• We have updated the guidelines regarding posting political content: please see the stickied thread on Website Issues.

Finding A Laptop In The Street That's Rigged To Steal Your Info

OneWingedBird

Beloved of Ra
Joined
Aug 3, 2003
Messages
15,431
This story was told to me by a work colleague recently, I'm curious though if it's actually a thing.

Colleague reckons she found a laptop in the street under her car so se picked it up, took it inside and powered it up to see if she could find out who it belonged to so that she could return it.

There's a name set up on the computer so she searches it on Facebook and finds the person whose in her area, she asks him a few times where to return it to but he won;t say.

Then the bugger remotes into the computer and takes control of it and starts kicking off with her about her having his laptop. :O She shuts it down and promply changes her wifi password.

If accurate this sounds like some sort of scam, guessing the idea is to nick a laptop to use, set it up to accept remote access then leave it somewhere in the hope that someone takes it home and keeps it, then they harvest passwords, logins, credit card info and potentially blackmail material.

As I said to my colleague, I probably wouldn't take a found laptop home just in case there was something really nasty on it. Some people would though and might not realise to reformat it.

Has anyone else heard of something similar?
 
This story was told to me by a work colleague recently, I'm curious though if it's actually a thing.

Colleague reckons she found a laptop in the street under her car so se picked it up, took it inside and powered it up to see if she could find out who it belonged to so that she could return it.

There's a name set up on the computer so she searches it on Facebook and finds the person whose in her area, she asks him a few times where to return it to but he won;t say.

Then the bugger remotes into the computer and takes control of it and starts kicking off with her about her having his laptop. :O She shuts it down and promply changes her wifi password.

If accurate this sounds like some sort of scam, guessing the idea is to nick a laptop to use, set it up to accept remote access then leave it somewhere in the hope that someone takes it home and keeps it, then they harvest passwords, logins, credit card info and potentially blackmail material.

As I said to my colleague, I probably wouldn't take a found laptop home just in case there was something really nasty on it. Some people would though and might not realise to reformat it.

Has anyone else heard of something similar?

It sounds like the plot of a film I saw. Will try and track it down.
 
This story was told to me by a work colleague recently, I'm curious though if it's actually a thing.

Colleague reckons she found a laptop in the street under her car so se picked it up, took it inside and powered it up to see if she could find out who it belonged to so that she could return it.

There's a name set up on the computer so she searches it on Facebook and finds the person whose in her area, she asks him a few times where to return it to but he won;t say.

Then the bugger remotes into the computer and takes control of it and starts kicking off with her about her having his laptop. :O She shuts it down and promply changes her wifi password.

If accurate this sounds like some sort of scam, guessing the idea is to nick a laptop to use, set it up to accept remote access then leave it somewhere in the hope that someone takes it home and keeps it, then they harvest passwords, logins, credit card info and potentially blackmail material.

As I said to my colleague, I probably wouldn't take a found laptop home just in case there was something really nasty on it. Some people would though and might not realise to reformat it.

Has anyone else heard of something similar?
Never heard of it.
Not sure how it would steal logins, credit card info etc. if it was someone else's laptop... unless they're daft enough to enter all those details on another person's laptop.
 
Sounds vaguely like the 2018 fillum Unfriended: Dark Web, in that someone finds and uses a laptop which turns out have been planted for nefarious purposes.

Finding a laptop carefully placed under a car sounds a bit bomb-y to me. I'd've rung the police for advice. OK, nobody's going to blow ME up, but they may have the wrong car.
 
If this isn’t a foaftale, it sounds as though the potential scammer found the only person in the UK who’d behave in the desired way.

IMO there might be two potential responses from 99.9% of the public:

a) Hand laptop into local nick unopened, or;

b) Report laptop to police as a possible IED.

If it is a ruse, l’d enter it in the “Least likely to succeed” sweepstakes.

maximus otter
 
Details forgotten, but fairly recently some U.S. intelligence or enforcement agency tested security by leaving USB-sticks in the local park where many of the employees took breaks.

Again, figures lost, but a shocking number or staff gleefully picked them up and plugged them into their work computers on a supposedly secure network.

Will fish out details later if nobody gets there first.

Edit: 60%!
https://thenextweb.com/insider/2011...-security-study-60-of-subjects-take-the-bait/
 
Yep, using a laptop sounds odd but a USB-drive could well be done.
 
There's no need to even provide the hardware. Someone at Techy's work logged his phone into what he thought was a genuine public wifi point at an airport.

It was actually a scam site set up to nick data. While he was on the plane his emails and address books were copied and used to scam the company. Caused no end of trouble and expense.
 
The more common trick is to leave a USB drive dropped in the parking lot of a company a hacker wants to hit. Some employee will spot it, and put it into the network, auto-triggering a package of nasty code that then invades the company's software from within their firewall. Laptops by comparison are expensive unless they are very obsolete, and thus not cost effective, especially for identity theft. It would be far more sensible to use some sort of phishing software in an internet cafe computer if you want to steal identities, or any of the other various scams out there.
 
It would be easy enough to leave remote access software on the computer, and then hope (as mentioned in the original post) that the finder just keeps it and cracks on without wiping the HDD. You'd have to rely on a fairly naive PC noob for this pwning to work but it's certainly possible.

As an aside, I think Max mentioned handing it in to the local nick - the Fuzz don't deal with lost property nowadays (national change in policy) so it's actually more likely to work now than a year or two ago.
 
As an aside, I think Max mentioned handing it in to the local nick - the Fuzz don't deal with lost property nowadays (national change in policy) so it's actually more likely to work now than a year or two ago.

Who does?
 
IT security testers have left infected USB drives in company parking lots before, with the idea people would plug them in to see what's on them. This almost sounds like a variation of that.

I imagine spies also do this.
 
Under her car? Was it in a bag? How could it get there without being deliberately placed? Dumped by a thief?

I'd hand it in, primarily because I'm honest, but also because it could be crammed with the kind of stuff that would see a person before the courts on possession. I sure as hell wouldn't let it onto a home network. Apart from infiltration issues, what if it restarts a kiddyporn/Disney movie/terror manual torrent and our IP gets flagged? What if it belongs to an enemy intelligence agent cell that tracks it down and we have to go on the run, getting into action-packed gun battles and car chases and dramatic villainous monologues before finally clearing our names (until the sequel)?
 
Under her car? Was it in a bag? How could it get there without being deliberately placed? Dumped by a thief?

I'd hand it in, primarily because I'm honest, but also because it could be crammed with the kind of stuff that would see a person before the courts on possession. I sure as hell wouldn't let it onto a home network. Apart from infiltration issues, what if it restarts a kiddyporn/Disney movie/terror manual torrent and our IP gets flagged? What if it belongs to an enemy intelligence agent cell that tracks it down and we have to go on the run, getting into action-packed gun battles and car chases and dramatic villainous monologues before finally clearing our names (until the sequel)?

Could be worse.

Could be running Vista.
 
the Fuzz don't deal with lost property nowadays (national change in policy)
That may be so in the underdeveloped southern hinterlands of the island, but here in Scotland, the Polis currently continue to look after Lost&Found items, confiscations, seizures &etc.


but I thought I'd just hand it in here in Thurso station...
I beg your.... what?? Were/are you up in Caithness?

because of the potential for introducing rogue software.
Any organisation that possesses conventional networked computers yet does not enforce USB peripheral security and group policy control does not deserve to be in operation (unless of course they're so hip they permit BYOD and run everything via skinny client or browser frames. In which case it's barely an office....more a soup-kitchen)
 
Last edited:
No, it was just the farthest from 'home' in Kent that I could think of for illustrative purposes.
Fair enough. Thurso is, odd though it may seem from the perspective of the south coast, actually 200miles closer to Stavanger than it is to Kent (bi thi corbie fligs)
 
Back
Top