Giving the bad guys a taste of their own medicine

By | August 31, 2020

I’ve just been catching up with the tech news, and came across something on the BBC that really made me chuckle.

An internet security researcher from France has managed to give a cyber-crook a taste of his own medicine by emailing him a ransomware file.

The trick went like this.  This researcher’s parents were browsing the web when they came across a scary-looking message.  It’s a type of attack called a “scareware” message – it’s designed to look like a security warning from your own computer, but it’s actually a scammer.  They give you a phone number to call or a website to visit to fix the problem and get you to pay them a chunk of money to get rid of the problem.

Only this time, the “victim” was an expert who knew exactly what he was doing.

He called the number to talk to the crooks, but when they asked for his credit card details he said he couldn’t read his card – could he email a photo of the card instead?  The criminal on the other end of the phone said yes, and so our internet security guy sent him a bit of ransomware disguised as a photo instead!

Very naughty, really, but I can’t help thinking it serves them right!

There are quite a few people I know – including our own Mike here at Helpful Books – who take great pleasure in wasting the time of these crooks.  One time he managed to keep them on the phone for nearly 20 minutes before they realised he wasn’t quite the mug they’d taken him for!

Wasting their time is a great way to make the whole thing less profitable (if you know what you’re doing!), but our advice would always be to play it safe and either close the tab straight away if you’re on a website, or hang up if they call you on the phone.

If you do think you’ve been the victim of a scam, you should report it to the police immediately via Action Fraud.  You can make a report on their website, or call them on 0300 123 2040.

Stay safe everyone

Leave a Reply

The name you enter will be displayed. We collect your email address but do not display it. Full privacy policy here. Required fields are marked *