Have you ever scammed a scammer?

Have you ever scammed a scammer? by Chris Miller

Answer by Chris Miller:

Several years ago a woman messaged me on yahoo messenger. Yeah, this was a long time ago. You see, she selflessly ran an orphanage in Spain. She also had a large sum of money being donated to her orphanage from a wealthy deceased philanthropist’s estate. However, wouldn’t you know, her country’s laws made this very difficult to accept. So, she asked if I would kindly accept the money for her and she’d let me keep a %10 share. Your good old fashioned nigerian 419 scam. It still amazes me that so many people fall for these things even today…

Anyway, so I didn’t have a real job at the time and it was a slow week, so I figured I’d play around with her. We talked on and off for a couple of days and I’d make excuses as to why I couldn’t help her that day. Well on the third day or so, she got antsy. I thought I might lose my new entertainment, so I decided to take it further. She wanted my bank details, so I told her I didn’t want to send them in an insecure fashion.

I used (I think, it’s been a long time) Project Neptune to create a keylogger that would been able to upload files to my FTP server (You know, before the cloud thing existed… Damn, I’m getting old…) I then hid it inside of a self-extracting archive that was encrypted. I made sure to pretend that I did some research on this and made it sound like it was all confusing to me as I didn’t want her to think I was too smart. I threw in a blank text file. Unfortunately, that keylogger was detectable by her antivirus. Getting a FUDed keylogger at that time was hit and miss unless you built it yourself and I’m no programmer. She complained about it and I told her something along the lines of “Well, I don’t want to send it without encryption, but I understand. You really shouldn’t ever open anything that your antivirus says is infected. I think it’s just the antivirus being paranoid, though.” She was desperate enough to open it anyway.

Of course, all she found was a blank text file inside. I apologized and told her I would look into finding another way to get her my bank info. I then ignored her for a few days to let the data build up a bit. The keylogger was setup to take a screenshot of her screen every minute and every time the mouse was clicked. It recorded all keyboard input and websites visited. After I few days I had enough to learn who my hot, asian orphanage running friend really was (which I already had a pretty strong feeling…)

Turns out “she” was a nigerian named Oseni. Mr. Oseni used Yahoo for far more than he should have. That includes storing all of his ill-gotten gains from scamming people. He had his nigerian merchant marine identification saved there, some U.S. college applications (Likely for other scams), and the best part… A document with hundreds of stolen credit card numbers and matching billing information. This guy was a real piece of work… The screenshots showed him on yahoo messenger for several hours a day. He was scamming no less than 3 people at a time. I could have just stopped there, but looking at the conversations he was having, some of those poor people were being repeatedly scammed. Including one guy who agreed to send her money again, this time so she could go to the U.S. to visit him. The good and decent part of me took over.

I pulled everything off of his yahoo account and archived them, then contacted him. I told him that I knew everything. He didn’t believe me. I showed him the images I pulled from his computer and he tried to blame it on his roommate. But, when I told him I was e-mailing everything I had to the FBI, he got all pissed off for a couple of minutes and then admitted everything and told me some sad story about how he can’t make money the legal way. I told him if he promised to never do it again, I wouldn’t send the FBI the files, but if I ever saw him doing it again, I’d send them and he’d be screwed. Of course, I knew the FBI wouldn’t do anything about it, however he apparently thought otherwise.

As soon as the conversation was over, and I already had a browser window open and ready to execute this, I took control of his yahoo account. I might’ve had to use a flooder to disconnect him so I could get him off of messenger, but I can’t remember. Either way, I logged into his account and sent everyone in his friends list a message explaining my adventure and who he/she really was, along with my yahoo messenger info in case they wanted to contact me. Then, I deleted everything on his yahoo account and the account itself.

I got 15–20 messages over the next two days or so thanking me for what I did. I heard from one guy in particular that was really messed up by Mr. Oseni. He had been paying “her” $700/month rent for the past 6 months or so. He was the guy I saw agreeing to send her money to go visit him. The humiliation and sadness in his words was humbling. When I first started, I thought that anyone who fell for these scams were just idiots. After all of that, I realized some of them just wanted to help out of the kindness of their hearts. And some others were just lonely and looking for someone to care.

Anyway, so I continued to check my FTP server for a week or so and I never saw him doing it again. Of course he could’ve used a different PC, but I like to believe he might have changed his ways, even if the chance is very small. Eventually the FTP server stopped getting new data. He finally figured out how to get rid of it. At that point I deleted the archive I saved, since I knew there was nothing I could really do about his crimes. Not to mention that what I did wasn’t exactly on the up and up.

That was my adventure scamming a scammer. Hope you enjoyed it.

Have you ever scammed a scammer?

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s