Scam-baiting YouTube channel Tech Support Scams taken offline by tech support scam The Tech Support Scams YouTube channel has been erased from existence in a blaze of irony as host and creator Jim Browning fell victim to a tech support scam that convinced him to secure his account – by deleting it. "So to prove that anyone can be scammed," Browning announced via Twitter following the attack, "I was convinced …
This post has been deleted by its author
All the time his YT channel is down, his Patreon channel won't get new subscribers. That's where the main income comes from.
I've enjoyed his channel immensely over the years, its "hype free" format suits my taste. Here's hoping he can recover it. Of course he may choose not to, I'm sure there will be fresh job opportunities based on his demonstrated skills, although turning your hobby into your job leaves you without a hobby:(
It's a sad sign of times that being so cynical I wasn't the first one to think of it. Or second. Or third. Or...
...
and in a couple of days he'll come back to explain how it was 'organized' to support this Great Cause of fighting cancer / coronavirus / mars pollution / etc.
Tech support scams have been going on for about as long as people have needed technical support, but a report published by Microsoft last month suggested the volume may be declining.
That shows how much you should trust a report from microsoft.
Calls to my phone claiming to be from Microsoft Support have risen from every couple of nonths to every second day.
I ask "when does your telemetry tell you I last rebooted Windows?". When they give any answer less than 6.5 years, I tell them they are lying scum and should stop trying to scam people and get a proper job instead, they usually hang up. One was very persistent though and insisted I should sit in front if my computer and click the start button. He just wouldn't believe that there is no start button on my screen. He couldn't even conceive of anybody having Whisker menu at the top of the screen instead of the bottom and had me describing everything i could see along the bottom of my screen which of course is nothing but background.
In fairness, just because someone has been calling you more doesn't mean the aggregate goes that way. If we're battling anecdotes, I have been waiting for a tech support scam call because it seems much easier to waste their time when they have to have a person on the call. I'm still not sure if it's disappointing or nice that I haven't gotten any. I do get automatic scams where the robot wants me to confirm I'm gullible before they put a more expensive human on the call.
What's the British Gas scam?
Had the BT scam - just told the lady that my broadband is working fine as I had been up loading pron all morning. She just hung up on me.....
Had the NI scam - had a "policeman" call with the most boring English name, (IIRC Paul Smith?) but a very strong Indian accent. I took a chance and called him "W*nker" Smith several times and he didn't even notice....
Probably. I wasted half an hour of the time of the first scammer who ended up frustrated and screaming down the phone at me and I then feigned being horribly upset and asked to speak to somebody else, and allowed his manager to calm me down and agree that their customer service could use some work before stringing him along for another ten or so minutes before he eventually slammed the phone down so hard it must have damaged the handset.
Look, everybody who works in IT must have dealt with a huge number of painfully clueless users over the course of your career. Pretend that you are a compilation of the most worst of the lot running on a really old computer.
I pick an old slow Win98SE box running purely in my virtual nightmares. Let them talk you through enabling remote access (they generally want to RDP in; which wasn't possible on 98SE...) at which point they'll give you a link to download a bit of remote access software. Be as obtuse as possible in getting the website up. You can get the URL wrong a few times, not press the enter button after typing it in and then be told that IE4 won't open the webpage and let them talk you through installing chrome or Firefox.
Then you can say that the firewall blocks the site, the AV blocks their remote access tool (you can let them talk you through uninstalling them sequentially and rebooting at each point only to discover the next problem) and then do a "not compatible software" error or BSOD on them.
Treat it as a game; and score yourself. The longer you keep them on the phone the higher your score.
As a rule; they must feel that they are making progress to keep on the phone. It can be helpful to google "test credit card numbers" if you think that you re losing them and offer them one of them so they can take "payment" for their "services". A test card number is intended for verifying integrations work correctly and when used will appear to work properly and produce a confirmation report as if it works, but won't process a payment. ;)
The problem to getting a really high score is that they realise that they are being played and they will put you on a blacklist which appears to be shared between scammers so you can't keep playing. :/
> A test card number is intended for verifying integrations work correctly and when used will appear to work properly and produce a confirmation report as if it works, but won't process a payment.
Too bad there aren't "Canary" numbers which can be used to alert providers/banks of nefarious activity/payment handlers
Even the 1980s security systems I was using back in the 1980s had "duress" codes - these would open the door but set off silent alarms just about everywhere
Yes, I have often thought that it's a terrible oversight when doing this sort of thing. As I say though it's irrelevant; I don't get scam calls anymore because (presumably?) i'm on a blacklist.
If anybody is working for a bank then consider suggesting this in an internal meeting; it'd be an obvious way of adversely impacting scammers. Just wasting half an hour (and seriously stressing the spammer out though is a worthy exercise in it's own right though because it stops them from scamming somebody else in the meantime.
About the stressing the scammer out bit? Essential work that.
Me: I'm stuck.
Scammer: What do you have on the screen?
Me: It's telling me to press a button to continue and I can't find it on the keyboard.
Scammer: Which button does it want?
Me: The "Any" button.
Scammer: The which button? There no key called that on keyboard
Me: That's why i'm stuck.
Scammer: . . .
Scammer: Just press any button on the keyboard
Me: <distressed>I just told you I can't find it!
Scammer: <getting quite irritated>
Also don't also forget the "overly literal" entry of instructions when they don't have remote access.
Scammer: Type Control Panel.
Me: Controlpanel?
Scammer: Yes
Me: Controlpanel not found
<several minutes of debugging later>
Scammer: Did you type Control Panel with a space?
Me: No, you didn't ask me to.
Scammer: <snarls> Type Control SPACE Panel
Me: Controlspacepanel not found
Scammer: <loses temper>
Me: <sob> i'm just doing exactly what your telling me to do!
You can have soooo much fun with this sort of thing. Usually best to placate with a sense of progress when you get them angry which lets you keep pushing them over the edge at will. Don't forget to complain about their attitude and customer service skills, and ask to speak to their manager if you think your close to them hanging up on you. I'm fairly sure that I had one chap ranting about me in the background, bless. (not that I could understand with it not being in English, but the tone of pissed off ranting sounds pretty similar in Indian)
@Peter2
Dont forget things like entering whateversitedotcom instead of whateversite.com or when asked to input numbers, to ask if they are upper case or lower case. Got called 'an old fool' once after 45-50 minutes of such shenanigans. Got called much worse when caller and his supervisor sussed out I had been stringing them along for an hour. I had time to waste that day but unfortunately my phone didn't or I would have made it last longer so I asked for his supervisor to compliment him, sardonically, about his underling being so patient with an old dodderer like me and let on I knew, from the start, they were scammers.
Days I'm not in the mood I ask for the IP address or MAC number of the computer they're calling me about. Once got 'Sir, I'm calling about your Windows computer, not a Mac'. Conversations generally get very short afterwards.
Oh yeah, so many things you can inflict on scammers. And they deserve every bit of stress you can inflict; anybody trying to scam pensioners out of their money is fair game imo.
I'm really surprised that they are still calling you though John, I'm pretty sure they've blacklisted me!
A few years ago I was doing (genuine) support and needed a user's IP address. I explained how to open a command prompt and then started spelling out IPCONFIG using the phonetic alphabet: India, Papa, Charlie... Over the line I could hear the user repeating I N D I A P A P A C H...
Look, everybody who works in IT must have dealt with a huge number of painfully clueless users over the course of your career. Pretend that you are a compilation of the most worst of the lot running on a really old computer.
So, just pretend to be my elderly mother then?
He's very sweet old lady on the phone with them so he can drag the call out. Also he speaks enough Hindi to give them an ear bashing
Yes, I've asked my nephew from Mumbai for some choice cuss words to use on this slime mold. Telling a male scammer he should make his family proud by becoming a prostitute got me a callback, "why are you being so mean to me?" I laughed heartily as I hung up.
It can be helpful to google "test credit card numbers" if you think that you're losing them and offer them one of them so they can take "payment" for their "services". A test card number is intended for verifying integrations work correctly and when used will appear to work properly and produce a confirmation report as if it works, but won't process a payment. ;)
Ooooh! That's gooood! That's very good!!
I'd say bloody evil personally, but then I also think scammers deserve everything they get.
The funniest thing is that even if they hang up on you shortly after getting the card details chances are that they are still going to waste yet more time from several people trying to get payment out of the card afterwards. ;)
But YouTube is part of Google, and Google infamously don't provide tech support. How could anyone possibly be so gullible as to believe they're communicating with an entity that doesn't exist? It's like picking up the phone and hearing the caller announce himself as Santa Claus. Sure, Santa, here's my password. I've been a good boy all year long!
Moreover, the single most obvious sign that you're being targeted by a tech support scam, or nearly any other kind of scam, is that someone else initiated the communication. Pretty sure the very first thing every single PSA on avoiding scams tells you is that if you believe there's any possibility whatsoever that the contact is legitimate, you terminate the communication and re-initiate it yourself through your own known-good channels (otherwise just hang up and forget it). If that's simply impossible (as happened to me once when I finally got someone deep inside a bank to respond to my ticket), you *MUST* force the caller to supply information that a scammer could not possibly have -- like your ticket number or the UUID you inserted into the last postal letter you sent. Your personal identifying information, account numbers, etc. are all known to criminals, so that won't suffice. If the caller can't supply it, hang up. If in doubt, hang up. Frankly, spam and scams are now 98% of all calls, so don't even answer.
Either this is a publicity stunt or the guy's a total idiot. These are among the easiest of all scams to avoid, as he should well know.
Presenter of Rip Off Britain scammed:
https://www.dailymail.co.uk/news/article-3748559/Rip-Britain-presenter-Gloria-Hunniford-scammed-lookalike-turns-bank-drains-account-120-000.html
OK it was a bank cashier that took the bait, but goes to show.
And even Sting was stung (sorry, couldn't resist):
https://www.independent.co.uk/news/sting-s-adviser-jailed-for-pounds-6m-theft-from-star-1578141.html
My bank *DOES* send communications about anomalous transactions...
My email providers (Hotmail, Gmail and O365) *DO* send communications about anomalous sign-in attempts...
Thus, "the single most obvious sign that you're being targeted by a tech support scam, or nearly any other kind of scam, is that someone else initiated the communication" is fundamentally flawed.
My bank ALWAYS sends me comms about "anomalous" sign-in attempts. Likewise, hotmail/MS and gmail. That said, all of those are MY OWN "anomalous" sign-in attempts, because I wear tin-foil hat and block all their shit that I can block without actually blocking access itself. Obviously, I then ignore all those e-mails about ""anomalous" sign-in attempts" and I can't blame them if an an anomalous sign-in attempt is truly anomalous.
You should never rely on just those warning messages. I have an old @outlook account just drowning in said warning messages. Some of them are pretty well-crafted scams. If you're reasonably sure of those "Alerts," then yeah, you can use them as a first warning, but your response should always be conducted through an untethered environment after the fact
There is not tech support, per se (at least for their free products), but there certainly is a good size group of people at YouTube to keep large creators at least continuing to create, if not actually happy.
And while I think the creator was perhaps more gullible here than he might believe (youtube at creator-partners dot com email? contacting him via chat instead of email?), I don't think it's impossible to believe that a creator of his size would have someone from YouTube reach out to him. And if they're going to terminate his account for some reason, even more reason to believe they would initiate contact.
Microsoft is not calling you to fix a problem with your hard drive, but Google absolutely sends emails letting you know your account has been terminated, or there's a problem with your Play Store app that has to be fixed to avoid it being removed, and so forth.
I must say that if I got a support call from MS, facebook, google, or any big tech, I _would_ be suspicious, because I know their support is shit / nil. That said, with my paranoia, I still got caught (ok, half-way), with a bank calling about a suspicious activity. It was the simple trick of using what humans are so (in)famous for: drawing links between unconnected events: I had a (long unused) visa card from that bank. They called from 'that' bank about 'that' card. And when you're dealing with a shitload of items and then, ON TOP you get a call, your brain just switches on to default connection making - and that's how they get you. It's all easy to explain they cast their net wide, same with spam / phishing, etc, etc.,. but it takes great effort AT THE MOMENT, to shut out all other background life noise and focus on that call and analyze what they're actually saying, rather than just follow a quick, automatic, WRONG connection your overloaded brain made a moment ago.
Assuming the man's not lying (re. trying to hype up), he fell for the same trap. Sure, it wasn't a wide-cast net, arguably, it was a speared attack, but they used the same weakness to gain his trust: they brought his attention to an important issue (his job and income), they suggested the issue is under threat (now they had his full attention!), and he was already theirs. He also, possibly, felt flattered (youtube call ME, omg!, and I'm not blaming him, we're all vain and crave just a bit of attention and appreciation from Gods of this world). All that was enough to blunt his common sense. In a way, once you draw those false connections they gently cast your way, you're 'done', because their passed YOUR ultimate test of TRUST. They offered their help, you 'verified' them, so you now feel you're on the same team, and you should defend your team, right? Even if your common sense tries to (annoyingly!) tell you something... nagging you... telling you 2 + 2 =.... nah, it can't be!
As we tell our employees, Google, Microsoft, your bank, et all, ARE NOT going to call you regarding your existing account and then ask you details about that account. They have no reason to do so.
You bank may send you a text, email or even a call regarding anomalous activity but they will not ask you to verify your account number or any other identifying details. At most they will ask you for (is US) last 4 of SS number, maybe your address. That's it!
"your bank, et all, ARE NOT going to call you regarding your existing account and then ask you details about that account. They have no reason to do so."
The problem is they bloody well do do this (RBS) - they'll call you and then ask for details to verify it's you: they get upset when you point out that since they called you they need to verify it's them to me before I'll give them any info.
>they get upset when you point out that since they called you they need to verify it's them to me before I'll give them any info.
They get even more upset when you point out that the caller-id/phone number they are calling from is not listed as being associated with the company they claim to be and thus as far as you am concerned they are not the company they claim to be and hence you will treat all calls from their number as scam calls.
Naturally, you should ask them to add this information to your customer contact record, which will be viewable by a customer service agent next time you call the customer services number printed on correspondence and/or on their website.
RBS are notoriously shite, but it's worth noting that when HSBC did this to me about 10 years ago I not only complained about it, but took it to the ombudsman and HSBC was fined a significant amount. I'd have thought with the precedent, it's worth taking RBS down the same route.
I've watched Jim's content on YT and I am always impressed at the lengths he (and others like him) target the scammers - especially those that target the elderly.
But it was going to make him a target. He was costing those SOB's a lot of money.
The video he'll make of this will make interesting viewing. I hope he recovers his channel soon.
My favourite pseudonym to use when talking to scammers when they ask for my name is "Jim Browning".
My favourite moment was when, towards the end of a scam-baiting session I asked to talk to Chanden Bharti, and (as far as I could tell) actually spoke to the scammer himself!
There are many, many, underpaid workers calling people, but only a few people controlling these things. Jim has done much good work uncovering how these operations work, and who is in charge.
I guess he never thought that from their perspective he was:- Costing them hundreds of thousands in lost revenue. Exposing their criminal activity causing a lot of hassle. Reporting them to the police costing more in bribes
Yet he wasn't prepared for them to fight back.
Well better they fool him into deleting his account than sending someone to delete him.
Several years ago, I remember telling this to our customers. I told them that they're getting so crafty I reckon I'll fall for something within the next year. Thankfully it hasn't happened (yet) but there have been several occasions when I was talking to a genuine person and thought "there's no reason to expect that I'm not being scammed right now - they've given scant regard to identifying themselves properly to me, so I really should hang up". However, I felt a sort of social pressure to not doubt the guy on the other end of the phone, it might seem somehow 'rude'. That is the pressure that gets people falling for these scams time and time again. You don't want to upset the person you're talking to, and they appear to trust you, so it must be OK.
Unfortunately the scammers all know this, and that's how they operate.
I know I have behaved in such a way that a scammer would have been able to 'get' me - I was just lucky.
> Several years ago, I remember telling this to our customers. I told them that they're getting so crafty I reckon I'll fall for something within the next year.
Yup. I've found myself looking at very convincing sites and only been tipped off by anaomalous behaviour well into the chain
I keep a study handy that shows that people who are aware of scams are more likely to be scammed. (https://arxiv.org/pdf/1811.06078.pdf)
I generally tell people that you should never pay or give up personal information for a service you didn't initiate. I also tell them to only call the number on your bill or a number found in the phone book because scammers pay for fake Google listings. Many, but not all, scams play on a person's greed or fear. By knowing these things, you don't need to know about the common scams.
Scammers always need you to do something - because they don't have access to do it themselves. Your bank can put a block on any transactions in order to protect your account, but a scammer will ask you to transfer all of your money into a different account "to protect your money". So the question you have to ask yourself is "does it seem reasonable that I am being asked to take this action?"
Of course, the scammers put you into a heightened emotional state first by scaring you - your 'thinking slow' rational brain doesn't operate well in that mode and you are at a disadvantage.
You can level the playing field by keeping up with the current types of scams - that helps you to quickly recognise the patterns when you are contacted.
If the scam is very bespoke and highly targeted to a single individual - as I speculate the case is here - then it is more difficult to defend against. In this case, they weren't asking for money - so you have already lowered your defence a bit. The pattern of interaction with the scammers may have been very similar to previous legitimate interactions with YouTube support (for top creators). The video should be interesting!
"Of course, the scammers put you into a heightened emotional state first by scaring you - your 'thinking slow' rational brain doesn't operate well in that mode and you are at a disadvantage."
Not a scam. But from time to time, Costco account managers will buttonhole customers at the cash register. Informing them that if they would upgrade their account to the 'executive' level (for a fee), they would receive 2% back on their purchases. My response: No. Not now. But if you could put together the numbers and mail me a convincing pitch, I could sit down at home and analyze the offer. But while I'm standing here with my checkbook open and a line of impatient customers behind me, the answer will always be 'No'.
They have never sent me a package to sell the upgrade.
Some people are saying 'Jim' is doing it for publicity, but I think this line
"3.28 million subscribers he had gathered" says otherwise
When you've got a follower base that big (and are doing team ups with Mark Rober that exposes how the scammers launder money through) then you don't put your reputation on the line by that kind of stunt.
commenting on my own comment, tsk.
Jim deals with people after money by exploiting a fear (loss of computer/files) in an area where they are ignorant
in playing the ignorant victim, Jim has the advantage that 1) he has no files to lose so can remain emotionally detached and 2) he knows their tricks (remote, blanking screen, editing webpages) - hence he remains in control of the interaction and comes out ahead.
In this reported incident Jim had something on the line (his channel) and he has less knowledge (youtube channel deletions by scam uncommon - though held to ransom possibly a problem?) - so the attacker has an advantage even though Jim may be more savvy/sceptical in online interactions than the rest of us.
second point - instead of being up against scam call centre drones, he might have been targeted by a more competent group (whether for hire or the jollies) able to make their interaction more convincing (eg IP not resolving to India, fluent English speaker, less bafflegab/working from script in conversation)
I'd agree that this must have been a very well orchestrated and targetted attack. Jim is not your average scam baiter. I don't think scam baiting is a good way to describe what he does. I'd describe scam baiting as when someone just wastes a scammer's time for hours on end, whereas Jim's videos contain very little of him actually talking to scammers.
He only talks to them long enough to reverse the connection and infiltrate their network. The majority of his videos talk about what he finds when snooping around their computers and how he figures out the personal details of the owners, and the location of the call centre, so he can report them to the police. He also gets their phone lines shut down and calls back their victims to stop them sending any money.
I'd imagine this is why he was targeted. He costs them far more than the average scam baiter does and, sometimes, he gets them shut down. At the very least he has a direct impact on their income by interrupting in-progress scams and warning the victims. Your average scam baiter does not do this. He's more of an investigator, which is why he's helped the likes of the BBC with research.
Maybe working with news outlets has increased his profile enough for him to become a target.
Ah the hidden cost of outsourcing to corrupt countries where theft pays, perhaps if this was not something that UK companies practiced then there would be more safety in the digital world.
On a side note I used to have a .co.uk website until I discovered that actually having any presence in the UK was not a requirement for registration and shut it all down in disgust. To me these scams were always inevitable since those outsourcing are appear identical to the scammers.
There have been a lot of scams over the years that relied upon the target being more greedy than cautious but now after the amount of outsourcing scammers can look and act legitimate inept and be taken seriously because they are identical to the "real" thing.
"Your point about number of subscribers as a reason for it not being a stunt only holds up if you assume someone who makes a living from YouTube wouldn't want to make more."
Not sure about that. Deleting a channel could put a dent in your subscribers if you have trouble recovering it, if recovering it doesn't automatically add followers, and least speculatively because none of us who weren't subscribers can subscribe right now when the name is in our mind because the channel's down. If this were for publicity, it would be best to have it recovered really fast after the news broke so people could come watch videos. I'm guessing it will stay down long enough that I won't end up watching it because I won't remember to go looking for it days from now.
It's not really tech knowledge that protects one from most scams. Knowing how to make the computer do what you want it to doesn't help you figure out that the bank alert is not real. We would hope that technical knowledge leads to checking links, but that's more a factor of laziness. Meanwhile, young people have less experience with a lot of life's details; if you've had a bank account for five years, you may not have seen what actually does happen when someone has compromised your account details, so when the call comes that someone has done that, you don't know that it's unusual.
I think the only reason that we more technical people are better at avoiding scams is that, since they involve a computer somewhere in the chain, we're told about them more often. Awareness, rather than knowledge, is our primary strength. However, I must warn those who think it's an impenetrable shield that we can get scammed too if the other side is convincing enough.
I love to fuck with the robocalls that use voice recognition.
"Hi, this is Frank from Security Services, how are you today?"
"Apples"
"<pause> ...Well, we're calling about extended warranties for the appliances in your house. Are you the homeowner?"
"Twenty-three"
"<pause> ...Are you the homeowner?"
"Puppies"
"<pause> ...Could I speak to the homeowner?"
"July"
"<pause> ...<click>"
The wife usually tells me to hang up after the first 5 seconds, but I get a perverse pleasure in thinking that my random utterances might be causing some small issues within their system. If nothing else, it gives me hope that I'm one tiny step closer to being blacklisted.
And don't get me started on the live suckers that call me from "online pharmacies".
Good times, good times.
I feel bad for this guy, I've been had too, and should have known better. But it can happen to best of us!
I searched for my printer support page, found one that seemed perfect.
The page was real, looked for my printer, found it and was looking through list of possible support help, when a little chat box popped up asking if they could help. I chatted about my problem, a female emoji asked if a free support person could call me to help? I thought "sure, why not".. thinking I was chatting with a legit support chat widget at "major IT company!
Warning .. say NO to this! I did not and went for it.. after a bit of chit chat about the printer, the guy had me go to a remote site for him to access my computer, he read my system driver files and said, I was so outdated that it would take about an hour to repair my system in order to be able to print. He asked me to pay a $1.00 fee. (Red flag) When I heard that, I told him I couldn't do it due to time constraints.. he insisted that if I gave my cc info, he could continue without me!
At this point I panicked and pulled the ethernet connector out of computer! And ended the phone call.
Scared that he might have already done something, I scanned the hard drive etc. Found nothing, thought all was fine. Went back online, and actually was able to print to the hp printer again.
Then the problem started. My browser locked up, so I ended all tasks and shut down computer. From there I couldn't get windows to run. Took the computer to a local technician company that I work with, and they could only access 27% of my hard drive. I did get many of my work files that were stored, backed up to my wd hard drive. But the 8 year old windows computer was toast. The hard drive was going to cost more then I wanted to spend on an old computer. I now use it with a linux stick, and just browse internet etc.
So no more remote helpers for me! Having been a computer instructor for many years, with gobs of instruction, I thought I knew how to protect myself. But now, times have changed! It's sad!
From the sound of it, you got hit by ransomware or something like it which destroyed your data. That means you don't have to replace the disk and could probably just wipe it and reinstall. I'm not sure if you've tried that, but unless they have some unusual method of actively destroying your disk or you had a coincidental disk failure, you might be able to resurrect it.
Back on topic, it's very useful to hear stories like this to prove to people that mere knowledge won't save you from all scammers out there nor does getting scammed mean you weren't smart enough to avoid them. I think this is important to better educating users including ourselves that the risks are higher than some might think.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
