Downloading a scammer's files [Re-upload]

Video Statistics and Information

Video
Captions Word Cloud
Captions
we are going to disconnect your lounge Ronald rollover into that line from today's midnight for three to four tell your world someone else is going to be accessed through you're into that yeah I think I've been Lance Bass and four and a half and you're considering misusing your IP for suddenly feels awkward I don't know who you are I don't know what you want if you're looking from our bank details I can tell you I don't have money but what I do have are a very particular set of skills skills I have acquired over a very long career so do you still wanna scam me yes surely in front of your own eyes that who are the people are trying to take access to your internet okay the scammer cold-called me seeming to be my internet service provider and then go ahead okay like which versions of each version of render windows 10 windows which one is it I think this might be Windows 7 I'm not sure do one thing have a good look on the keyboard okay on the extreme left hand side bottom corner can you see the ctrl the ctrl key extra yes as you see it yep I fast forward the next section because it's only the scammer asked me to download and wrong TurboTax s offer TeamViewer team here have been quite receptive to the feedback that their software has been used in scams and these days if that software spots a connection from India the connection is blocked and a warning is displayed on the victims computer so to work around us update often the scammer these days will ask for the victim to connect to their computer first and once connected they will ask the victim to press a button to reverse this communication but of course once I'm connected I don't have to do what the scammers just asked me to do it gives me an opportunity to download his files and lock them out of his computer yeah like a new ID it's weight to its idea to pi/8 to five it yep seven eight three eight three yeah below that you'll see a blue box we can connect click on connect yeah oh right yeah that is asking for a password yeah yeah I pin the password it's seven nine two one yeah click on log on yeah just wait don't touch don't touch anyone touch anywhere on the top you'll see three are three options like actually view communicate okay yeah do i click on communicate click on community is it down at the bottom there somewhere first things first I've got a blanket a screen unlock him from his keys oh great one communicate hold on going yeah just trying to find it slick on communicate yeah on the on the top on the top right over the top you see ya like action to communicate okay we can communicate now click on quick side with partner right okay I okay we played with partner right I've ignored the flock Tim from his keyboard noise it's time to boot around this PC communicate here you clicked on which side with partners yeah I think you did anyway okay okay I'm not really not good with computers so maybe is it sure okay just hold on sir I'll transfer the call to my senior technician he'll have it okay alright yeah okay hello hello hi I think you've inhaled sir this is Wilson and I'm senior technician out here how are you today and not too bad yeah I don't know what's happening here but maybe they'll put their own button or something okay neither downloaded his files it's time to lock him out of his computer by using the command ciske sync unity your ID and a password once again yep this key command will prevent him from logging back into his machine without my ID I did I think there was a problem with those that I did at seven five six seven five okay sorry very good with ease I'm just repeating the numbers once again if one one nine yeah seven five six bingo I've locked him out of his machine if he wants to log back in again he's gonna have to know the password I just typed okay I hope to run this machine a little more to see if there's any files I missed I don't think so connect okay it said to know what this is okay connected reading the numbers what you have written there yeah it's one one six I have to look carefully at the software which is installed on the scammers machine there's not really of much interest other than a bit of pirated software which allows him to view colleague screens he also runs byte fence anti-malware like alright I far up his browser to see if I can find anything interesting in his history cashton's browser is a software that he uses to contact his victims it's called v.i.c I dialed the number I do what do you reckon because like it was not I tried to find a little bit more information but I'm locked out by using him and password okay I've got one nine seven five six four zero six and then it says passed like you haven't give a click on connector all right let me try again yeah hello I already know his IP address from Wireshark I type in what is my IP dot org and check what the result shows in the browser it matches exactly what Wireshark says at this point the scammer gets a little bit frustrated and decides to disconnect me however you haven't seen what I've done on this computer so it allows me to reconnect all right so you just do one thing sir okay you just do one thing don't touch the computer just leave it okay right okay now about unity so it's disconnected on it says but he's still desperate to get my bank details so once again he reads like another TeamViewer ID and it says password it's nine nine five okay nine nine five six yes now this look at the top there is an option called communicate communicate this turns out to be a different PC so it gives me an opportunity to download yet more files yeah I think I've had communicator so once again I black screen them unlock his keyboard and mice okay that's what I've done good side with partner yeah I've got that this time there lived to be a lot of interesting files saved on the desktop I download all of these communicate first give a click on communicate right that's what I've got that and then give a click on to it start with partner I continued to play Adam it says oh right up at the top if you want to see what all these files are please jump to the 15-minute mark right and then we tried with partners right I've got it sorry I was taking down at the bottom I was looking for something at the bottom no just poker to the top just focus at the top on the middle book I have a glance at one or two of the files they contain online banking information of some of his victims I thought I have all of his files I decide to let him connect to my computer is computer science always sorry I see it switch sites with partner I see that now I quickly hide all the files that I've just been loaded and let him have the access he requested it's odd at night it says BT technical server no it's not no the scammer rids around my file system he's not going to find much because it's a virtual machine which I've set up especially for scammers yeah hiya Freitas notice something called banking and passwords and he attempts to open these files if he had ran these on his own computer I would have had direct access to his PC but I'd already downloaded all of his files anyway you can be a green black it is here okay and they are trying to access your internet and all the stuff okay he looks at my browsing history I guess and hope to see some banking logins unfortunately for him it's gonna be blank prising the web and that sort of thing how do you know where all right so you don't do much more things on the internet not on the internet no just like Facebook or not sort of stuff okay all right like how many devices we're gonna do the same Internet probably just but like one or two like a iPad and iPhone and stuff that means you normally do from iPad and like from do iPad right yes that's right yeah okay so what's the problem can you see the lines yes so now we can identify the problem like there is 15 hackles was found on to your banking right and like on your Facebook there's three hackles and and all the much more hackers was already been on to your internet so I believe like apart from you somebody else also uses this computer well sometimes my family read but really it's do you see just be and do you do any kind of online shopping or banking in this computer yeah well occasionally I will yeah so this is really what the scam is about he wants to get all of my login details for my bank so that he can log in and fear died now can you see over here there's lots of local address for an address and states are there correct yeah uh-huh I'll fast forward this bit where the scammer runs netstat on the van fear and an attempt to convince me that there are hackers connected all right nah now on the note okay now just write it down all the websites name whatever you do on this internet right on your iPad or on this computer this is writing down all the name of the all the websites okay so you can able to protect your website and we can provide all the securities and all like everything on a notepad I like on your website okay starts the ones I usually use huh the most of the time you use a little thing he's a bit disappointed I don't mention online banking and you do any kind of banking or any kind of financial thing I usually just on my phone oh yeah oh yeah well on my phone yeah so phone yet I saw websites name not the phone bank like dodges the name of the website all right like hello still there hello hi hello hello hello hello there yes sir I'm so sorry okay all right now over here okay now you have written the phone bank right got the name of the website I'll fast forward this part because it's just the scammer trying to convince me that I've got problems with websites by using the w3c validator it will always show errors for any website you type in he types Barclays calm into this validator and as predicted it shows some errors he goes on to explain that because Barclays dog calm is showing errors it must be down to hackers on my network I don't do anything that don't do anything so I get forward an attempt to make a connection back to the scammers PC I do this a number of times before the scammer realizes I'm up to no good and he terminates the connection what I do next hello you still there hello hello he still there I warned him that he's been sis Kaede before I start to have a look at the files that I've downloaded in detail amongst the files I find screenshots of at least three different Metro Bank users not only are the screenshots there but the actual login details are there as well their username security passphrase and other numbers it's enough to give full access to the bank accounts there's also a couple of screenshots and what I'm guessing or victims that they want to follow up on so that evening I contacted Metro Bank he asked me to put in writing what had recorded this is a copy of the email that I sent to their fraud division they were quick to respond unlocked all of the accounts which were affected among the other files I downloaded was a list of salaries sadly only with four nin but it was enough to tell me exactly how many people were in this call center what their rates of pay were and who'd scammed the most over the last couple of months but one of them was damning files that I find was a list of call records for one particular day at the end of October you can see from the timestamps of this file just how many calls they make in a very short period of time they meticulously record how many customers weren't interested how many were answer machines and how many victims they reached I've passed this and all of the other files on to action fraud here I hope we'll be able to use it to break this gang of scammers as always if you like these kind of videos please do subscribe and remember to hit that Bell icon for any updates I also have a Twitter feed of Jim browning 11 and if you'd really like to sponsor me I also have a patreon the kind details in the description
Info
Channel: Jim Browning
Views: 2,871,787
Rating: 4.9585924 out of 5
Keywords: scam, downloading a scammer's files, scammer files, download, Microsoft scam, BT scam, hacker, bank hack, metro bank, scammer pay
Id: DFRbUhhQmZs
Channel Id: undefined
Length: 17min 17sec (1037 seconds)
Published: Sun Dec 17 2017
Reddit Comments

Thanks, man! Definitely going to check this out after work, love this kind of stuff. I wish Gimlet’s sub had more subscribers, because I bet this would be super interesting to many listeners.

πŸ‘οΈŽ︎ 7 πŸ‘€οΈŽ︎ u/TopShelfThots πŸ“…οΈŽ︎ Oct 23 2018 πŸ—«︎ replies

This video reminded me of ReplyAll's Long Distance episodes. Also found it informative on how the scammers are operating (e.g. using teamviewer), how they are making their calls and what type of information they are phishing for.

πŸ‘οΈŽ︎ 6 πŸ‘€οΈŽ︎ u/captmomo πŸ“…οΈŽ︎ Oct 22 2018 πŸ—«︎ replies

This was incredibly satisfying to watch. Makes me want to familiarize myself with these techniques so I can do it someday. Oddly enough I've never had a scam call try to access my computer though.

πŸ‘οΈŽ︎ 2 πŸ‘€οΈŽ︎ u/elcheeserpuff πŸ“…οΈŽ︎ Oct 23 2018 πŸ—«︎ replies
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.