A tech support scammer making random phone calls in the hope of finding a victim called the cybercrime squad of an Australian police force, which used the happy accident to document the scam and inform the public what to watch out for.
The call was placed to the Financial and Cybercrime Investigation Branch (FCIB) in the state of South Australia, where the local Police force serves 1.75 million citizens.
“No one is safe from receiving scam robo-calls, not even the police,” the Force said in a canned statement. But when the scammers called, they were put through to the FCIB which used a “secure and controlled environment … to gain an insight into how this current scam was operating.”
Details of FCIB’s secure environment were not disclosed, but the Force has revealed that the scammer was told that there had been a security breach on their computer and was asked to open a Windows command line, visit a dodgy website and then download something called “SupRemo.exe”.
“When we queried why software was being downloaded, we were initially met with hesitation, before the caller tried to reassure us that the software would help fix our internet problem,” the Force explains.
Nice work if you can grift it: Two blokes accused of swindling $10m from the elderly with bogus virus infection alerts
The FCIB officer said they couldn’t make that executable work, so the scammers tried to have them download other apps. “After we kept experiencing problems, the caller terminated the call.”
The Force has ascertained that the software was a remote access app but said the site also offers better-known and more-reputable remote tools such as TeamViewer and Zoho.
The scammer claimed to be calling from Australia’s National Broadband Network (NBN), which as a wholesaler has no business making calls to end-users. SA Police also pointed out that the URL used – www.nbn247.weebly.com – should be clue that the call is dodgy, and advised residents not to download software they don’t understand and certainly not to do so as the result of a random incoming call.
“Police recommend that you do not engage with scammers,” the advisory ends, noting that the FICB has specialist kit to handle this sort of thing. The Register is tempted to ask if it’s permissible to keep scammers on the line long enough to ask why their remote access software for Windows isn’t doing so well under Linux, but we suspect the question won’t be appreciated. ®