So you found a Tech Support scam number, congratulations!
What I see most of you guys doing are simply posting the numbers here for people to prank call. Once those scammers find out that a number is compromised, it takes a minute to change them.
You can actually inflict much more damage to the people running the scam, from the advertisers to the middle-men to the centers themselves.
First off, take note of and report the URL to Google Safe Browsing: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en and also to Microsoft: https://support.microsoft.com/en-sg/help/930167/how-to-report-a-phishing-web-site & https://feedback.smartscreen.microsoft.com/feedback.aspx (Added 3rd of April 2018)
What happens when you do this is that once those URLs are flagged, paid web traffic that the scammers bought are still being sent to the URLs, however this time round innocent users get a warning on Chrome or Edge, instead of getting the usual Tech Support page you've probably seen before, thus it becomes a waste of a scammer's money, as paid traffic doesn't give a fuck whether a URL is flagged or not.
For example, Indian scammer 1 bought $500 worth of pop-ups from an advertising network. You get a Tech Support pop-up at around $10 worth of spending of that Indian's pop-up credits. You report it. He probably doesn't notice it (unless he's refreshing every few seconds or something) until maybe $200 worth of useless pop-up credits have been spent, or in the best case scenario all $500 worth of pop-ups showing a user of an unsafe site has been spent. (A flagged site looks something like this instead of a Tech Support page -> https://upload.wikimedia.org/wikipedia/en/d/d0/Google_Safe_Browsing_Screenshot.png)
So what next, after inflicting the initial monetary damage to those scammers? Post the numbers and if possible, a screenshot of the scam here. The agents will most likely ask for an error code and/or message, so a screenshot helps the rest of the users here when that happens.
Call them, but try not to act like a retard if you have time to spare. I've listened to calls referencing this website, like why would you even do that? Those fuckers now know where to check if their numbers have been compromised. The key point here of a call is to keep them on the line as long as possible, so the less chances for them to attend to those who really called thinking that their computer has an issue.
Great angles to use when they ask you what you were doing when you got the pop-up:
- Surfing porn (the scammers think you're freaked out/feeling a sense of guilt/afraid of someone noticing that you were surfing porn and most probably think that you'd be more willing to shell out the money to get rid of computer issues ASAP while porn's still playing)
- Doing banking / credit card transactions (a non-computer savvy person would definitely be freaked out that their computers are "infected" while doing banking stuff online, and would likely pay to keep their banking information from being compromised. And banks and credit card = rich to them)
- Online Shopping / Amazon / etc (they online shopping = you have money and they'll try to scare people into thinking that their credit card information etc are being stolen)
Example of a pretty decent prank call - http://tlscomm.party/example.mp3
VM Instructions (credits to v0dka) - replace/d/6096-how-to-hide-your-vm-the-v0dka-way-bonus-activator-included
Poor angles to approach an agent
- "I got this alert playing Minecraft, Roblox, <insert game>" (to them you're a kid and you have no money to pay for their services)
- Cursing and swearing at them (it might be fun but they'll just likely hang up or switch numbers after one too many of such calls)
This I've not tried yet, but you can try reporting the numbers to the common corresponding VOIP providers such as Twilio (https://www.twilio.com/help/abuse), Plivo (can't find abuse reporting) or Vonage (likewise as Plivo), to get their accounts disabled. But given that India has a shitload of people, it might not be an ideal solution as they have the manpower to mass create accounts.
Finally, try to keep them on the line as long as possible, ideally acting like someone who has no knowledge of using a computer. The longer you waste their time, the less people they can pull the scam on, the less they make, the harder it is for them to cover their overheads.
Feel free to ask away or correct me!
Also, Jim Browning's YouTube video is much much more informative than my post, so take a gander here: https://www.youtube.com/watch?v=83y0_ypA3Iw
Also, always use FireRTC. Skype calls have fixed area codes (559 & 661) which many scammers have blocked.
EDIT: Report to Microsoft SmartScreen via this URL: https://feedback.smartscreen.microsoft.com/feedback.aspx
UPDATE 4/20: Play this error code message from pop-ups in the background while dialling, the agents will think you legitly got hit -> https://instaud.io/2eCl
UPDATE 5/18: Added example of a decent prank call and link to v0dka's VM methods.
UPDATE 6/27: Added Jim Browning's great YouTube video, thank you @JimBrowning11
