What are /r/scambait's favorite Products & Services?

From 3.5 billion Reddit comments

Everyone should check https://haveibeenpwned.com/ and stop using the same password for every account. Get a password manager like Bitwarden, 1Password, or KeePass to make your life easier and more secure.

NordVPN and ExpressVPN are two very well known legitimate VPN’s.

You can just google popular VPN’s. Any that consistently come up should be fine. Only look at paid ones though, they don’t sell your data for money.

They are just the lowest of all slimeballs. They got your email and password from hacked sites. This is just fishing for suckers. Check this database out to see if your email and password are in any of the big data breaches.

https://haveibeenpwned.com/

Paul Manafort, Rick Gates, George Papadopoulos, with one guilty plea, all three related to the investigation into collusion.

They are very good, I have been using this provider since 2014. They do have a con though, while you used to be able to watch Netflix/Hulu/ect on their servers, unblocked ones are becoming scarce. I switched to NordVPN and have had little trouble watching Hulu through it

If that doesn't matter though, PIA is fast and their app has gotten much better over the years

First of all, free VPN's are not recommended by any tech-savvy guy. Everyone knows that in many cases third-party companies are involved, so God knows what's happening with users personal data. Of course, I'm not saying that that's the case with every free service, but I think it's better to be safe than sorry. Especially when you can find a good quality VPN with a decent price these days. Many providers are offering black-friday deals at the moment, try looking into r/vpncoupons, maybe you'll find something on NordVPN or Express.

Ninite is a good start for filling your VM up with software to make it look used.

Hide the install dates on the add/remove programs window and also do the same for last modified dates for your windows explorer.

Oh, you have to use a good VPN - that´s a given. I use NordVPN and sometimes TOR (not a VPN) and sometimes both together. I steer the end node to look like a US, UK or German IP - scammers like these places.

A different topic, but if you intend to send an ID to draw the scammer in, your email address should be the name on a fake ID. I use fake IDs that scammers sent to me in other scams, but you can get these from Google.

Ooh. See Privacy.com. Basically generates virtual debit cards for you with limits that you set. You can pass fake personal info for the billing info on any site. You can set limits like $1 total, $10 per purchase. Each card is locked to a specific merchant. You can even make one time use cards that destroy themselves after their first use.

The service is free.

You can technically use them as physical cards if you make a device such as magspoof. I've used it to pay in stores like Safeway and Lowe's just as a proof of concept. I'm working on a platform that automatically generates and uses merchant cards using the Privacy API and your current location.

I’ll occasionally scambait and this is my setup:

VM Program: Oracle VM VirtualBox (free, make sure to hide VM traces like display drivers, install guest additions, and remove all shared folders/disk drives, etc.)

VoIP: TextNow (free, has both Windows 10 app and web interface)

VPN: ProtonVPN (free subscription, has Windows program, not sure about Mac)

Edit: MAKE SURE YOU TAKE A SNAPSHOT OF YOUR VM WHEN YOU HAVE IT THE WAY YOU LIKE IT. I learned this lesson the hard way. It isn’t a short process getting it back, but it’s your preference.

Edit 2: If you want to record, use OBS Studio. It’s lightweight and easy to use. Just make sure you read it’s manual, it may be intimidating at first use.

Edit 3: I’m sorry for all the edits. I just keep forgetting things. It helps to have a text document of all your “information” (e.g. fake address, name, TextNow number, etc.) as well as all your logins and whatnot. I have a free Kaspersky on my scambaiting VM, as well as the Microsoft account, Gmail, and others. It helps to have all the logins in one place. Also, make sure you do not (ever) link yourself to any of the fake information. Don’t use your name in anything, or any repeated passwords.

Why did he change his signature? Was always

https://www.amazon.com/MARSTEP-Signature-Sticker-Window-Decoration/dp/B09C4NH3GB?source=ps-sl-shoppingads-lpcontext&ref_=fplfs&psc=1&smid=A3VCL6M83WGOSY

Here's my process, it might or might not work depending on the hosting provider for the scammer. So far it works with Namecheap.

I just keep chatting with the scammer. Ask simple questions and act like you're interested, but you're not sure or have technical issues.

Tools Have an email account that isn't tied to your real self, and that you're not afraid to get spammed if they retaliate. Set up a virtual machine with a VPN, I personally Parrot OS (similar to Kali linux) and I use NordVPN. Parrot and Kali provide a lot of information gathering tools that can be used as evidence when reporting. (Do NOT actually try to hack them, that is illegal even if they are scammers.) Whois is a tool for getting information about domain. Most useful is to get the registrar of the domain. Whois info usually has an abuse email address you can send your evidence to.

Gather any evidence you can. Chat logs, emails, screenshots of the website and website source code. (Ctrl-u opens a tab with the page source code) Here you can find things like hard coded testimonials and transactions.

The more evidence of scamming you can get, the better.

Finding out who it actually might be is next to impossible. Playing along to waste time, scam baiting, is not for the weak-hearted. Use a VPN (I use Private Internet Access-$40 bucks a year). As for wasting time, how about, your camera is broke, you are at work and can’t send pictures, try a grabify link to some male pirn star site, tell them you are out of minutes on your phone and need a google play card to add more, or do an update. Oh my! Did you drop your phone in the toilet while trying to take those special pictures for “her”. Once it goes to the blackmail part, tell them your bank is the Bank of Mianus and you have to see if you can pull funds out of Mianus (my anus-my ass), and then there is the part where you tell them to just log in to the Bank of Mianus and transfer out what they want (I have a picture if you need it, just DM me). If they ask for gift cards, I have pictures of those as well, with receipts, Bitcoin walket? Got one of those too. Most of all have fun.

Hello u/TheScamTroll! In your video's comments, someone suggested to put fake icons on your desktop to make it more realistic. This is a good idea, except if the scammers click on one. Instead, use Ninite to bulk-install lots of real programs.

I unfortunately do not know that, but heres whats written in the FAQs of telegram

https://telegram.org/faq#q-if-someone-finds-me-by-username-messages-and-i-reply-will-they

I've been testing privacy.com with legitimate vendors and found that it only gives the name of the company. The head guy of donotpay said that his fake credit card would give you not only the name but also the address and phone number of the robocallers.

Did donotpay actually deliver the address and phone number of the scammer? Was the scammer name alone on privacy.com enough to go on to sue them?

I found out the websites registrar is Godaddy.com and this particular url was literally made 3 days ago, so I reported the URL, hoping Godaddy will actually do something, but I doubt it.

He’s using a proxy on a server out of Hauts-de-France, FR that belongs to company called OVH SAS.

A lot of scammers use a proxy like this to avoid revealing their actual location. Even if you had their real location, the FBI has no jurisdiction.

The best thing to do is just lead these guys on and wast as much time as possible.

You can report abuse to OVH if you’re so inclined. However, the scammers are their paying customers, you are not.

TextNow is a free VoIP service, it works really well and is absolutely free.

There are ads, but they aren't intrusive. You can also easily delete your number and generate a new one if you need to.

I've personally used it to sign up to services without giving out my real phone number and it hasn't given me any problems. But they will delete your number if you don't use it for a long period of time.

The best way is sign up on dating sites like match.com Use a profile something along the lines of Widowed house wife ,tired of traveling alone looking for life partner ect. Anything you can hint at to suggest your well off finacially will really bring out the scammers in force.

I have the most fun when I improvise and develop scambaiting skills as I need them. But these have been the most valuable things I've learned:

• Always use a virtual machine and VPN; some emails can hurt your machine. Virtualbox and ProtonVPN are good free options.
• IP trackers like grabify and readnotify are fun tools to get a bunch of dirt on scammers.
• You can find so many tools and tricks at
• You can get fake phone numbers easiest at
• Don't send a believable fake ID; scammers use them on future victims.
• Have fun and waste as much of their time as you can. Picking fights after you've led them on lets the conversation drag on longer and ruins their day (making them even less productive).

Windscribe, TunnelBear, or ProtonVPN are good starts for free VPN solutions. I'd recommend doing your own research as well to get a better feel for functions and features offered.

A couple key aspects I usually keep in mind is a kill switch just in case the server connection drops. The second is logging, some VPN services log your activity which is a potential privacy leak to say the least. Speed will also be a decent factor if you're running VoIP over it as well. I'd recommend testing your setup prior to engaging in any baiting activities to ensure your setup is solid.

bro, ask for a screenshot of the "2,000,000.00 bank account". if they say "it is a breach of my personal information", if they send the money, spend it in a couple hours, and donate some of the money to charity, and convert the rest to BTC, so they can not pull a fast one on you.

how to spend BTC:

Buy a VPN subscription with bitcoin

Bitcoin debit cards

​

Notable vendors that accept Bitcoin:

1. ExpressVPN
2. microsoft
3. newegg
4. dish
5. gyft
6. expedia
7. namecheap
8. roadway moving company
9. at&t
10. Hawk Host
11. pureVPN
12. overstock
13. hostwinds
14. hostinger
15. Purse (let me explain)
    

This is a popular platform that allows people to buy products on Amazon using Bitcoin. Although Amazon doesn’t directly accept Bitcoin, Purse will enable you to pay for products on Amazon using the leading cryptocurrency.

I use FireRTC because I don't mind not getting a call back. You can set anything for the caller ID (it's not a real phone number, but it will display it on the recipient's phone.

But they suspended account creation for a while.

So if I call a scammer and want to get calls back, I am using TextMe app (Android Google Play | iOS App Store). Your 1st phone number is free and calling any US and Canada and toll free numbers are free. However, international calls require you to earn credits (you can do so by completing ad offers or by buying credits). If you burn your number, getting a new one is not free, however you can get a new number for free by not being active on the app for 30 days (they will automatically burn your number, but assign a new one to you for free once you come back and use the app).

Nice job. Run the VPN on your host machine so it's not visible to the scammer. I use a mix of AWS EC2 and TunnelBear myself. You can use AWS WorkSpaces but it shows as Windows 7 Data Center so you'd need to explain it's your work PC or something.

Recommend that you get something good that will keep you hidden, something like CyberGhost Free will keep you hidden for 3 hours if you don't have premium. or also works, just Google something like (top VPN software) if you want to find another one.

By far the greatest part of this scam is the "Presidential license". It's a fake ID you can buy on amazon for $13.

http://www.amazon.com/ABH-Barack-Obama-presidential-license/dp/B006WP9NXC/ref=sr_1_1?ie=UTF8&qid=1460263892&sr=8-1&keywords=presidential+license

"Barry"

This is the app I use on my Galaxy S5 and it works well. I had another that was working, but for some reason stopped recording the other side of the conversation, so I moved to the app linked.