Scambaiting with Wine in Linux

My primary laptop runs Xubuntu, a GNU/Linux distribution based on Debian. When tech support scammers have cold called me in the past, my usual response has been along the lines: “I’m not even using Windows; I use Linux. (click)”

I've seen a few scambait videos that use a virtual machine in a virtual machine, where the outer VM runs Windows and the remote control app, and the inner VM runs some other operating system like macOS or Kali Linux to confuse the "technician". I suggest taking it one step further: load the remote control app in Wine on a GNU/Linux virtual machine.

Wine is a binary-compatible reimplementation of much of the Win32 API on top of POSIX and X11. It can run many Windows executables without modification on an x86 or x86-64 PC. Thus for many but not all users, a Free operating system (such as GNU/Linux or FreeBSD) with Wine installed can substitute for Windows without needing quite as much RAM or a Windows license.

Xubuntu 16.04 offers Wine 1.6.2 in its repository.

$ sudo apt install wine
# Sudo is similar to runas in that it allows elevation to root
# (administrator rights). I’m prompted for my password.
$ wineconsole cmd

Control Panel has three items: Add/Remove Programs, Game Controllers, and Internet Options. But there aren't any explicitly distrusted "fraudulent" certificates in Internet Options.

The `hh h`, `hh 1`, or `hh` trick to use HTML Help as if it were a stripped-down IE does not work because Wine's version of HTML Help quits immediately if the argument isn't a local path to a valid CHM file.

A lot of administrative tools aren't included with Wine. But a couple have rough counterparts in the Ubuntu repository:

# Instead of msconfig:
$ service --status-all
$ sudo apt install bum
$ sudo bum

# Instead of eventvwr:
$ journalctl -p 4 --since yesterday

EXE files can be run in Wine in one of two ways. One is making the EXE executable in the file manager (like `chmod +x`) and then double-clicking it in the file manager. The other is specifying the EXE's path as an argument to Wine:

$ wine ~/Downloads/logmein-rescue.exe

Trouble is that I couldn't actually download any of these remote control executables because I lack a six-digit code. How do baiters test their hunnypot VMs before using them against scammers?

if you have a second computer, you can download the company version of log me in rescue and test it, the two week trial is free and no credit card is required. if you are interested in trying, the link is here: </s><e>