Popup hunting is the practice of hunting down popups. Popups are malicious websites that give false virus alerts and funnel victims into technical support scams. Being able to hunt for popups is a fundamental skill for technical support baiters, and having this skill frees you from dependence on numbers that others have posted publicly, and which have inevitably been called many times already. Getting your own fresh numbers makes baiting easier and far more fruitful.
Step 1: VM
The first thing you will need is a new vm. I don’t recommend using your bait vm as the links will look suspicious if a scammer goes through your history. I also do not recommend you use your host machine as you will not be able to accept the notifications, which scammers use to hide popups, without being spammed to hell. Don’t use any browser except edge.
Step 2: Clean IPs
Head over here and read the article on getting a clean ip. Popups won’t appear otherwise. NEVER USE A VPN ON A GENERATOR SITE!!! Excessive vpn usage will get the ads banned or taken down, and degrade the site further.
Step 3: Generators
Its time to get some generators. There are two main ones, PopupDB Generator and https://gen.sober.monster/ . Neither of these have been actively maintained for years. In my biased opinion, you should head over to https://spambaitmail.org/mass-opener as well. I will be maintaining this site and expanding it so that as popupdb and gen.sober continue to degrade, spambaitmail will improve. I recommend saving these as bookmarks. Don’t open them yet!
Step 4: Notifications
I recommend you accept all notifications as they come up. Many scammers nowadays are using notifications to hide from scanners and baiters who normally ignore them. You can find some push notification advertisers here: All posts of category 'push-ad'.
Step 5: Adware
I like to add some adware into the mix, its easy to report and gives you some ads in each page. You can get some adware here: All posts of category 'adware'. I recommend the mylead.global adware. Some baiters aren’t comfortable with this as they think something bad will happen if they install a program into their vm. This step isn’t critical, but there is no reason to be worried about having the adware in your vm. Take a snapshot of your VM now!
Step 6: Opening
Open each of the generators. Make sure to click all the ads you see in each page, on spambaitmail some are link shorteners, so make sure to click ‘continue’ or whatever through each level until you get to a youtube video about soccer. This allows you to get as many ads per ip as possible. Once you have gone through all your sources, reset to the snapshot you took to clear all your browsing data, then go back to step two and get a new IP. Make sure to search during US work hours, scammers are inactive during the rest of the day.
Step 7: Reporting
You can report your popup by going to Report a Phishing Page, looking up the whois provider and sending them an email, as well as posting it to scammer info. An easier way is with the discord bot available in our discord server: Discord. The bot will do all the heavy lifting for you.
Happy hunting!
There aren’t any popups pictured below because I am making this post during off hours.
Gen.sober and popupdb are out of date so you may have to deal with broken sites:
Make sure to allow popups:
Norton Malicious Affiliate Advertising:
McAfee malicious affiliate advertising:
This is the page you should see when you get through a link shortener:
Ouo.io Link shortner, known for distributing popups. Available through spambaitmail mass opener.
Sample Adware:
