Popup Hunting: VM setup

Popup hunting is the practice of hunting down popups. Popups are malicious websites that give false virus alerts and funnel victims into technical support scams. Being able to hunt for popups is a fundamental skill for technical support baiters, and having this skill frees you from dependence on numbers that others have posted publicly, and which have inevitably been called many times already. Getting your own fresh numbers makes baiting easier and far more fruitful.

Step 1: VM
The first thing you will need is a new vm. I don’t recommend using your bait vm as the links will look suspicious if a scammer goes through your history. I also do not recommend you use your host machine as you will not be able to accept the notifications, which scammers use to hide popups, without being spammed to hell. Don’t use any browser except edge.

Step 2: Clean IPs
Head over here and read the article on getting a clean ip. Popups won’t appear otherwise. NEVER USE A VPN ON A GENERATOR SITE!!! Excessive vpn usage will get the ads banned or taken down, and degrade the site further.

Step 3: Generators
Its time to get some generators. There are two main ones, PopupDB Generator and https://gen.sober.monster/ . Neither of these have been actively maintained for years. In my biased opinion, you should head over to https://spambaitmail.org/mass-opener as well. I will be maintaining this site and expanding it so that as popupdb and gen.sober continue to degrade, spambaitmail will improve. I recommend saving these as bookmarks. Don’t open them yet!

Step 4: Notifications
I recommend you accept all notifications as they come up. Many scammers nowadays are using notifications to hide from scanners and baiters who normally ignore them. You can find some push notification advertisers here: All posts of category 'push-ad'.

Step 5: Adware
I like to add some adware into the mix, its easy to report and gives you some ads in each page. You can get some adware here: All posts of category 'adware'. I recommend the mylead.global adware. Some baiters aren’t comfortable with this as they think something bad will happen if they install a program into their vm. This step isn’t critical, but there is no reason to be worried about having the adware in your vm. Take a snapshot of your VM now!

Step 6: Opening
Open each of the generators. Make sure to click all the ads you see in each page, on spambaitmail some are link shorteners, so make sure to click ‘continue’ or whatever through each level until you get to a youtube video about soccer. This allows you to get as many ads per ip as possible. Once you have gone through all your sources, reset to the snapshot you took to clear all your browsing data, then go back to step two and get a new IP. Make sure to search during US work hours, scammers are inactive during the rest of the day.

Step 7: Reporting
You can report your popup by going to Report a Phishing Page, looking up the whois provider and sending them an email, as well as posting it to scammer info. An easier way is with the discord bot available in our discord server: FTScanners. The bot will do all the heavy lifting for you.

Happy hunting!

There aren’t any popups pictured below because I am making this post during off hours.

Gen.sober and popupdb are out of date so you may have to deal with broken sites:


Make sure to allow popups:

Norton Malicious Affiliate Advertising:

McAfee malicious affiliate advertising:


This is the page you should see when you get through a link shortener:

Ouo.io Link shortner, known for distributing popups. Available through spambaitmail mass opener.

Sample Adware:




4 Likes

That’s a lot of great info! I’m definitely going to bookmark this post.

2 Likes

I usually quite enjoy pop up hunting. If I can get a good microsoft pop up that does what I want it to it can usually make for some pretty entertaining audio recordings. Especially if the scammers do what I want them to do LOL.

1 Like

Awesome! I’m glad you like it :). I updated the generator on spambaitmail since making this post, so it should work even better now.

Also, https://spambaitmail.org/push-ad/2022/12/29/rexpush will give an absurd amount of push notifications, mostly malicious.

2 Likes

I will definitely be putting that page through its paces this week. Gotta get some more scammer vs scammer stuff lol.

2 Likes

Hell yeah! Can’t wait to see it

Made some minor updates on the popup gen. Taking suggestions if anyone has some :slight_smile:

1 Like

New links added to generator. Happy hunting!
https://spambaitmail.org/mass-opener/

2 Likes

I really appreciate the site and the guides you’ve done. Very helpful!

1 Like

Thanks for the kind words! There aren’t too many users right now but I think with support and a little work we came make it indispensable for any baiter.