Security expands beyond informations and systems. It reaches people and affects their lifes and part of somebody’s life is their money. When it comes to scams, the most common trick is easy money. People want easy money. Although the number one priority is raising user awareness about scams, this post is not about raising any user awareness. It is mostly targeted to people who are either part of the field or want simply to have fun.
People are after easy money. People feel good if they think they will earn money while helping someone in need. In general, people are greedy. The problem is that con men are greedy as well. The main problem is how do you con a conman.
Note: The first time someone contacted me for a Ponzi scheme I went to the appointment with a ballpoint pen as a weapon.
My first approach on the subject was purely social engineering. I had knowledge of the subject, I knew what a Ponzi scheme was and I knew how much time I was going to need. The appointment was given inside a local coffee shop and the guy came with a laptop and a random presentation of the Ponzi scheme. So far, so good. I let him introduce the subject, talk about it and then I watched the presentation. At the same time I was ordering coffees, beverages, sandwiches and cupcakes. After all these things I ordered it was time to talk business. I
didn’t like the subject really liked everything and the product was fine and the investment was good but hey pal, I’ll be getting paid in a week so give me a form and some contact details and I’ll get back to you.
I earned: Nothing, but I dind’t spend money. Everything was paid by him. Good guy direct representative. PS: Pal, add this to your losses.
The second approach was multiple personas online. I created a variety of personas. My main focus is that these personas should give a feeling of a person totally dumb that has an overboosted ego and it is easy to exploit them. I waited for the scammers to bite the bait. And they did, as usually. I was purely interested in their money but… Let’s say the persona knows something of scams. And the persona asks before biting the bait, a proof, 200$, or any amount of money, in a paypal account for verification purposes. And some dumb people bite the bait. And their money went to a variety of organizations. And I couldn’t stop laughing.