There are few things I hate more in life than a scammer, liar, and a cheat.

Long ago, as a very young kid, I remember going to the video arcade at the mall with a $5 bill in hand. As I walked up to the exchange machine to get some tokens, an "old person" (he was probably in his 20s) approached me and said, "I have a whole bunch of tokens I can't use but I need to leave. There's probably close to $20 worth in here," as he shook a small paper bag full of jingling tokens, "and if you want to just give me that $5, we'll call it even. I mean, you're really doing me a favor here."

My eyes must have lit up. I had planned on playing just $5 worth of games, but now I had possibly $20 or more of game play coming my way! And I was doing this guy a favor?!? What a deal! I excitedly answered, "Sure, thanks! Here's my $5!"

I distinctly remember having a fleeting moment of panic that I would hand him my bill before he handed over the tokens, and then run from the arcade. But this fear was waylaid when he unfurled his clenched fist holding the bag and dropped it into my eager hands before I even handed over my precious dough.

He thanked me for the help and headed out the arcade door as I practically skipped to the nearby driving game I'd now be spending four times longer enjoying.

However, my joy turned to dread as I reached into the bag only to realize it was full of pennies and circular metal blanks from the hardware store. To say I was crushed is an understatement. I was broken, completely unaware of how someone could be so cruel. For what? $4 and change?

As I've gotten older my general disdain for people like this has only grown. The Internet age and global means of communication have unfortunately given rise to far more scamming cheats and their access to the unsuspecting population of naive marks.

Recently, I had an opportunity to turn the tables on an anonymous scammer. And I'd like to share that story with you today, even though it has nothing to do with DIY home improvement, our bathroom, or Old Town.

Last week, while home on one of my sacred telework days, my nose was buried in my laptop. I was elbow deep in a programming problem that I had been trying to solve for the better part of the morning when our home phone began to ring.

Since our land line is more of a artifact in our house than a functional element, it quickly broke my train of thought and piqued my curiosity about who might be calling.

The caller ID flashed 1-706-805-2057. Definitely not a number I recognized, and there was no name associated.

My two options quickly raced trough my head, which was already busy processing a possible solution to my work problem.

1. I could ignore the call, keep working, and if they really need me, they'll leave a message. If it's a work call they'd be calling my cell, and if it was Wendy or family, I'd know the number. Probably an automated mortgage or interest rate call anyhow, or worse, a political ad. Hrm...

2. I could just answer it. It might give my brain a break long enough to allow me to solve my issue with fresh perspective. Besides, what if it's something that's important? Maybe I've won a cash prize or some major award and I had to answer the phone to redeem? Yes, that sounds very likely.

Yep, you guessed it, I decided to answer.

When I clicked the phone on I answered with a polite but abrupt "Hello?" Half expecting the obligatory delay before the telemarketer picks up on on the other end, their activation of the call triggered by my curt response.

But unlike the dozens upon dozens of calls we receive there was an actual person ready with a greeting.

A male voice with a thick Indian accept chimed from the other end of the phone line, "Hello, my name is Ryan from Microsoft Windows, and I'm calling today because we have been receiving an alarming number of errors from your Windows computer over the last several hours. We checked the log files and this has actually been going on with the computer associated with your registered Windows Live ID for a few days, but it's gotten much worse lately! It is possible that hackers are trying to access your network right now and we would like to assist you in resolving these issues today, free of charge. It takes only 10 minutes and it is all done using Microsoft certified technology."

My heart leapt and my pulse began to quicken, but not because I had any concern that my data was in any way vulnerable to hackers. Quite the contrary, actually. I was excited because I had been waiting for a call just like this one for some time.

I've heard about these social engineering schemes for some time. The caller typically preys on the vulnerable elderly and/or stereotypically computer illiterate types that are often home in the middle of the day. They expect the person who answers to be dependent on their computer, but unaware of exactly how it does all of the things they so desperately need it to do. Worst of all, they rely on the fact that these people will willingly trust a random caller that sounds official and expresses an interest in helping to head off some very evil people at the pass.

The sad thing is too many people tend to fall for these tricks, resulting in compromised computers, viruses, lost data, stolen identities, stolen money, unbelievable hassle, and a general sense of mistrust.

However, I'm none of these things. I'm a software developer by trade, and an all around nerd by hobby. I've been building computers, writing applications, configuring networks, and practicing IT security related items for over 20 years since I was a pimply faced teenager. I'm this asshat's worst nightmare when it comes to his scheme and his attempts to exploit me, and I wasn't about to just hang up the phone and let him move onto his next call unimpeded.

So I responded as anyone in my situation might and said, "Oh my, are you serious?!? Hackers are on my computer right now? What should I do? Should I turn my computer off? What should I do?"

What, that's not how you expected me to respond? Well, just you wait, this gets good.

Thinking he might have a mark, the scammer started to really set his trap. "No no, do turn off you computer, that may allow them to take full control of all of your data. But I'm calling from Microsoft, and we have the ability to help walk you through several system diagnostics that will identify your problems and shut them down. Does this sound okay to you?"

Very well played, scammer. You've reeled me in and have me feeling comfortable. You've got my best interests in mind and have already possibly saved me by telling me to keep computer turned on, lest I lose everything.

I said, "Yes, yes, this is perfectly okay. Just tell me what I need to do to fix this. If my boss finds out my computer has hackers on it and they get access to my company's financial data I'll probably get fired. Thank you so much for calling me about this!"

Two can play at this game! My response was meant to both let the scammer know that he might have access to a treasure trove of possibly valuable data, and also to humanize me to the scammer, giving him a sense that I'm an actual person too, with a job, and one who's not perfect. I was giving him an out in a way, one where he could back out and hang up if we felt at all bad about what he was trying to do. As you can likely guess, he continued with his game.

"Okay, I need you to open up your Internet Explorer web browser," he said.

I responded in a bit of a lost tone, "Is that the big blue 'e' button?"

He quickly responded with, "Yes, the 'e' button, just click twice on the 'e' button."

Wow, did he think he had a moron or what? The big blue 'e'. This guy must hear it all if he is going to remain on the phone with a response like that.

This whole thing is even funnier because I was sitting there working on a macbook.

He followed up his instruction with, "Now put this in the address bar. Www dot... Remote... 1 2 3...dot... U S. Do you have that?"

"Yes...I think so." I chirped back.

"Okay, now press only the enter key and then wait," the scammer responded.

It was all pretty innocent to this point, but here's where I started to lay it on thick.

"What's the enter?" I said.

"It's the big key on the right of your keyboard." He was annoyed at my seeming stupidity, but still patient enough.

As I feigned searching for the enter key, I could hear the background noise from his location. It sounded like a busy call center, all the more reason someone with less knowledge might believe the ploy. I could picture him at the Microsoft tech support HQ, trying his best to work through all of the millions of Windows users with issues just like mine. Except none of it was true. It's just as likely the location is a one person room with a background soundtrack to make it sound legitimate, or perhaps a sea of scammers all actively calling people at random in the hopes they'd get someone to fall for their tricks.

After a sufficient amount of time had passed I responded, "I don't have the enter button, only shift, return, and delete are on my keyboard. Do any of these work?"

"Yes, yes, the 'return' key, press that key. Then tell me what you see." He was back on track, ready to take control of my system.


"It's loading," I said. While I pretended to let the page load I ran through the scenario in my head. Remote123.us is a web based remote control solution like LogMeIn. It allows someone from somewhere to take control of your computer and operate it remotely. It's wonderful when you need actual remote troubleshooting, but not in this case. In this case a malicious user would take control of your computer and then would have access to everything. They could look at your email, install software, change your passwords, and access all of your personal information. It could be disastrous. It's similar to inviting a robber into your house and letting them walk around and take what they please.

The scammer began to grow more impatient with my moronic action. "Well, what do you see on your screen?"

When I was good and ready to tell the scammer what I "saw" I responded bluntly, "Google.com."

The scammer, obviously annoyed by my ineptitude, but also encouraged by my continued apparent lack of knowledge and awareness, said, "Okay, let's try this again. Can you type remote...123...dot...u...s...into your browser address and tell me what you see?"

My heart continued to pitter patter and I could barely keep a straight face when I said, "Okay, it says 'Google search results for remote123.us. Did you mean: remote123.org?' Then a bunch of searches for the remote123.us. What should I do?"

Our conversation had reached the 10 minute mark, and I was barely starting out with him. My starting and stopping was working wonders to help him believe I was helpless. All the while I was reeling him in.

"No, no, no. You need to put it in the address bar at the top of the screen, where the URL is!" He was beginning to raise his voice, which told me I was beginning to get the advantage that comes with impatience.

Over the next several minutes I managed to start other programs and report back that "Spotify was now running and should I do something there?" And, "Ugh, okay now Microsoft Word is open, should I do something there?" I was really all over the place, I must have sounded like a complete jackass to this guy. He just wanted to steal my stuff. Why was I making it so damn hard for him?

After a few more tries and my continued torturing of the scammer, I could tell he was getting to the end of his rope, so I "finally" got the URL into the address bar of my browser and hypothetically loaded the page. I reported my miraculous breakthrough and he asked one more time, "Okay, tell me what you see?"

I quickly responded back, "Okay, I got something different this time. It's a weird message. I get it sometimes on the computer and when I do I call the IT guy and he fixes it."

"Oh, what is it?" The scammer asked inquisitively.

I reported back, "It says 'Your firewall is restricting access to this resource and you must receive external authorization to proceed. An external source must authorize this request from your MAC address using the following link.' Does that make any sense to you?"

In case you aren't following, nothing on my screen said that at all. I made that up on the spot. It was my goal to ruin this guy's day by taking up a lot of his time and possibly turning the tables on him. To add a little validity to the whole thing I wrote out the little error message above so I could read it back to him the same each time I had to recite it.

Thinking this was just another error the scammer asked me to enter the URL into the browser's address bar one more time, and one more time I recited the error, verbatim.

The scammer said, "I've never heard this before. You say you call the IT person and they fix it?"

I tell him, "Yes, and it only takes them a second. I just call, give them the link, then he tells me I'm good to go and I get can to the web page...Do you want me to call the IT guy and have him do what he does, then I can call you back? I just need your number."

"No no no," said the scammer in a quick and firm voice, "I think we can handle this without bothering him. Let's give it a try."

Boom! He just fell into my trap, hook, line, and sinker. The risk of losing a mark he's been working on for nearly 20 minutes, one with financial data available, and one who can apparently barely tell a computer from his ass was just too big for him to walk away. He had been ignoring the warning signs with his eyes too focused on the prize.

"Okay, what do you want me to do?" I said.

The scammer pondered for a second then responded, "What is the URL it's giving you in the link? Read that back to me."

The key with social engineering is to get your mark to believe they're acting in good conscience. They need to believe what they are doing is what they need to do to accomplish their goal. This is how people willingly hand over their passwords, bank info, social security info, etc. And in this moment I've just fooled the scammer into believing he was so close to a major score that he started to throw his own cautions out the window. I had begun scamming the scammer.

I slowly rattled off the URL in a deliberate manner that made it appear even further that I'm simply not computer literate (as if I hadn't established this already). "H...t...t...p... colon..." I continued. "Do you have that?"

"Yes, yes, what else?"

The link I gave him was a simple bit.ly URL I had just created a few seconds earlier. The fact I was giving him a shortened URL, especially when I'm so apparently computer stunted, made it all the more legitimate.

Among the background noise of his purported Microsoft call center I could hear the scammer typing, hitting enter (he must have had the enter key), then waiting for the screen to load.

During our conversation I had been searching for just the right thing to do to finally show him I had been playing with him the whole time. I wanted to possibly put up a web page somewhere which gave him a message of some sort that I could get him to go to, but I didn't want to put it somewhere that he might be able to identify who I was. So I couldn't put it on our blog or anything like that.

As I thought about it, an idea struck me. I could use "Let Me Google That For You," or LMGTFY.com for short.

If you're not familiar, the whole purpose of the LMGTFY website is to send links to people who ask simple questions but are too lazy to Google it for themselves before asking. When the recipient of the URL clicks on the link the screen walks them through each step of Googling, like the viewer is a child. It simulates entering a search term into the box, then clicking on the search button, and finally asks "Was that so hard?" Before sending the user to actual Google search results. It's a condescending yet useful website at its best.

We use it often at work when a co-worker asks a dumb technical question over instant messenger, like "Do you know what Redis is?" Rather than taking the time to respond by Googling and then pasting back the first search results, we just send the link, http://bit.ly/1AUqfdu.

This is equal parts effective in providing a relevant answer, but also in saying "You're lazy, you've wasted my time, and you should have just Googled this yourself to save yourself the wretched embarrassment of this moment."

Remember, nerds are smug jerks who've often been picked on their entire life. A minor victory, such as sending a LMGTFY link to a friend or colleague is a major victory in the existence of a nerd. I know, I speak from much experience.

So back to my story.

I waited for our friendly scammer, "Ryan," and for the link I had just dictated to him to load.

To get the full effect of what was transpiring, you need to follow the link. Don't worry, beyond a little PG-13 language it's totally safe for work.

http://bit.ly/1kb9oOk

The scammer paused and began reading what was being typed on his screen. I could barely contain myself. My inner child was bursting with excitement at what was unfolding. I was sticking it to this scammer in the best way I could think of on the spot.

The silence from the other end of the phone was golden. The scammer cleared his throat, and in a somewhat shocked and calm tone he responded by simply saying, "Good one..." before hanging up on his end of the call.

That's it, that's all. I had just won my portion of the Internet that day. I was victorious over the scammer and I both wasted his time and enforced my smug nerd supremacy over his lame attempts at social engineering.

Have any similar stories you'd like to share? I'd love to hear your experiences.

Comments 31

Comments

Stacey Spencer- Sullivan
8/6/2014 at 12:00 PM
This is perfection! I was riveted the whole way through. Way to go!!
8/6/2014 at 12:25 PM

You sir, are. my. hero. And it's hilarious how similar my husband's response would have been to yours lol...

8/6/2014 at 12:34 PM

After getting 3 or 4 of these calls at work over a couple of days, I finally got them to stop by saying: "Computer, what computer? I don't have a computer." The phrases that always raise my suspicion on an unsolicited phone call are: "don't hang up" and "I'm telling the truth". Oh yea? Jo @ Let's Face the Music

8/6/2014 at 12:35 PM

We have a field day with these guys. About a year ago I had one of them lose his sht when he figured out I was on to him. After he finished screaming at me I said to him, "I work in security jackass." He hung up on me after calling me a btch, muttering about how I was wasting his time.

Rai
8/6/2014 at 12:47 PM

Oh man, this is great. Had me rolling and sharing with everyone else in the office.

Jane
8/6/2014 at 1:01 PM

This is so fantastic. Is there any way to get their info from the link he gave you or the phone number? I feel like they should be reported somehow.

Franki Parde
8/6/2014 at 1:35 PM

What's URL???? U R Laudable (I had to google that!) franki

Rachel Roellke-Smith
8/6/2014 at 2:15 PM
This is awesome!
Rashmi Pappu
8/6/2014 at 2:25 PM
Love it! Laughed out loud at the end!
8/6/2014 at 2:44 PM

So my father fell for this. LOTS of yelling (TWO WEEKS AFTER IT HAPPENED) we canceled his credit cards and removed all the malware on his iMac. The only difference between his scammer and this call is that they said they were from google.

Kay
8/6/2014 at 3:31 PM

Hillarious
You so made my day

8/6/2014 at 4:14 PM

You are the best lol loved reading thru the storyAlt smile

Jake
8/6/2014 at 4:41 PM

Great job! Next time, see if you can convince him to get a tattoo: http://www.419eater.com/html/okorie.htm

Kathleen
8/6/2014 at 4:54 PM

OMG....AWESOME POST! Ahahahahahaha!

Diane from Boston
8/6/2014 at 7:00 PM

My 87-year-old mother got the same call. There was a problem with her Comcast Wi-Fi at the time, so she assumed he was from Comcast. Telling me about it later in the day, she said, "I started to do what he said and then I guess I did something wrong and accidentally hung up on him." THANK GOD. You did everything right, Mom.

How can people be such scuzzbags?

Amy Esmond Rutherford
8/6/2014 at 9:10 PM
Let's hear it for nerds! You rock!
8/6/2014 at 9:50 PM

I only wish that I could have a similar experience, but I would have had no idea what to do other than telling the person off. However, now that I have your blog post, I will be using it should I ever receive a similar call. I will also share this post on Facebook. Well done, Alex!!!

Mia
8/6/2014 at 10:24 PM

Bravo. Just bravo. Standing ovation.

laura
8/6/2014 at 10:50 PM

You are AWESOME!!!! Love it!

ciddyguy
8/6/2014 at 11:33 PM

OMG Alex, this is priceless.

I generally have a very good BS detector so some days, it takes a good bit to get past me (but some do), thankfully no scammers, so far, I've not been sucked into one that I know of.

I tend to let the phone go to VM and then check out the voice message if there is one, and generally delete.

However, have had to reign in my coworker yesterday. A little queen of a guy who thinks he's above reproach and does as little as he can get away with at work. He had the bucket of mail to take to the post office, and called me in a semi demanding voice to come open the door, I looked at the bucket, and the door and said, no, YOU can get the door and left it at that (in so many words) with other coworkers as witnesses.

He didn't try to argue, he opened the door and left the building.

Today, he barely spoke to me and thrusted in my hand at the end of the day the bankruptcy mail.

He'll get his comeuppance sooner or later, and I hope the former.

Jan
8/7/2014 at 11:16 AM

As soon as I started reading, I knew this was going to be an epic post. Hats off to you, Alex. And a high-five from another Mac aficianado!

8/7/2014 at 1:33 PM

Marry me? That's AWESOME.

Laura C
8/7/2014 at 4:37 PM

Well played, sir, well played.

Diana Rojo Poulin
8/7/2014 at 7:55 PM
It has happened to me, I just pretended to be following his instructions, but he realized I was pretending and he told me to die! An other time I just told him that my laptop die and now I had an Apple and he hung up
8/8/2014 at 2:38 PM

I love that the scammer actually acknowledged your win.

Next best thing would have been to Rick Roll him.

Brenda
8/9/2014 at 11:54 AM

Whenever we get those calls, I always ask the scammer if his mother is aware that he is working for a thief. I go on to say that she would be very ashamed of him for not going out and getting a real, honest job. That usually ends the call right there.

8/9/2014 at 12:04 PM

Nicely done, both your reaction and your story telling!!

8/19/2014 at 7:18 AM

A little late to the party, but this was pretty therapeutic to read. I hate those scammers!

Now I realize I need to call my parents and make sure they know that the folks at Google and MS don't have time to initiate calls to them.

Sue
8/27/2014 at 3:06 PM

I received one of these calls - on a day when my Windows PC that I rarely use was spewing errors all over the place. I am a computer programmer and am familiar with social engineering but I gave the guy access to my computer and paid him to fix it. Which he did. I knew it was risky but I was in the process of moving everything to a MAC and was terrified that it would crash permanently. I still get calls from these guys - saying they are from WINDOWS - when I am no longer using windows. But I can't figure out what the plan was - because the guy did exactly waht he said he would do. It was several years ago and nothing bad has happened so far!

will
8/27/2014 at 10:29 PM

my mother recently told me Microsoft was calling her for security issues. I had no idea what she was talking about. I'm glad she is pc illiterate enough to tell them she needed to wait for help.

paula
12/30/2015 at 1:33 AM

This is hilarious. I thought I was turning the tables by posting their phone number on all my social media and having my friends do the same and blowing up their phone, but you take the prize!

Since you've not signed in yet, you will need to fill in your name and email below. If you have a Facebook account, save yourself a step and use Connect to login.

Denotes a required field.

Please enter full URL, including http://

You can use Markdown syntax in your comment. And you can also use lots of Emoji!
  • Search

  • Login
  • Follow
  • Advertising

If you're looking for information on advertising and sponsorships, head on over to our sponsorships page. You can purchase site sponsorships in a few easy clicks. 

Toolbox Tuesday
Open Housing
  • We're Featured!

Old Town Home has been featured in the following places and publications:

The Washington Post
 
Washingtonian Magazine
 
Domino
 
Old House Journal
 
 
Apartment Therapy House Tour
 
Washington Post Express Feature
 
Home & Garden Blogs
 
© 2019 OldTownHome.com. - Privacy Policy
Login Below
or
Sign in with Facebook
Connect

Unexpected Error

Your submission caused an unexpected error. You can try your request again, but if you continue to experience problems, please contact the administrator.

Working...

Working...