Sam Black samwwwblack@identi.ca

United Kingdom

Uses twice the recommended daily allowance of `dnf check-update`.

  • 2017-05-24T15:28:40Z via Identi.ca Web To: Public CC: Followers

  • 2017-05-22T14:40:10Z via Identi.ca Web To: Public CC: Followers

    I think I may have driven a scammer offline for the day by trying to reconnect to their "secure server".

    Today is a good day.
  • 2017-05-17T23:16:33Z via Identi.ca Web To: Public CC: Followers

    SMS import kept crashing, debug it to find "TODO: verify message exists before inserting it"; just adding `try/catch` would be better.
  • 2017-05-04T23:23:28Z via Identi.ca Web To: Public CC: Followers

    Finished updating https://lapwing.org and https://samwwwblack.lapwing.org to uikit3. Now with lots more orange.
  • 2017-05-04T20:41:51Z via Identi.ca Web To: Public CC: Followers

    UK citizens will have a ~1 in 10,000 chance of having their communications monitored in real time: https://www.theregister.co.uk/2017/05/04/uk_bulk_surveillance_powers_draft/

  • 2017-04-18T21:59:06Z via Identi.ca Web To: Public CC: Followers

    I'm concerned about the UK general election in June, as I expect the current Conservative government to make enough gains to be able to claim a mandate to conduct a massively reckless and damaging "hard Brexit".

    I'm very worried Labour (the current opposition) will just collapse, meaning that there isn't a sufficiently powerful and organised opposition to challenge the Government during the Brexit negotiations, nor in the domestic arena.

    Whilst I'd be very happy if the Liberal Democrats regained what they lost in 2015, they aren't, and wouldn't be, in a position to become the new opposition; for a feasible positive outcome, Labour would need to hold what they have now and the Lib Dems to regain what they lost, forcing the Conservatives into a minority Government, and I don't see that happening.

    The next 5 years aren't going to be fun.
  • 2017-04-18T21:38:45Z via Identi.ca Web To: Public CC: Followers

    20 minutes, 2 people.

    Standard stuff, `eventvwr` "Oh my goodness, 200 errors and warnings!", TeamViewer install, problems connecting, calling them out as a scammer, swearing and threats to come over to the UK to do unpleasant things to my non-existent daughter.

    It is possible the scammer would have been happier if I'd actually been at my computer and not in my bed, reciting what they wanted to hear from memory, making up the login details ("No, really, the password for TeamViewer is 'scammer!'") and asking if they liked being a scammer.

    Also confirmed that it was TalkTalk who lost our details, as the scammer reeled off the address and customer ID correctly.

    3/10 for the swearing, wouldn't use again.

    >> Sam Black:

    “[...] No, really, the password for TeamViewer is 'scammer!'" [...]”

    xDD

    JanKusanagi at 2017-04-18T21:41:28Z

  • 2017-04-13T10:08:14Z via Identi.ca Web To: Public CC: Followers

    36 minutes, 3 people.

    They could not get around TeamViewer constantly kicking me off the network, and in the end just gave up.

    0/10, wouldn't use again.

    Oh, these scammers didn't even make for a funny story!

    JanKusanagi at 2017-04-13T12:01:44Z

  • 2017-04-07T12:47:39Z via Identi.ca Web To: Public CC: Followers

    Two 30 minute calls, both interesting.

    First, standard stuff, fairly dull.

    Except they couldn't work out how to use copy&paste in the `cmd` terminal; I think they kept having the terminal selected when they hit CTRL+C, thus ending their "scan", and because they hadn't actually copied anything, the subsequent CTRL+V didn't work.

    They did seem to get fairly annoyed about that, and told me they were scanning all the devices on the network, hence why it was stopping.

    They then started poking around the running processes and services, and I though the jig was up when they highlighted the Spice-VDAgent process used for `libvirt` support.

    No, they just carried on, and tried to setup unattended access in TeamViewer, and got incredibly annoyed when it asked for a password.

    Whether it was the annoyance or knowing I was intentionally winding them up, they tried to `syskey` my machine.

    `syskey` controls the Windows user database encryption, and allows putting a password on it, and on next boot the password is required to allow people to log in.

    As you can imagine, the scammers do this to either extort money for the password or purely out of malice.

    It is, of course, completely ineffective against a virtual machine with snapshots.

    When challenged, they were adamant they weren't putting `syskey` on my machine, and just needed the admin user password to run their tools, and were more annoyed when I told them they were trying to `syskey` a virtual machine I could have back running in 5 minutes.

    The second call was also standard, `eventvwr`, hand off to senior supervisor, show me more errors, except they couldn't work TeamViewer, and couldn't get remote control.

    Working around this, they tried the AnyDesk website, and the "Unable to connect" error message was nothing to do with the `hosts` file having `anydesk.com` as 0.0.0.0.

    We visited the W3C validator again, and they then asked me to log into my email and bank sites.

    I would have happily complied, except I can't remember the password for the dummy email address I created, and `accounts.google.com` also resolves to 0.0.0.0, for some unknown reason; probably those pesky hackers.

    The bank site also didn't like my "HiScammers!" login, and the scammers didn't like me reading the news article about TalkTalk scam callers.

    Amusingly, the "senior supervisor" disconnected from the call, but didn't hang up, and me continually saying "Hello" seemed to have tricked their call handling software into thinking I was a new call, and I had the same lady launch into their spiel about being from TalkTalk, except I seemed to have really broken it as another person joined the call; they hung up when they realised.

    4/10 for being the first to try `syskey`, and 3/10 for the amusing call mishap, no swearing though.

    Wouldn't use again.
  • 2017-04-03T10:35:21Z via Identi.ca Web To: Public CC: Followers

    I've had so many in the past few days that I've merged them into a "highlight" reel.

    1. 1:15 ish, pass on the number of people.
    2. 41 minutes, 3 people (I think)
    3. 10 minutes, 1 person

    Standard stuff for most, `eventvwr`/`msconfig`, get TeamViewer, run a "scan" with `tree` whilst they type some nonsense about broken internet security, router needing replacement and me eligible for a refund.

    The interesting thing is that most of the scammers now ask you to remote into their machine, as after a number of outgoing connection requests TeamViewer limits the connection time to 5 minutes: not ideal if you need longer than that to explain the "scan" and get the victim's bank details.

    I only discovered this timeout after I connected to the first scammers, and the connection kept dropping, lengthening the call.
    They hung up after I tried to log into my bank account with the username "HiScammers!"

    Second lot were also standard, until I asked them if their scam wasn't working; protip, stopping `explorer.exe` and `iexplore.exe` is not going to inconvenience me, and no, you don't know what a virtual machine is.

    Third didn't even get as far as connecting, claimed to be a follow up call from Friday, as they needed to finish the work.
    They tried connecting to me, but TeamViewers new "This is a scam" warning appeared (I'd like to take credit for this, but I'm guessing TeamViewer haven't yet reviewed my report).
    They did swear at me when I asked if their scam hadn't worked.

    So, scores:

    1. 2/10
    2. 2/10
    3. 3/10

    Wouldn't use again.
  • 2017-03-31T16:31:45Z via Identi.ca Web To: Public CC: Followers

    To TeamViewer's credit, they have updated their help article on how to report scam/fraudulent TV IDs: https://community.teamviewer.com/t5/Knowledge-Base/TeamViewer-and-scamming/ta-p/4715

  • 2017-03-30T15:49:32Z via Identi.ca Web To: Public CC: Followers

    FFS.

    TeamViewer are now restricting sending support tickets to those with accounts.
  • 2017-03-30T15:18:11Z via Identi.ca Web To: Public CC: Followers

    45 minutes, 2 people.

    Since I had the Win10 VM open from earlier, I used that for this call.

    Standard stuff, `eventvwr`, "My goodness, all those error and warnings"...

    Installed TeamViewer, then gave me their ID and password.

    I was greeted by a "TalkTalk Technical Department" background, and they were telling me to switch so they could see my screen.

    I assume this was to reassure me that, yes, I was talking to the TalkTalk Technical Department.

    I did switch screens, after having a quick look around their files and copying some across.

    Interestingly, they had me open `cmd`, and type in `cd/` and `tree`.

    We're now self service scamming!

    The `tree` command finished quicker than they were expecting (They didn't notice the `^C` in the terminal), and I watched them paste `color cf` (red background) and some gumpf about "Internet Software Warranty expired", my router requiring replacement and the refund I was entitled to.

    The refund was for the fact that we were paying TalkTalk £7/m for the "Internet Software Warranty", and since it had expired, we were in for a refund of it.

    Yeah, I don't get that either.

    To process my refund, they had to get me to log into my bank, and would only allow me to use Chrome or Firefox; amusingly, to do so, they had me type `iexplore www.google.com` to get Chrome.

    I don't get that either.

    Whilst they were trying to get me to download Chrome, I noticed I could switch screens back to theirs, and there was a momentary panic on the remote desktop (Windows XP FFS!) as they disconnected.

    Reconnecting again, and I was again greeted by the "TalkTalk Technical Department" background, and started to copy the files from their desktop, as they looked much more interesting.

    The session dropped, and I heard another voice in the background, and I think they mentioned transferring and files, at which point the caller tutted and hung up.

    As an aside, I've noticed that these cold call scammers seem to have a "voice" and a "tech", in that the person on the phone doesn't seem to be the same as the one accessing the VM; the "voice" doesn't know what's on the screen, is asking to confirm what I'm seeing and I'm pretty certain I could hear in the background the "tech" relaying to the "voice" what I was doing.

    The files I pulled contained 5 peoples contact information, and notes about when to call back, the computer they had, and who to ask for.

    One of those was an OAP/Senior.

    This is why I waste their time, so even if I just rate limit them for 30-60 minutes, just slow them down a bit, it'll prevent as many people falling for this scam.

    Aren't you afraid that you're, in a way, making them learn to be better scammers?

    JanKusanagi at 2017-03-30T15:40:55Z

    Not really.

    They (as a collective) have been ringing us for over 2 years, and none of them have done any sort of checks for a VM or scambaiting, and most don't even admit they're scamming when I call them out.

    I think for every person wasting their time, they've probably hit 60-100 who don't, and it only takes a few of them to be conned to make it worthwhile.

    Honestly, if I did cause them to pause and check, more people would hang up on them because, depressingly, most people would be frustrated it was taking too long, rather than them knowing it was a scam.

    Sam Black at 2017-03-30T16:06:13Z

  • 2017-03-30T09:59:54Z via Identi.ca Web To: Public CC: Followers

    14 minutes, 1 person.

    Started my Linux VM in anticipation of going straight to TeamViewer, instead ended up looking at `eventvwr`.

    No issue, start my Windows 10 evaluation VM .... and wait ............ and wait ....... and load `eventvwr`...... and wait ......... and wait ....... OK.

    Oooooh, so many errors and warnings caused by "files from insecure sites" and "malicious programs you've downloaded without knowing about".

    Try to download TeamViewer, and wait, ........... and wait ...................... force the VM off, double the RAM to 8GB....... and wait ....... and wait ............................ now downloading.

    The caller hung up before we actually got to installing TeamViewer.

    Disappointed the Win10 VM performed so shockingly badly, worse than ReactOS.

    1/10 for no patience, wouldn't use again.

    Ben Sturmfels likes this.

  • 2017-03-28T23:32:36Z via Identi.ca Web To: Public CC: Followers

    58 minutes, sounded like most of the office on speakerphone.

    I finally got the scammers to engage in swearing and namecalling, and they didn't win the exchange.

    Standard opening, booted up ReactOS and "installed" TeamViewer.

    This caused a bit of a problem, as by default TeamViewer only has a 4 number passcode, and I'd changed it to a 6 alphanumeric characters, and they were getting annoyed when I kept giving them letters.

    Unfortunately, ReactOS crahsed when they connected, and did so a few more times.

    More unforunately, they gave me their login and passcode to get access to their machine, which was unexpected and I was going to have some fun with the information I could get, but ReactOS again crashed.

    Rather frantically started my Linux VM, installed TeamViewer, and got it running whilst the LogMeIn attempts "failed".

    Once connected, they didn't seem to notice that "Windows+R" wasn't working, the terminal wasn't opening, nor that my browser was completely blank, and just kept going with the script.

    Tried to log into my email account, and then got to logging into my bank account, both of which "failed".

    After this, they told me they were determined to remove the viruses and hackers from my computer, email and bank account, but needed access to do so.

    At this point, I called them out, and they were emphatic they weren't scammers, and thus began the trading of barbs.

    They weren't very good at it, and their attempts at getting a rise out of me backfired when they got more upset when I asked them pretty much the same questions back.

    The last man I spoke to became especially flustered, as after suggesting various female members of my family had left lingerie at his house, I suggested that he was actually the owner and enjoyed wearing them, and I wouldn't judge him if he told me; I'm a liberal Western man, and however he gets his kicks is up to him.

    The stuttering soon petered out into exasperation, as they were "trolling" me, they had nothing else to do and my use and understanding of Hindi swear words was amateur and boring.

    I'm aware my "rules" for scambaiting include not engaging in the swearing, but in my defence most of it was, "No, you're the ...".

    8/10, which includes a bonus point for being the first to attempt insulting me.

    Still wouldn't use again.

    You should compile all of these into a book xD

    JanKusanagi at 2017-03-28T23:40:13Z

    Nah, I can't write and there are many better scambaiters than me.

    Sam Black at 2017-03-30T10:03:02Z

  • 2017-03-23T22:25:32Z via Identi.ca Web To: Public CC: Followers

    Apologies for the deletion spam, but all the duplicates were causing me to twitch.

    Dana likes this.

    Not a problem.


    The initial issue should be resolved now =)

    JanKusanagi at 2017-03-23T23:12:33Z

  • 2017-03-22T20:38:42Z via Identi.ca Web To: Public CC: Followers

    Don't know why identi.ca decided to post that so many times.