-432
>>
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432

More information about the colug-432 mailing list