I got a call today from someone who claimed to be with the "Canada Public Safety Agency" saying my "cyber id" had been traced to spam emails and he needed access to my PC to check it. He gave me a name (probably bogus) and a phone number of an actual federal government agency http://www.publicsafety.gc.ca/index-eng.aspx but his caller id didn't match the number. I told him off and hung up. I'm thinking this was a missed opportunity to fire up a honeypot and let the caller take control of it and delve into what he was trying to do.
Has anyone done this? I've googled around and see there a some open source distros in this area and am leaning towards Stratagem. I have no idea how much work it is to support one of these or if I will get any useful data from it, other than the satisfaction of screwing with the scammers. I'd be interested in hearing others experience with honeypots. BTW I called the government agency and there must be a lot of this going on because their recorded message says that if you got a call from them to ignore it - it is a phishing attempt, and to report it to the anti fraud centre which I did http://www.antifraudcentre-centreantifraude.ca/english/reportit-howtoreportfraud.html . Greg _______________________________________________ clug-talk mailing list clug-talk@clug.ca http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
