Or change your grandma's computer to look like a vm so she's immuned

The way he says "Give yourself ownership, give yourself permission" sounds like some kind of new-age motivational speech / self improvement

2 gb of ram, 500gb samsung ssd, nvidia gtx 1080. noice.

Me: (Never Planning to do any scambaiting) Interesting

Honestly the best way to create convincing looking VM is to make the desktop look like as if it's really used by a typical scammer's victim. You know, fill it with some documents, shortcuts, and a tacky looking wallpaper on top of it.

I would have way too much fun with this. The VM would look like this: Computer: IBM PC AT RAM: 2Mb Video Card: Plantronics Color+ HDD: Seagate ST-225 Disk drives: Mitsumi High Density Floppy drive Processor: Intel 286-16

GTX 1080 + phenom + 2Gb of RAM. At least scammers aren't smart.

Idk why but I feel like I can trust this guy with my life

*scammers taking notes*

The fact that they're at the point where they are checking for VMs means that ScamBaiting is working.

Did my first scambaiting call today after going through all the vm preparation, stealthing & weathering to make it look used, and the dude didn't even do any checks for VM!

“Oh! I see that! Alright...” Like a slug retreating from salt.

This was one of the best videos you’ve done in my honest opinion. Teaching other people how to scam the scammers is a great way to lessen the number of scammers. Wasting their time “safely” is key.

14:56 A savvy scammer will notice that your new file name does not have the same icon as the other two files of the same name, and will also probably notice the huge discrepancy in file size. I suggest using another installed executable that is not like the other files it is trying to emulate. I would also throw on a bunch of various files that don't contain personal information, or better yet, a lot of files with your fictitious alias' name/family/employment information that typical users would have after frequent usage on their computer.

If you have a windows 10 VM, go to task manager, click performance tab and click cpu on the left. You'll see 'Virtual Machine: Yes' at right bottom. And there's no L1,L2,L3 cache.

this guys understanding of technology is scary, i’m glad he’s on our side.

Hi again Jim. I was blown away by this tutorial. Excellent work! At first I thought too many of your viewers would have a hard time comprehending everything. But no....it was just me, lol I read all the comments and was impressed with everyone's feedback. Obviously this will be useful to many of your viewers.Well done!!

4:45 Save all that with permissions and make sure you are either logged in as local administrator or the account you are logged in with is in the administrators group. Registry objects belong to owner Administrators group by default.

I love how your channel is growing, keep it up Jim! Good stuff!

17:08 That AMD Phenom II X4 965 having 1 core is a dead giveaway.

Thanks for this, your advice helped! It's surprising to see them becoming so smart, today I called one company up and before assisting they did very vigorous checks to see if the computer was not a virtual machine! I use VirtualBox so some of the steps I had to implement.

A real Samsung SSD does not label itself as "Samsung 500GB ATA", it's something like "SAMSUNG MZNLN128HCGR-000L2".

love that they know we are playing with them... I hope loads of them watch this vid, tell their scum friends and they all start checking... the more time we make them use up every time ... the less cslls they take.

Jim, i personally i have great admiration and respect for the work u do in this channel, scamming the scammers, reporting them to the autorities, etc, and this video is another example of it. One of the best of this kind (scambaiting, tech-savy stuff etc). Thank you for another informative and useful video!

Do the reverse on your tech naive family/friend's computers as a backup in case they are fooled by scammers :)

A better way to change the device names, which also works with other virtual machine software is to open device manager, and for each device that gives away that it's a VM opening its properties, opening the "Details" tab, copying the "Driver key" value, searching the registry for it, and changing the "Friendly name" values, or creating them, after giving yourself permission to edit the keys

Can you please do a tutorial on capturing the data in wireshark?

Even though this tutorial is designed for virtual machines, it helped me fix an issue with HID devices on my real system. Thanks, Jim.

+Jim Browning To make Windows 10 not report that its running under a hypervisor, you'll have to add this to your vmx file. cpuid.1.ecx="0---:----:----:----:----:----:----:----" This will mask out the bit in the CPUID that lets the OS know its running under a hypervisor, otherwise it'll say in the task manager under performance -> CPU that its a virtual machine, which could blow your cover. Not sure what the performance impact is, but I'm sure it probably isn't much if any at all. Also, msinfo32 will also report that the machine is running under a hypervisor unless you change this.

I'm over halfway through all your videos. Not only are you the first channel to do that but I also watch them in entirety. I really enjoy your videos man.

Jim: "I have to go out to programs, and back to programs and features to see the changes" Refresh button: "Am I a joke to you?"

Jim's instructed are quite clear. This is a virtual machine so it’s OK to poke around the registry but it’s even more important that you only change the registry if you know what you’re doing especially on a non virtual machine. Thanks Jim.

So in order to improve the security of my family members I just need to rename their devices to VMWare. That's a nice idea :D

Another exceptional video, clear, concise and to the point and extremely informative to the viewer. I can't thank you enough for all your hard work and time you put into creating this exceptional video!

i love at the beginning he sees the VM ..."oh...alright" and hangs up lol gives up

I really felt it when you said ' please comment and subscribe because it gives me MOTIVATION to do these kinda videos '. I have subscribed long back I start with liking the video and then watch it. But that hit me. Thank you for spreading awareness.

I wish to have more tutorials from you. This is brilliant stuff. You are a hero jim.

This is awesome, the more people fighting back the better. Listening to those conversations I can tell that they have some very basic knowledge of computers and dos commands. They know enough to scam old people.

I would really like to see you getting into all the machines on their network and transferring horrendous viruses that will take ages to get rid of.

I started watching these videos a few weeks ago, and have thought about doing something similar to what you are doing, I'm sick of these 6 spam calls a day. Thanks for showing this, though I'm still not sure I'm going to try it. I frequently waste their (scammer's) time but what I've seen you do in video over the last week has been epic. Keep up the great work.

thank you for what you do, and helping us keep up with the ever changing environment!

I came back for this on my NEW PC! Thanks Jim as always!

Alternatively you could just make the scammer unable to even check those entries in the first place. I also suggest setting the registry entries from an Admin command line instead of changing permissions in the registry. But great tutorial. (Name your Devices "Tech Scammer detected!" and see what they do :D ) I also wonder how Tech Scammers deal with Linux machines

I love your channel and you are a Hero for me because you help a lots of people specially those seniors who have a little knowldage about PC and I'm so happy that you are teaming up with other KZbinr like Pierogi (ScammerPayback) and some other who are really very helpful in combating this plague of society. More power to you all. We are your fan and thank you for your service.

7 scammers hate this

Please don't forget to not leave the browser's history empty. That's among the first things they check. They ask what browser you use, they open it, see that the history is empty or almost empty, then they make an attempt at syskey then hang up. It's also recommended to just have a scammy pop-up ad visible in one browser tab, because they often start with asking you to show them the error message you got. It seems they've already encountered many scambaiters who just call them on the number they've seen in other scambaiting videos, but can't show them the "error message".

Windows: so you need regedit edit these fields which are found using this weird key. Linux: just fucking sudo nano /etc/whatever

you probably know this by now but just in case anyone else comes along who doesn't know it: f5 to refresh does not only work in the browser, it also works in normal folders and windows. so instead of always having to go out and back in to the installed programs window, you can simply hit f5 and it should refresh automatically. can't test this myself right now unfortunately, but i'm fairly certain it'll work.

Presses windows key, starts typing VMware, "sir you are on a virtual machine"

Leave a tab with a Jim Browning video open on your granny's pc. Scammers will know and leave.

I've just hit by accident a French language (my native language) equivalent of these fake "Critical Windows Alert" pages today. I've made a quick call, someone picked up so the number still is active. It's a grey and slow week-end so I'm going to have some fun with them too. But before this I shall use this helpful information to carefully disguise my VM, thanks. Now up to playing amateur Jim Browning too!

You have to give those scammers props, at least they were smart enough to figure out that it's fake Wish they used that intelligence on helping people...

Beautiful video man! I use VirtualBox from time to time, and making it look like a real computer might come in handy. This is what makes Windows so amazing IMO, you can change just about anything about it. That also means you can screw it up and have to start over, but that’s a nice thing about a VM.

Your computer needs fixation before you can go to the goat house.

7:49 "...let's try Nvidia" and almost typed NVindia 😅 Jim is cursed

Dear Jim, there's still the services by VMware, however a tiny program called Resource Hacker can be used to rename those. I suggest you put an addendum in the video description. Otherwise, great work as always. :)

Me : Watching this video since I like your style of "anti-scamming" and find it enjoyable Also me : Realized within the first 4 minutes of the video what I was doing wrong for recovering access on my old 'My Passport' external drive so it's no more on 'Read-only'. (Literally just my dumb self writing 'Admin' instead of 'Username' and almost pulling my hair out wondering what else I could do to fix it, without realizing I was at the right place all along...) Tl;dr : I thank you for indirectly fixing a problem of mine, as well as thanking you for your 'anti-scammers' work!

Had an interesting situation where a scammer connected and was somehow immediately alerted to the fact he was in a VM. What ever "custom" remote tool they used "bogar" had some kind of VM detection.

I run a lot of Windows VM's on my Mac, including bare-bone Windows VM's, perfect for scammers to get into. I actually enjoy answering phone calls from scammers, but haven't yet gotten far enough for them to try connecting to my computer as they usually hang up on me the moment they realize I'm not as gullible as they first believe. I like this. May try it down the road.

Thank you for all that you do

Please do more of these! I’ve discovered proxmox and NoMachine and scam baiting or not, you have a lot to offer viewers with your knowledge of VM’s.

how to destroy indian economy 101. thank you for the tutorial

LOL I've been primarily running my work machines as VM's for the past 18 years! Courtesy of VMware Workstation, then VMware Server, Fusion, ESX and ESXi. The benefit of adhoc, regular and multiple automated snapshots is just WAY too awesome and the performance hit is negligible. I can also move my VM's from physical machine to physical machine via USB or in an automated fashion with syncing over a network or the Internet. Device abstraction means that PC upgrades are completely devoid of driver issues, periodical snapshots eliminates risks associated with upgrades, malware and user errors and VM's being comprised of files for disk image, memory image (for online snapshots) and VM configs, means that offline and offsite backup is absolutely trivial. I'm glad to see that some scammers would think my regular setups are merely to scam trap them. LOL Although I'm never going to chat with them, much less install AnyDecks.

It would actually be NVIDIA GeForce GTX 1080 -a GTX 1080 owner

Love your instruction style. 1st time through I was hooked on every word. Perfect pace.

the most technical comment section i have ever seen on youtube

We’re living in a great time if you think about it. A majority of scammers are answering the phone and having to check EVERY system they try to scam to make sure they aren’t the ones who are actually being scammed lmao.

What if the scammer goes into the C:/Program Files folder? Then they'd see the VMware folder and most likely do the same thing.

I Fear that these type of videos will somehow benefit scammers more. What's to stop them from creating a VM and when Scam baiters conect to their machines they'll be wasting their own time trying to shut down these scammers. We've already seen the scammer (at the start of this video) is catching on and is now looking for the VM machine. Sometimes in our quest to help prevent something/someone from hurting or taking advantage of people, we try to make those people (possible victims) aware of it, but we are invertedly making the scammers better and more aware of our methods. Without these videos we don't realise the scam, but also the scammers learn from them and become better scammers. Scammers stop watching these videos. Lol

Scammer : exists Jim : I know your t location, your ip address, and what you had for breakfast.

Really first time to see something like this in VM .Thanks a lot for the detailed and comprehensive explanation :) .

To make it realistic, download some random files in the vm, so it looks like it's used

Jim, I've literally watched all of your videos and just noticed I am now all the way back in 2017!

One thing, if you go to Task Manager and go to Performance, it says “Virtual Machine: Yes”

amazing video .. even though this is 7 years old I just built a computer using old stuff and a fresh hard drive to start scam baiting .. and followed these steps. The only thing you didnt cover was the stupid vmware logo in the my computer area which i've found other videos for but they seem to not work as i can't find the 6006 file that needs to be edited .. thanks for everything you do Jim!!!

Hey Jim question, everything has worked beautifully until I get to the point when I install the Stealthy registry key as Admin and it installs the new file you have titled Microsoft C++ but it does not remove the VM Ware tools form installed programs how do I fix this?

Jim you are so smart thank you for making this vid normally I would just prank call the scammers but now I waste there time even more and you should be working with Microsoft you are really intelligent

Scammer that can identify the vm after this, can probably just get a job.

Oh, I'm gonna have so much fun. Thanks a ton, Jim!

Jim... did you ever do a VBOX/WIn7 version ? If so, I can't seem to find it. Link? Thnx bro

Enjoy your work. Have you toyed with the idea of creating a guide from start to finish? Wireshark, VM setup, a general overview. I think most of us here could kill some time by pestering some scammers too!

I wouldn't pick a 1080 if you gave your VM only 2 gb ram.

Truly brilliant Jim! Good work 👍🏼

One other thing you want to make stealth are the services. They often ask you to go in services to show you how many services are stopped. But in there you have VMWare services. You can rename them by going to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services And find the services you want to rename, then change their DisplayName and/or Description. Most of them will be start with vm so they're easy to find. One was in VGAuthService. Otherwise you can just do a right click on the Services folder, and do find, to find services related to VMWare. Once it is done, you have to restart the VM for changes to take effect. After restart, go back to services.msc and sort them by name, and go check you don't see any VM something.

I love you! This is the real approach. If we want to WIN we need multiplyers !!! There should be whole chanels to help people becomming scambaiters and to make scambaiters more sophisticated in theire game! Populate the whole internate with scambaiters! The world needs: *Scambaiting propaganda -A Brand, as brands form social identities. -A Logo, because the world is all visual nowadays. -A Motto, because visions draw-in like minded people and communicate the spirit of "the movement". *Community -A platform that helps Scambaiters acting "as one" in the public -A platform to share scambaiting techniques -A platform to share and improve modells of monetizing scambaiting -A platform to share best practices to avoid legal problems, while scambating or striking back

wow!!! new video please

Fantastic stuff mate, I have time on my hands I may just indulge myself doing this kinda thing, thanks for all you do bro.

As last step I'd reccomend to rename solitaire.exe to syskey.exe (and delete the original file). So you also can blame the Scammer to play on your computer! :)

Love these videos. Very useful. Always makes me realize how little I know about my pc...

uHM... the VMware Tools doesn't dissapear...

Jim you are a gift to humanity my dude. Keep it up good sir.

I'd build a VM that was seriously infected, with real viri, to see if the scammers would fix anything if it actually existed.

You are the best. The rest are just having fun with even innocent call centers

Jim, awesome video man. Really helped me out. A couple of notes thought. I found a couple other things that out right say VMWare on my system, I don't know if it's for everybody but if it is they're VMWare VMCI Bus Device and VMWare VMCI Host Device under System Devices (I'll put the driver keys at the bottom) Also, if the scammers are particularly vigilant they may notice you have an NVidia card but don't have Geforce installed as most users often do. And if you'd like help with making your VM look legitimate someone recommended me ninite.com so you can download all you programs at once. Lastly, a question. Do you know how to change it so in task manager under performance tab it does not say "Virtual Machine: Yes"? Driver Keys: VMWare VMCI Host Device Driver Key {4d36e97d-e325-11ce-bfc1-08002be10318}\0133 VMWare VMCI Bus Device Driver Key {4d36e97d-e325-11ce-bfc1-08002be10318}\0132

I'll try and set up the virtual system based on your help.

Jim, how can you make sure that the scammers won't find a way to break out of the virtual machine into your actual computer? I'd be very interested in a video on that topic!

Great tutorial. The registry files need to be changed for VMWare 14. Easy to edit in notepad doing a find and replace. Replace: 43F974C0D0E8C1C4D9CA1C70A1C60570 with A1119D3420AE2864FBC3FECD6BA2980B. Thanks again Jim for all your great videos and help.

The perfect virtual machine would be to just use some old computer you have collecting dust around the house, bonus if it's newer than a Pentium 4. You could also liberate a retro machine from most thrift stores, yard sales, and you may even have friends or families willing to part with an old beater. It's relatively inexpensive to fix up and use an old machine, parts are cheap on ebay or Amazon and best of all, you don't need to put your expensive daily driver in harm's way *and* it takes one more old pre-built off the used market so people are encouraged to donate the newer hardware they won't use and can't really sell so it discourages new purchases, promotes used sales of newer hardware and cuts into the bottom line of maliciously greedy corporations, forcing them to cut inflated prices. Basically, if you want a fail-proof scam bait machine, just buy an older beater so you don't risk your pride & joy.

Love your vids and you, man! Kudos for all the good work. Enjoying binge watching your vids!!

Sir! You should start a course of teaching such stuff! I believe you will earn alot!