How do you scambait?

What are your methods in scambaiting and how can someone scambait efficiently and safely?

Scambaiting is Dangerous and Risky if you don’t know what you are doing… I wouldn’t recommend doing it.

Thanks for the info!

i njRAT scammers

Use Textnow, a fake alias, and a fresh email (preferably protonmail), and you should be safe and fine. If you are really new, stay away from using a VM to have scammers connect to you, and stick to fully on-call scams like PCH, Gift Card, Robocallers, SSA (if you can find a working one), travel, etc.

People are going to scambait regardless of whether you tell them to do it or not so rather than telling them off, warn them and give them guidance so they can be safe. Regardless, there is very little risk associated with scambaiting in and of itself. When is the last time you actually heard of a scambaiter having some negative repercussions for scambaiting?

@Eggo6645 give this a read: https://spambaitmail.org/info/2023/01/16/scambait-safely
This stuff is not as hard as some make it out to be, and it is safe if you follow the most basic of logic.

I’m a UK scambaiter I use a USA number and fake us generators address tool I bait UK Watts app with fake number and PCH scammers in the usa also using fake emails for baiting a proxy and Vpn I use onion browser and duckduckgo for more protection also use a fake name fake bank ect

Most safe one that i made right now it’s, download scambitting tool create a Micorsoft Azure VM after that create a TextNow account using (HOLA VPN and MullvadVPN) after that go on into the Microsoft Azure VM run scambitting tool ( aci1337/scambaiter-tool (github.com)) spoof your VM to look more real after that go on and call them you can troll them alot because:

Micorsoft Azure vms have the ISP Microsoft Corporation so they get pretty scared sometimes

Thank you everyone for the advice!

Scambaiting is dangerous. If you don’t feel comfortable doing it, do not do it. there are still ways to help the cause by donating or giving out tips. But if you are willing the risk: here is the one thing to always do: DO NOT GIVE OUT PERSONAL INFO, EVER! Overall, this leads me into my tips to help be successful (when it comes to privacy)

Use VOIP apps such as TextNow and Google Voice. Even if you don’t use a voice changer and/or on a phone, you always use a VOIP. Scammers can sell your real number, even your VOIP also (but if you use a VOIP, its not so bad unless you have notifs on it).

when dealing with text support scams: ALWAYS USE a virtual machine (right now particularly windows 10). there are plenty of VM programs such as Virtualbox, VMware, QEMU, Hyper-V, etc. I am now using QEMU (linux based VM program).

If your worried about your main host, I suggest using linux (preferably if your a advanced user).

Use a VPN (I use one in browser in VM’s) to hide your true location. For your sake, I suggest using one on your main OS and configuring it to your VM.

Last but not least, if your not comfy with using your real voice, use apps such as voicemod, clownfish, and lyrebird to mask it. you can always configure your settings on your PC to use it.

With fake bank accounts, I have a “bank” (its not really a bank, its just simple HTML telling you that its “down for maintenance”). If you want to make a true fake bank, here somewhere on this site can show you. if you don’t want to do that, there is website to where there is a endless loop (GIF) to troll scammers also. (link here: Loading...) Best to pretend you have a fake local bank for the endless loop.

last but not least, WASTE THE SCAMMERS TIME! Don’t expect to get a walk every time to go up to bat. Your not gonna always get a good hit by finding accounts or addresses, so if you just waste even a few minutes of their time, that’s still money they don’t get.

good luck in your scambaiting career. DM Me if you need help.

Nigerian scammers are fools. They think you are dumb, and this is why they try to push poorly made stories, but they lose ground quickly if you challenge their stories. keep challenging their stories, and keep telling them their fake stories make no sense. they lose patience fast. To see the full extend of Nigerian scammer’s stupidity, give them a little to nibble to keep their attention, but deny to comply with their main demands, with the reason you do not believe their made up fake stories. This is how they are cooked in their own sauce.

I use Linux VM on a Linux host. Usually i give them compromised documents, with malicious macros, so i waste their time discussing the content, while the macro is doing its thing.

I entertain their idea to gain time and get things going, then i show distrust and doubt, and concern if this is a scam, and i gradually make it more and more difficult for them, using logic and reasoning to challenge their scenarios. Indians have proven to be dumb and stupid, they cannot think by themselves alone, they cannot judge facts, they cannot figure out things by themselves alone. I use this to challenge them, constantly pushing them out of their script, and every time i push them off the script i accuse them of being scammers. At some point their inability to take control over the situation make them angry and lose their cool and start to try to mess the computer. well they cannot. it is linux, not windows, they do not know linux and how to compromise linux, so using keybindings in the background puts them off rails, and they cannot figure what is happening, and why the computer has a mind of its own. at the end their files are destroyed. Keep in mind that i try to keep them as long as i can looking the document so i give chance of the macros to hit the more data as possible.

rule of thumb: the lest control of the script and situation they have, the funnier it becomes. Just keep them out of control by challenge their inability to think and figure things by themselves. This is how things work with them.

I’d suggest reading this

I 100% stand behind that forum article. it is pointless. not for legal stuff but rather how quicker it is now days to backup and recover files. best thing to do is listen into conversations and to try to end the call between a victim and scammer.

Just do the OPPOSITE of what I do. I do not use an alias or hide my phone number. Strokes run in my family. I would rather have a quick glorious end at the hands of a fanatical scammer, rather than have one stroke a year for four years and lose my mobility, my marbles, and my dignity.

I disagree that destroying their networks is pointless. it gives the trouble, it cost expense to restore. not only that they pay for new installation and setting up again, do not make money while they are losing the money. being derailed enough times they will loose ground. deleting/encrypting files means you deny them their victim lists, their scripts and scenarios, this means they have buy new lists, new scripts, new scenarios while installing and setting up computers. Call flooding them is another way to deny them income while you put charges on them. Their idea is that they will pay the phone call 20 or 50 dollars for longtime international calls, but they rely on 500 or more income justifying the expense of the call and have profit. basically as long as you mess with their money flow, they will figure it out eventually that it is not working…

You can do the same thing by watching and saving victims if you already have access, which would cause more harm long term. If you see things like https://www.youtube.com/watch?v=kKp_tvNiBGw or https://www.youtube.com/watch?v=JydiHT-YiHE if those scammers just got their files deleted or their network destroyed, none of this would of happened.

It’s probably not that expensive for a scam center to recover from, the longer your on the their, the more potential damage you could cause with information you gather such as a police raid. Plus, if the police already knows about them and they do end up getting raided, that’s less evidence for the police.

“Scambaiting is dangerous” that’s cap sir, scambaiting ain’t dangerous at all i am doing it from when i was 12 rn i am 14 it’s funny as hell and not dangerous overtime u will be more good at it. It takes time tho.

It can be dangerous, don’t underestimate these scammers. While the majority won’t do anything, if someone slips up e.g. using their real number to call in a country where a number can lead to an address then who knows what they could or would do, likely nothing but they could. These people are criminal’s, you have to understand and their are some risks if your not safe.

And to answer that question with out going into too much detail a couple months ago.