I just had a scammer on the old VM and I was expecting the classic support.me. However, he had me go to an interesting webpage that was all in Punjabi and couldn’t be translated. Whatever he wanted me to download wanted special access to my network, so I canceled the download and fished around the site. Turns out, there was a link in whatever was written and it led to a whole forum: takala.co.il/forum/forum_topics.asp?FID=9 If any of you guys can translate it and figure out what’s going on, that would be great.
Warning: Please open this on a VM. I have no idea what's hiding on this site.
@DubliuDubliuDubliu#79297 Not sure. I will look into it once I have the opportunity and my computer set up for it.
If you want to catalyse the process, you can just setup a vm along with a vpn, and enter that website on it. I'm currently busy irl and I can only start investigating around the weekend.
@DubliuDubliuDubliu#79297 Translated from Hebrew it looks like a typical Tech Support Forum, most entries are old, going back more than 10 years. Didn’t find anything scammy about the site, seems mostly abandoned with only a few unanswered recent questions.
I didn’t find anything about the domain that was suspicious. I think the scammer on the phone just blew you off with that url, probably this one perhaps: