Have you ever been online when a window pops up saying your computer has a virus and urging you to call Microsoft Support — or Apple Support — at the number provided?
That’s a support scam, Microsoft says, and it’s trying to trick you into downloading malware or handing over your credit card info — or both.
And one telecom programmer has come up with a brilliant and hilarious way to take these scammers offline and possibly put ’em out of business for good.
Roger Anderson, a telecom consultant and owner of the Jolly Roger Telephone Company, built an army of phone bots that sound like humans and stop telemarketers from harassing homes or businesses. It’s not his main gig — he makes his living as a consultant designing telecom systems.
He built the bot army after a telemarketer called his house and used nasty language with his son. Now he sells it as a service to businesses and consumers.
When a telemarketer calls, you transfer the call to the bot service, and the bot gabs with the telemarketer until they figure out they’re being played and hang up. It’s meant to waste their time so they’ll stop calling.
The bot says things like “Yes, “Uh huh,” “I’m listening,” and “Oh, geez, hang on. There’s a bee on my arm. You keep talking. I’m just going to stay quiet because of this bee.”
Anderson gave a hilarious TEDx talk about it in December.
This week, when his computer stumbled onto one of those support scams, a lightbulb went off.
“I ended up getting a pop-up saying my computer was infected,” he told Business Insider. “I felt invaded. I thought, screw that. Of all the people on the planet, I’m probably the only guy that has the tech to make blast phone calls. And I have robots that sound like people convincingly enough to waste time.”
Anderson hadn’t used his bot army to make outbound calls — he said it made him nervous to think of the evil that could be done if the technology were to end up in the wrong hands.
So he called the number on the pop-up to make sure it was a scam call center. It was.
Then he had one of his bots call. The person was fooled enough for the call to last more than five minutes. (Anderson has posted some samples of the calls. It’s like listening to a prank call.)
Then Anderson unleashed the bot army.
“I called 100 times on 20 simultaneous channels,” he said. “They answered, talked to my bots. Then they started to put my bots on hold. Then they started swearing, shouting to each other about what is going on — I could hear in the background. Then I made 500 calls on 20 simultaneous channels to the number. After 300 phone calls, they disconnected the number.”
It took about 15-20 minutes to put them out of business, he said. “I completely annihilated them,” he said.
Anderson wrote a blog post about it that went viral on Facebook, Reddit, and Hacker News.
And now he’s thinking of taking this to the next level, he tells Business Insider. That means letting people report support scams to him, figuring out a way to verify that the phone number belongs to the scammer, and then blasting them out of business with bots.
“I am going to eradicate the inbound Windows Support scam,” he said in the post.
“I personally can put a stop to the Windows pop-up scam,” he told Business Insider. “You report a number to me. I’ve got tools.”
He hasn’t yet worked through the details, but he says he’ll ask for donations to cover the costs of making hundreds of simultaneous calls to offshore numbers, where the scammers usually operate.
And he might even take down other scams, like those from scammers posing as IRS employees.
“I guarantee I have more [telephone] ports in my system than they have in theirs,” he said. “Even if they hang up on a robot, I can congest their call center so their potential victims can’t call in.”