We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
Scam Interceptors programme that's been on BBC1 at 10am recently
Murmansk
Posts: 1,120 Forumite
in Techie Stuff
Many of you may have seen this programme but for those that aren't aware of it they have a set of ethical hackers who hack into a call centre in Calcutta and they are able to see various different scams actually going on.
The most common one seems to be where people get an automated message claiming to be from Amazon saying they've been charged £79.99 for Amazon Prime and to press 2 if they don't want to be charged. Pressing 2 puts them through to the scammers who install remote access software and get them to fill in a form on the screen. The victim fills in the form and enters £79.99 but it's set up to take it as £7,999 so the scammers then tell them they need to pay back the overpaid refund amount.
Anyway, most of the people who inhabit this forum are probably very scam-aware but, although the programme is a bit repetitive, it's probably targeted at the people who are most likely to fall victim and perhaps who are most likely to watch daytime TV too so I hope it's successful.
My question relates to how they manage to hack into these scams because I'd have thought it was technically illegal? Have they perhaps got some permission from the authorities to do it for a good reason or maybe all the technical stuff is done in India, where presumably the law is different, and then it's "beamed" to the UK where they're not actually doing the hacking but just watching a feed?
The most common one seems to be where people get an automated message claiming to be from Amazon saying they've been charged £79.99 for Amazon Prime and to press 2 if they don't want to be charged. Pressing 2 puts them through to the scammers who install remote access software and get them to fill in a form on the screen. The victim fills in the form and enters £79.99 but it's set up to take it as £7,999 so the scammers then tell them they need to pay back the overpaid refund amount.
Anyway, most of the people who inhabit this forum are probably very scam-aware but, although the programme is a bit repetitive, it's probably targeted at the people who are most likely to fall victim and perhaps who are most likely to watch daytime TV too so I hope it's successful.
My question relates to how they manage to hack into these scams because I'd have thought it was technically illegal? Have they perhaps got some permission from the authorities to do it for a good reason or maybe all the technical stuff is done in India, where presumably the law is different, and then it's "beamed" to the UK where they're not actually doing the hacking but just watching a feed?
0
Comments
-
Ethical hacking (or penetration testing) is the exploitation of an IT system with the permission of its owner to determine its vulnerabilities and weak points. That's the key difference between ethical hacking and the more commonly heard hacking.Its not illegal if you give them permission to do so. Anybody who cares enough about their setup will invite it to be hacked ethnically, as the same procedures will apply "in the wild" as it were.Bit like car insurance with ability to drive other cars "with the owner's permission". With it, you're covered. But if you nick it, you aren't (though I suspect if you're going round nicking cars and think your insurance is covering you, you have more serious issues).0
-
The legality around "hacking" also involves intent and outcome. If a hacker does so with malicious intent and commits criminal actions such as changing data / obtaining money etc then absolutely it is illegal.Murmansk said:
My question relates to how they manage to hack into these scams because I'd have thought it was technically illegal? Have they perhaps got some permission from the authorities to do it for a good reason or maybe all the technical stuff is done in India, where presumably the law is different, and then it's "beamed" to the UK where they're not actually doing the hacking but just watching a feed?
Many of these ethical hackers are simply obtaining access through insecure systems that are already wide open to access, just needs a bit of specialist knowledge.
There is a whole industry around ethical hacking, people are doing it daily against systems around the world with the intent of finding vulnerabilities that can be fixed to prevent criminals taking advantage of them, this work is completely legal.
Some people earn a lot of money doing this with something called "bug bounties" whereby the discovery of a major flaw will be reported to a software company who will pay the hacker a reward for finding it.
Many companies pay ethical hackers to find those vulnerabilities, something called penetration testing.1 -
I can’t see anything in the Computer Misuse Act 1990 about intent or outcomes.
1Unauthorised access to computer material.(1)A person is guilty of an offence if—(a)he causes a computer to perform any function with intent to secure access to any program or data held in any computer [F1, or to enable any such access to be secured] ;(b)the access he intends to secure [F2, or to enable to be secured,] is unauthorised; and(c)he knows at the time when he causes the computer to perform the function that that is the case.No reliance should be placed on the above! Absolutely none, do you hear?0 -
Having said that, I don’t think that it’s in the public interest to prosecute the people in that programme, even if it’s a crime.No reliance should be placed on the above! Absolutely none, do you hear?0 -
Who's going to make the complaint??? You hack a hacker and he's not going to be saying anything as well as law not covering the country the hacker resides in.
There are a couple of guys on YouTube that actually hack the call centres cctv and watch their reactions as he frustrates their scams. Much more satisfying and amusing than the programme currently on TV.Drinking Rum before 10am makes you
A PIRATE
Not an Alcoholic...!0 -
Jim Browning is astonishingly good - his technical expertise and his empathy for victims.
https://www.youtube.com/watch?v=mPpuUnQ6cac
0 -
Not sure how that relates to the OP?Neil_Jones said:Ethical hacking (or penetration testing) is the exploitation of an IT system with the permission of its owner to determine its vulnerabilities and weak points. That's the key difference between ethical hacking and the more commonly heard hacking.Its not illegal if you give them permission to do so. Anybody who cares enough about their setup will invite it to be hacked ethnically, as the same procedures will apply "in the wild" as it were.Bit like car insurance with ability to drive other cars "with the owner's permission". With it, you're covered. But if you nick it, you aren't (though I suspect if you're going round nicking cars and think your insurance is covering you, you have more serious issues).
Unless you are suggesting the scam call centre gave the BBC permission.0 -
'Jim Browning' was interviewed on a recent edition of Scam Interceptors.Cornucopia said:Jim Browning is astonishing good - his technical expertise and his empathy for victims.https://www.youtube.com/watch?v=mPpuUnQ6cac1 -
That's what I thought!
Unless you are suggesting the scam call centre gave the BBC permission.Not sure how that relates to the OP?0 -
I did watch a couple of episodes and agree they quickly became repetitive, inevitably really. What concerned me was that if ethical hackers can gain access to systems as easily as they seemed to, it's obviously just as easy for the bad guys to do the same thing.
0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.2K Banking & Borrowing
- 252.8K Reduce Debt & Boost Income
- 453.2K Spending & Discounts
- 243.2K Work, Benefits & Business
- 597.6K Mortgages, Homes & Bills
- 176.5K Life & Family
- 256.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards