‘Reply All’ Scam Baits an Indian Tech Protection Racket

A guide for beginners to hacking back against online scammers.

Protect yourself online. Pexels

On the podcast Reply All, the team found a company in India running a robocall scam to sell a maybe legitimate product.

How weird is that?

One the latest episode of this iTunes top 50 podcast, “Long Distance,” Alex Goldman chases an online scam as far as he can. The result is a super engaging story about a company in India using manipulation and outright lies to sell tech support services.

Reply All finds stories from the internet. It was founded by Alex Goldman and P.J. Vogt, and it was the second show on the Gimlet podcasting network.

Goldman pursues this story further than most reporters would (or could). He isn’t satisfied with figuring out what the company is trying to do. He seeks the why and the who. When the next episode drops, he’s going to be in India, hanging out with a key former employee.

As the internet has connected us more efficiently, it’s created new avenues to take advantage of some. One of the best ways to keep people safe is by exposing scams and educating the public. It takes a while for such knowledge to spread, but it works eventually. Regular people can also undermine scammers by fighting back, wasting their time and sending them on wild goose chases. In the bad old days of the “Nigerian Prince” and other email-based exploits, scam baiting became a hobby for internet vigilantes. In short, scam baiters would pretend to follow for a trick and find clever ways to raise the attackers’ opportunity costs.

Here to help. Pexels

Just in case this episode of Reply All tempts any new “digilantes” into chasing scam baiting kicks, here’s a few quick annotations on the episode:

There’s a right way to let a scammer remotely connect to your computer

During Goldman’s first call, the scammer claims to work for certified Apple technicians, so Goldman asks for a way to verify that with Apple itself. They won’t, so Goldman asks who they really are. The scammer realizes that Goldman is not falling for his ruse. So he answers him by saying, “We are Anonymous. We are legion. Expect us.”

Spoiler alert: It’s not Anonymous.

Goldman call again, and he gets a different technician. “And rather than say right away, ‘I know this is a scam,’ I let him diagnose my computer. I let him connect to my computer,” Goldman explains.

Shortly thereafter, this second tech has remotely taken control of Goldman’s machine. He’s moving his cursor around, looking at files and even starts executing software through the command line.

Goldman makes it sound here like he actually let these guys remote into his actual computer. Do not do this. Even in its promo materials, Reply All has been telling people not to let strangers remotely control their computers, but there is a right way to do it. Odds are that Goldman protected himself by using a backup computer, rather than a device that has his current, critical data on it.

Whatever Goldman did or didn’t do, if you want to hack a hacker by letting them remotely access something, use a virtual machine. Virtual machines are full computers mostly running on a remote server. It creates a desktop window that views that computer over the internet. Nothing that happens on a virtual machine can impact your actual computer. If someone remotely connects to a virtual machine, they can’t see that it’s virtual. They can’t see your real desktop behind the virtual one, or anything else on your computer for that matter.

ZDNet did a similar story where they repeatedly called a Windows tech support scammer, just to see what they’d do. The reporter for this story did not use his actual operating system. He let them remotely access a virtual machine he’d spun up for the occasion.

They could have locked Goldman up. Pexels

These were threat level “yellow” scammers

Through a lot of dogged reporting, the Reply All team manages to find the home website for the company running the scam. It’s called Accostings. The link there is to a page on the Internet Archive, because the URL is not working (probably due to this podcast).

It’s Damiano Marchetti, a producer on the show, who does a lot of the day-to-day chasing. He starts to get a bunch of ex-employees on the phone and learns more and more about how the company operates.

“And we learned something else really interesting. Which was that, Accostings, it didn’t start out this way, like it wasn’t always so sketchy. They actually started the company as a real tech support company. And they were helping people with their problems,” Marchetti says.

But it became clear that they could make more money if they tricked people into believing they needed help. To do it, they started robocalling strangers and then telling anyone who called back that their computer was infected by a virus.

When Goldman refused to pay the company for its anti-malware, the “technician” would typically just started lambasting conservative Americans, which is kind of comical. When ZDNet refused to pay, the scammers installed ransomware (apparently out of spite).

These guys are probably IM’ing. Pexels

Accostings could have left a paper trail for prosecutors…

…if a company in India can be prosecuted for crimes in the U.S., and if what it’s doing is a crime. This stuff is fuzzy.

Accostings doesn’t ask for payment in bitcoin. It gets paid through traditional channels. Marchetti found a couple different companies that either do or have processed payments for Accostings in different places.

“So every time someone gets scammed on the phone by someone in another country, or—not, maybe not every time, but basically—if someone tricks you on the phone and takes your credit card or whatever, they need to have a confederate who’s actually based in the country that you’re in,” Vogt says.

Accostings founder may believe that since he’s selling a real product, then he’s not guilty of any kind of crime, so it doesn’t matter if there is a paper trail. Or, they might have simply made this calculated risk: more people will pay if they can do so using a traditional payment method. For better or worse, asking for payment in bitcoin still sends up a big red flag for most people (and then they have to learn how to actually do it).

Either way, this podcast helps to illustrate how competition can nudge companies to manipulate as easily as it can nudge them to innovate. Either one can have the same positive impact on the bottom line.

And they might have gotten away with it, too, if not for these pesky internet kids.

‘Reply All’ Scam Baits an Indian Tech Protection Racket