Blowing up a huge Scam Call Center
This video chronicles the Scammer Payback team's mission to dismantle a massive scam operation after gaining access to their systems through a slip-up by one of the scammers named Roy. For a month, they monitored the group, uncovered their tactics, and ultimately launched a synchronized attack to crash all their computers and disrupt their criminal activities.
1. The Roy Connection and an Unforeseen Opportunity
The video opens with an exhilarating moment where the team gains control of a scammer's computer, setting the stage for a dramatic takedown. This computer, belonging to a large-scale scam operation, became accessible due to a mistake by one of the scammers. The team explains that they will reveal everything they discovered and how they brought the entire setup crashing down. The story goes back a month and a half earlier when they first encountered a scammer pretending to be Microsoft. During that call, they realized they had already accessed this very computer. A few days later, they caught the scammer, identified as Roy, in the act of scamming a lady for $40,000. She was far into the scam, but luckily, they found out she was nearby, giving them a chance to intervene in person.
"She just withdrew $40,000. Such pieces of trash, man. I just hope she's not going to Bitcoin ATM."
Indeed, she was headed to a Bitcoin ATM, but the team arrived five minutes earlier and prevented her from losing her money. They managed to get Roy to shut down for the day. While they initially claimed to have leads that Roy wasn't working alone, this was actually a bit of a deception. Roy's slip-up had inadvertently infected his entire scam group's systems, granting the team control over all of them. For the past month, they had been secretly monitoring the operation, and the scale of what they uncovered was shocking.
2. Unveiling the Scam Group's Modus Operandi
The scam group, consisting of eight scammers, operates a refund scam. They pretend to be a legitimate company that overcharged a victim, manipulate the victim's computer to show an inflated refund amount, and then convince them to "return" the supposed overpayment.
"The store people give you a free trial version from our company, from Macy, and now it's a paid version."
The team identified two main roles within the group:
- Openers: Five scammers who answer calls, connect to victims' computers, and then transfer them to a "closer" with an excuse.
- Closers: Roy, 7SK, and Triple X. Triple X is believed to be the boss, as high-value scams are always directed to him.
Despite their tracking efforts, obtaining identifiable information was challenging due to the scammers' frequent computer changes, likely a tactic to avoid detection. Solo, in particular, changed computers an astounding 11 times in the last month alone! The team also managed to hack the scammers' microphones, allowing them to hear their side of the conversations, including moments of panic as the scammers tried to figure out why their microphones kept unmuting.
"I love this so much. Look, they are torturing these guys."
3. Dangerous Tactics and Location Discovery
This scam group employed particularly dangerous tactics. They frequently activated victim webcams, which the team found "disgusting." This allowed them to capture chilling footage of victims preparing to hand over physical cash, unaware they were about to be defrauded.
"They're such creepy people. I know. They just scan. They just like spy on people like that."
Interestingly, Roy was the only one in the group who had victims send physical cash. The others typically instructed victims to deposit money into cryptocurrency ATMs, which was then stolen digitally. The team suspects this might be because the group knew Roy was compromised and wanted to avoid having their crypto wallets traced. However, the team already had their wallet information and had reported it to their contacts.
Through their investigation, they pinpointed the physical location of the entire operation: the Home and Beyond by Motel Lux Hotels, the same place where Roy was initially found. They estimate the group was pulling in a staggering $90,000 to $140,000 a month.
4. The First Strike: Attempting a Face Reveal
The first stage of their counter-attack was to try and get a face reveal from Roy. Knowing that all webcams were covered, the team devised a clever plan. They created a persistent pop-up designed to look like a camera error message, urging the user to slide open their camera shutter or press a camera button. This window was designed to be the most foregrounded window, meaning they couldn't do anything else but interact with it.
"So, we're going to sew up a little fish. It's going to basically pretend to be the camera. And it's just going to be a a box you can't get rid of. It's going to be perpetually annoying."
The team also linked this with a fake but legitimate-looking Microsoft "camera doesn't work in Windows" help page to further convince the scammers. Their goal was to trigger Roy's actual webcam on the screen, hoping he would uncover it, even for a second, to fix the "issue." They also had his microphone activated to capture his reaction. The scammers became visibly confused and frustrated, restarting their computer, but the team's program persisted.
"Hey, you motherucker. Get out of the computer."
5. The Final Strike: Blowing Up the Scam Center
Despite the fun, they didn't get Roy's face. However, their ultimate goal was to shut the operation down. After giving the scammers some time to cool down, they found them back on the phone with a victim. This was the perfect moment for their final strike.
The team loaded a virus onto their computers, cunningly designed to blame Roy for everything.
"Roy was the start of this. So, now Roy is going to be singlehandedly responsible for blowing up these guys' computers. This is Royy's fault. Roy, you did this."
This virus was packaged as a security message on Roy's computer, baiting him to click it. Simultaneously, they had an API connected to all eight computers in Roy's group. As soon as Roy clicked the virus, it triggered on all connected computers, initiating a synchronized shutdown.
"Your system has been compromised. ... It's hitting all of them. Look, it's hitting all of them at the same time. System under attack. Take action now. IP change. That is so funny. Let's go."
The computers one by one displayed critical system warnings and shut down. While only four computers were online at the time, the virus was persistent. When another scammer later tried to turn on an offline system to continue a scam, they were met with the same "Critical system" message and the accusation:
"Scammer buddy. Roy did this. You guys are scum."
In a humorous twist, the team briefly brought one computer back online to see what would happen. They found a full-screen Notepad message left by a scammer: "you pierogi." 😂
The team assures viewers they have a method to access any new systems the scammers acquire and will ensure they can never scam anyone again.
Conclusion
The Scammer Payback team successfully infiltrated a large-scale refund scam operation, exposed their methods and location, and ultimately brought their criminal enterprise to a crashing halt. Through clever technical maneuvers and a persistent approach, they not only saved victims from losing money but also ensured that the scammers faced the consequences of their actions, highlighted by their final message to Roy: "Screw you."
Need a summary like this?
Get instant summaries with Harvest