One of the largest online communities of security researchers is organizing a night of fun, learning, and research, during which they plan to reverse the table and prank call tech support scammers.
The event is scheduled for later today, 20:00 UTC (15:00 ET), and is being organized by The Many Hats Club, an online community that formed last year, and which has become one of the largest of its kind, with thousands of security researchers sharing tips and career advice on an open Discord channel.
The community hosts weekly podcasts with some of the biggest names in the infosec industry, podcasts during which industry insiders share the craft of their trade and give out advice to newcomers.
But later today, the group's experts plan to cause torment to tech support scammers --criminal groups that use malware or malicious websites to trick non-technical users into paying for tech services they don't need.
The main objective of these prank calls is not just to get payback against criminals, but also to showcase social engineering techniques to other researchers, techniques that can be deployed by other infosec experts and authorities alike to gather details about where these call centers are located, and possibly take them down.
"The purpose is not just prank calls," Stuart Peck, the founder of The Many Hats Club told ZDNet in an interview earlier today. "I deploy social engineering techniques to trick them into giving information away."
"We had one person disclose information about where he worked. One told us how people are recruited into this line of work, and for some, it's a way of life," Peck said.
"Other calls have involved the main people behind the blackhat SEO campaigns [that promote] the support numbers and how they recruit people and pay per post.
"Although they are fun and highly entertaining, we want to disrupt the operations, gather as much intel as we can, and then take offline to do some OSINT [open source intelligence] research, and provide this where possible to the relevant agencies," the researcher said.
Peck and his friends aren't picky about who they'll call tonight. If you've been fooled by one of these tech support scammers in the past, you can share the phone number with the group on Twitter, or on their Discord channel.
ZDNet readers interested in listening to the calls in real-time can join The Many Hats Club Discord channel via the following link: themanyhats.club/invite.
Pulling pranks and recording tech support scammers isn't a new practice. A Twitch streamer by the name of Kitboga has made quite a name for himself doing just this, with nearly 300 prank calls recorded and shared on his channel.
Tech support scam websites and call centers have been a global problem in recent years. Microsoft in 2017 received 153,000 reports from customers across the globe who had fallen for a tech-support scam. The figure rose 24 percent compared to 2016.
Last year, Microsoft complaints with Indian authorities have resulted in the arrest of 63 suspects and raids on 26 New Delhi-based call centers.
Google, too, has recently taken actions against tech support scammers by banning the advertising of tech support services on its ads platform.
There are multiple variations of a tech support scam, but all are based around the concept of showing an alarming popup to a user to scare him/her in calling a tech support number to fix a non-existent problem.
There are tech support operations that rely on luring users on sites and showing the popups via the browser, there are tech support groups that show the popups at the OS level by using malware, and there are groups operating via emails or cold-calls, without showing any popups at all. All are bad, regardless, as all rely on tricking users into paying for software or services they don't need.
More security coverage:
- Over 4 percent of all Monero was mined by malware botnets
- Temporary fix available for one of the two Windows zero-days released in December
- Online stores for governments and multinationals hacked via new security flaw
- Websites can steal browser data via extensions APIs
- Security researchers take down 100,000 malware sites over the last ten months
- Popular WordPress plugin hacked by angry former employee
- Twitter messages to Russian cybersecurity firm helped NSA leak probe CNET
- Marriott reveals data breach affecting 500 million hotel guests TechRepublic