[colug-432] "Interesting" Phone Call

Bill Baker bill_chris at earthlink.net
Fri Jun 22 20:12:53 EDT 2012 

Thanks.  I've actually seen the 999-999-9999 number pop up recently, so
maybe I'll have to answer those calls from now on.

On 06/22/2012 08:09 PM, Angelo McComis wrote:
> I don't remember now but IIRC it was an oddball like 123-456-7890 or
> 999-999-9999.
> 
> Obviously Skype routed.
> 
> I also try to quickly do a lookup via http://www.anireport.com on
> number w/o name caller ids that show up.
> 
> Angelo
> 
> 
> On Jun 22, 2012, at 7:03 PM, Bill Baker <bill_chris at earthlink.net> wrote:
> 
>> What phone number shows up on your caller ID when they call in?  I have
>> a habit of sending people to voicemail if I don't recognize the number,
>> but I might have to make an exception for these people.
>>
>> On 06/22/2012 05:15 PM, Angelo McComis wrote:
>>> I had the same call. I asked "which computer since there are 4 here". He
>>> says it doesn't matter. ???
>>>
>>> The guy had thick Hindi accent. I asked where he was calling from. He
>>> said New Jersey. I asked where in NJ and he tells me a city. I pulled up
>>> Google Earth and Yelp and located some Indian restaurants in the area.
>>> Asked if he goes there for lunch. Asked if his office is by the big
>>> park. If he ever goes to the park. I also pulled some local news. There
>>> was a big apartment complex fire. Asked if he saw it on tv.
>>>
>>> Never did go to his website. Told him I was typing it in (I wasn't). And
>>> kept asking him questions while I was waiting for the site to come up.
>>>
>>> I think (hope) I made a nice dent in his call stats for the day.
>>>
>>>
>>> On Jun 22, 2012, at 3:16 PM, Chris Embree <cembree at ez-as.net
>>> <mailto:cembree at ez-as.net>> wrote:
>>>
>>>> I saw a video of exactly what you're describing.  The guy was fast
>>>> enough to spin up a Win VM and play along for a while.  They of course
>>>> wanted to charge him for the service. ;)
>>>>
>>>> You can probably find it on YouTube.  I forget where I saw the link...
>>>> I am not your google monkey ;)  or !LMGTFY
>>>>
>>>> On Fri, Jun 22, 2012 at 4:03 PM, Rick Troth <rmt at casita.net
>>>> <mailto:rmt at casita.net>> wrote:
>>>>
>>>>    May I quote you on this?
>>>>
>>>>    I'm giving a talk next week on SSL.  It will include "trust models"
>>>>    and will lead to PGP and SSH and stuff like that.
>>>>
>>>>    One of the points will be "water cooler leaks", ie: that the biggest
>>>>    security holes are human.
>>>>
>>>>    This story is just too juicy to pass up!
>>>>
>>>>    -- Rick; <><
>>>>
>>>>
>>>>    On Fri, Jun 22, 2012 at 3:55 PM,  <jep200404 at columbus.rr.com
>>>>    <mailto:jep200404 at columbus.rr.com>> wrote:
>>>>> I got an "interesting" phone this afternoon from someone who
>>>>> claimed that my Microsoft Windows computer was sending them
>>>>> messages with passwords and other nifty secrets, and that they
>>>>> were calling to help me remove the bad software that sending
>>>>> the secrets. He asked if I was in front my computer. I asked
>>>>> if the problem was due specifically to MS Windows, and he
>>>>> confirmed yes. When I said that I did not have a Windows
>>>>> computer, he said he must have the wrong number and hung up.
>>>>> He had a south asian accent.
>>>>>
>>>>> When he asked if I was in front of my computer, I think he was
>>>>> going to have me go to some web site that would take over
>>>>> my computer under the guise of "helping me".
>>>>>
>>>>> If I had been thinking quicker, I would have booted Knoppix on
>>>>> a computer with no hard drive, then play along. With more
>>>>> preparation, wireshark, honeypots, and friends would be fun.
>>>>> A fun question _before_ visiting the sucker web site would
>>>>> be to ask what my IP address is (since they are getting
>>>>> messages from my computer) and how they got from my IP address
>>>>> to my phone number.
>>>>>
>>>>> _______________________________________________
>>>>> colug-432 mailing list
>>>>> colug-432 at colug.net <mailto:colug-432 at colug.net>
>>>>> http://lists.colug.net/mailman/listinfo/colug-432
>>>>
>>>>
>>>>
>>>>    --
>>>>    -- R;   <><
>>>>    '::1, sweet ::1'
>>>>
>>>>    _______________________________________________
>>>>    colug-432 mailing list
>>>>    colug-432 at colug.net <mailto:colug-432 at colug.net>
>>>>    http://lists.colug.net/mailman/listinfo/colug-432
>>>>
>>>>
>>>> _______________________________________________
>>>> colug-432 mailing list
>>>> colug-432 at colug.net <mailto:colug-432 at colug.net>
>>>> http://lists.colug.net/mailman/listinfo/colug-432
>>>
>>>
>>> _______________________________________________
>>> colug-432 mailing list
>>> colug-432 at colug.net
>>> http://lists.colug.net/mailman/listinfo/colug-432
>>>
>>
>> _______________________________________________
>> colug-432 mailing list
>> colug-432 at colug.net
>> http://lists.colug.net/mailman/listinfo/colug-432
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>

More information about the colug-432 mailing list