A UK cybercrime vigilante was so incensed by tech support scammers he reverse-hacked the call centre in India to reveal CCTV footage of perpetrators as they ripped off their victims in real-life calls.
Publicised by a BBC documentary, the hack was the work of ‘Jim Browning’ (not his real name), who has acquired a following on his YouTube channel for his campaigns to expose how these crimes work and the individuals behind them.
During 2019, Browning said he was able to identify dozens of call centres in India where many of tech support scams targeting English speakers originate.
Tech support scams typically involve phoning people in the UK or US claiming to represent a large company such as Microsoft and tricking them into allowing remote access to the computer after claiming it is infected with malware (scams also use malware pop-ups or poisoned search engine results containing fake support numbers).
If victims are reluctant, scammers will often up the ante by claiming that child abuse imagery has been detected which they must clean up or will have to report to the police.
The sums charged for bogus recovery can range from $80 to $1,000 or more. Hundreds of thousands of people fall for these scams every year netting the individuals behind the frauds huge sums.
It’s a cheap crime to pull off and, until recently, the chances of being caught were close to zero because investigating scammers thousands of miles away can be difficult.
It’s into this space that digital vigilantes have stepped, using a variety of techniques to bait, torment and, in the case of Browning, directly hack and expose the identifies of the people carrying them out.
Don’t try this at home
Browning told the BBC his technique is to allow scammers to connect to his computer, which has been set up to attack the scammer’s computer back using the same remote desktop connection.
He doesn’t say how he does this – that might depend on the software being used – but the use of a virtualised operating system to isolate the scammer’s activity, some form of reverse RDP attack, and the use of common hacking tools, seems likely.
In what he described as his most successful hack back yet, Browning was able to remotely access the CCTV webcams inside and outside the call centre used in one scam campaign, accessing recordings of 70,000 calls.
Footage captured included staff entering and leaving the building in Kolkata, milling around in its communal kitchen, and sitting at their desks, headsets on, making scam calls.
To the untrained eye, it just looks like well-dressed young people working in an office and yet some of the images clearly show the crimes being committed on-screen.
Browning was even able to record the fraudsters live as they sat at their desks trying to convince him to pay a fee to clean his own computer.
When one scammer claimed he was based in San Jose, the watching Browning decides to have fun:
Can you name me one restaurant in San Jose?
The scammer quickly turns to Google to locate a name, to which Browning quips:
Without looking at Google.
Interestingly, the scammers nabbed by Browning were trying the classic Windows support scam, whose popularity shows no sign of waning despite attempts by Microsoft to shutter them.
Hacking back
The BBC traced some of the victims of the hacked call centre, locating call exchanges in which they were defrauded out of hundreds of pounds each.
Browning’s work sounds like just desserts, but he acknowledges the techniques he uses are illegal under UK and US law, hence his reluctance to identify himself. Browning told the BBC:
I do not try and gain access to someone’s computer unless they’re trying to scam me.
Although the evidence gathered by the latest hack back should be interesting to police – named individuals are easily identified in the act of committing crimes – police never endorse digital vigilantism. Evidence must be gathered and documented carefully to be passed to the Indian authorities so prosecutions can take place.
Hacking back is a contentious topic in the US where there have been several attempts to legalize it, in the face of strong objections from some in the computer security industry.
Although few scam callers in the UK and the US see their money again, there is evidence that the Indian call centre operators have recently come under more pressure. In 2018, 16 call centres were raided by police, with a second bust netting another 28 centres in late 2019.
But there are hundreds that remain in operation. The business is simply too profitable to give up on.
Latest Naked Security podcast
LISTEN NOW
Click-and-drag on the soundwaves below to skip to any point in the podcast. You can also listen directly on Soundcloud.
andyjgw
I did see one of these guys doing it, apparently it’s common for some clients such as TeamViewer to display a warning when being connected to from afar warning about scams. The video I’d seen on Youtube, the scammer actually had the client connect to his (the scammer’s) machine, thus bypassing that warning. Whether that’s common or not, no idea.
As such, he was able to upload some crypto malware and lock the guy’s PC – he had a fight controlling the mouse and getting the scammer to click the link tho.
Notme
Jim Browning is my new hero.
Ituk Uppoo
If there ever was a country or reason for Trump to start a war, these scammers are ‘IT’. Why doesnt the media (CNN) go after and report on them as well as when they are raided and stopped?
Spryte
Canada’s broadcaster, CBC, did a n expose on these crooks last year and managed to shut down a few with the cooperation of the Indian police and the RCMP. But there are still many more.
Thumbs up for Jim!
Rex
The new Coronavirus has people on edge. It’s only a matter of time these same scammers will use this to REALLY get rich. So get ready. They are already calling as the CDC seeking deposits and advanced payments for early vaccinations. That don’t yet exist. My mother 85 years old was somehow called. I have her programmed to hang up on everybody’s calls she doesn’t know / understand clearly though.
Frankenstein
Amazing , he has done a great job . I am from India as well
parkermccoy
This is so awesome! Jim is doing great work. I’ve had this tried on me before as well. It’s so low-down but I’m glad to see Jim helping people out and setting things right. I subscribed to his Youtube channel and will be watching along! Great job, Jim!!
Jane
I’m glad Jim is getting the recognition he deserves. He may not be the most entertaining of the scambaiters but he’s always informative
Danny
Well done Jim, having very nearly succumbed to a scam like this I felt utterly helpless, I am so glad that there are people like Jim with the knowledge and experience to fight back at this type of crime. I would give Jim a big shiny medal.
brandon J dyer
It’s funny because earlier this indian dude tried scam me saying “Thank you for being a preferred reward customer of Windows. Your Windows Security has been renewed automatically and amount of $299.99 will be charged on 03/10/2020. If you have any query related to Billing, Technical Support or Cancellation of your services please feel free to reach us on ###### We will look forward to serve you better next time” last time I checked its free.99 when you install Windows on your computer lol. After wasting about 12 mins of his time I told him to eat a D**k and hung up. What pissed me off was how shitty his attempt was.
Tony Pickering
I’ve had several of these so called tech support calls. I’m a retired IT technician and computer installer. I’m well aware of their intention. So I pretend to be a bit of a doddery old giffer, (actually, I am) and keep them talking for as long as possible and only reveal my knowledge when they ask me to put the id and password in TeamViewer, Logmein VNC or one of the others remote control progs. On one occassion I had some female going for about twenty minutes when the battery ran out on my cordless phone. Blow me if she didn’t call me back a couple of minutes later which I picked up on the other cordless phone in my bedroom. At the login point I told her about my experience; she didn’t believe me. Finally she started swearing at me before ringing off. I would love to have Jim’s knowledge and do what he’s doing.
I often wonder if, one day, I’ll be senile enough to fall for one of those scams. So let’s get rid of them any way we can.
Divyanshu Mishra
Not only in UK, and US, these bloody scammers scam good people in India too. These scammers are are not humans, they do not care for others, they just want to become rich.
As an Indian, I feel so bad about the reputation of India, being damaged by such greedy people. I feel ashamed. Its the fault of the government and laws, which allow such criminals to escape the punishments. Only because of the human rights, all criminals escape law and justice. Our government is trying its best to stop this, but there are bad people in our country, especially those uneducated, unemployed, good for nothing folks, and rise in the level of alcohol consumption, cigarette, weed, drugs, porn, human beings are turning into such bastards.
I am very sorry for their crimes against the world. Not their advocate, but a patriot.
That’s all I can say.
Mark Williams
They just try to scam me in Australia but thanks to your channel I told them that I thought they were a joke and he swore ate me lots and hung up lol!! Thanks for putting your vids out for there
Greg
Jim Browning has pointed out that one of the biggest obstacles to shutting down these scam call centers is an utter lack of interest in doing so by the Indian police. It’s likely that the police acted on this one specific instance due to the worldwide coverage (and embarrassment).
Louise
I had a call yesterday from an Indian scammer claiming to be from Microsoft who insisted I was using a computer running a Windows operating system. So I told him I don’t have a windows machine I use an Android tablet so how can a machine I don’t use be sending out malicious software, I asked him!!
He went beserk and I slammed the phone down on him, pain in the ass. This is the reason I usually unplug my landline phone, to stop nuiscance calls, however, now and again I enjoy winding them up, keep them on the line for 20 minutes by pretending to be in the Windows regsitry then tell them I am using Linux Ubuntu
SkyDancer
I’ve had heaps of scam calls and sometimes would act like an idiot (my record is keeping them on the phone for 45 minutes until I told him I was running Deepin Linux) or else ask them why they want access to my Event Viewer.
They’ve tried to tell me my internet was going to be disconnected at midnight so I said awesome, I hate the internet, be good to have a break.
I’ve also told them that I was in my datacentre and asked which of the 64 servers were compromised.
I had a computerised voice saying about my Amazon account, so after waiting a bit I got to speak to a “human” who was babbling on about my Amazon account (I don’t have one!) so I waffled on about the deforestation of the Amazon rainforest and how terrible it was.
My favourite though was some idiot calling me about my internet (I still have a fairly strong Scottish accent) so I said Auchermuchty 291 when I answered the phone and he starts babbling away about my internet connection… I said I know nothing about it, and would have to get in touch with Hamish McBagpipe as he is the closest computer guy, and was the one who put a saucer on the roof of my croft, but he lives on another island and would take at least 2 days to get to me as he has to drive 100 miles just to catch the ferry but
he charges 150 euros to come out and I can’t afford it. I also told him I had to grow carrots & potatoes so I have something to eat and had to dry peat out to use for heating and cooking. I also told him I also had to use a generator to use when I lost power, then when I finished I told him he was an eejit and did not sound like any I’ve ever heard of. I also told him there wasn’t any shops on the wee island so I couldn’t even go get them an iTunes card (me: iTunes? whats an itune?)
Then he lost the plot and said he was going to **** my mum! I said you’re a wee bit late, she was cremated 20 years ago and we scattered her ashes in Loch Lomond. That set him off even more and I laughed at him, and every time he tried to say something I laughed my ass of at him.