Scambait Beginner's Guide

Scambaiting beginner's guide

Intro

Are you looking at how to scambait? First and foremost, thank you for showing an interest in combatting scammers, they are one of the plagues we suffer as a society with little action being done about them, so it is important for us to fight back and track down these fraudulent individuals and companies. Information is key, and the more we have on these scumbags the better. Take pride in the fact that scammers regularly talk about Jim Browning as if he strikes fear into their hearts, this means scambaiters are definitely making a difference, but we can always use extra help! Make sure you register for an account on Scammer.info so you can publicly expose scammers, they can threaten legal action all they want but nothing will happen to our site.

Mainstream media may have you believe scambaiting is racist and not actually helpful, but this is completely the opposite. Nobody is baiting scammers just because of their race, it is solely because they are scamming people! Sure people will bring race into it and make fun of indians by stereotyping them as scammers, but this happens to every race & ethnicity, there will always be people that bring race into things, but that doesn't mean everyone is thinking the same way. I'm sure you've all laughed at a stereotype joke before, Chinese having squinty eyes, British people loving their cups of tea and having bad teeth, Americans being fat & carrying guns, etc.

Scambaiting is also absolutely not a waste of time... for you at least! If you're wasting the time of a scammer you are saving someone else from being scammed at that time. The longer you keep a scammer tied up talking to you the better, so put on your best innocent victim act and keep them going until the end of time.

Getting started

You must remember that you are dealing with criminals. Never give any personal information out, and when posting information online make sure you include as much info as possible to help track down & prosecute whoever was involved.

It would be best for you to create a fake online persona, and use that as your identity whilst dealing with scammers. A VPN is optional, as there isn't much a scammer can do with your IP address besides DDoSing you and finding your approximate location. You can easily setup your own personal VPN by purchasing the cheapest OVH VPS server and sticking OpenVPN on it, this provides you with a cheap option to hide your IP address and will protect you from DDoS attacks.

Next, if you are baiting a tech support scammer or similar which requires use of your computer, you will need virtual machine software. You can use VMware or VirtualBox, which will need an ISO file of an operating system to work. You can download a free evaluation version of Windows from here, but this would be more obvious that it's a virtual machine to a scammer. There's a premade ISO file of Windows 11 available made by NeeP, click here to check it out. Scammers have caught on to scambaiters' tricks and will check if you are using a virtual machine or not, so check out this video from Jim Browning on how to make your virtual machine more stealthy.

See also: Fake bank & scambait tools by SoupNudle
Free alternative: DSJAS

Calling scammers

Obviously, you want to call the scammers to bait them, but what should you use? If you are unable to afford a VOIP / SIP service there are free alternatives available. Textnow.com allows you to have your own number, so a scammer can call you back, along with free calls to US numbers and other countries. BobRTC is a service made by scambaiters which allows you to call numbers for free, though you must gain tokens from calling tollfree numbers in order to call non-tollfree. The numbers on BobRTC are verified scam numbers and you are unable to call numbers not listed, only trusted users can add to the phonebook there.

You must never use your real phone to contact scammers, as they will most definitely use this against you, either by placing your number on a list to spam call or by spoofing your number so that lots of people start calling your number back believing you called them. 

If you want your own virtual phone number which can send and receive calls you can search for "voip service" in Google and find the best one for you. You will need a softphone to make these calls, again, you can find several good softphones to use on Google. Personally, I use Zopier as my softphone and Zadarma as my sip service.

Tracking scammers

If you're looking for something easy to use, you can try Glasswire firewall, which gives you realtime information of the devices connected to your machine. Some connections from scammers can be used to find their IP addresses, but this is not always the case. If you are a more advanced user, you can use Wireshark to trace the IP similar to Glasswire.

Using a RAT (Remote Administration Tool) to monitor a scammer's machine is an excellent way of obtaining information about them, however this process can be difficult depending on who you are dealing with. This is also an illegal act, even if they are criminals themselves, but they would need to personally file a report against you, so if they are scammers I doubt they would actually go to the police. It's best if you stay away from this area unless you know what you're doing, but of course you're not going to listen to this, I can't really expect you to. Just make sure you don't mess with an innocent person or cause damage to a legitimate business.

Usually scammers will keep files with victim's information on their computers, but this might not be as common anymore due to the amount of scambaiters gaining access to their machines. It is possible that you may stumble upon credit card numbers, addresses, full names and more of victims that have already been scammed, if this happens please contact one of the moderators or admins of Scammer.info so we can assist in contacting the victims so they can learn more about what happened and hopefully get their money back.

See also: ScamLockHolmes' collection of scambaiting resources you must be logged in to view this.

More to be added...

  • I found this guide useful
  • This guide wasn’t useful to me

0 voters

7 Likes

Thanks for a great intro! I’m trying to get back into the scambaiting scene and posts like this are super helpful. I did it for years back in the early 2000s. It was tons of fun, there was a whole group of us that worked together, developed tools, shared mailboxes, and all sorts of good stuff. Starting over from scratch and doing it alone is leaving me somewhat overwhelmed. That said, I’ve got a solidly convincing virtual machine, a good backstory developed, and a textnow number, so I’m going to dive in and refine as I go.

3 Likes

Please Cont This! its soooo good

It keeps telling me that ScamLockHolmes page doesn’t exist? I’ll assume that while I am logged in, somehow this is my fault lol. Loved the article, thanks for sharing.

Oh sorry, he posted it in the “Members” section which requires level 1 trust to view.
I’ve edited this so you only need to be a registered user now.