Virtual Machines are virtualized computers used for multiple purposes. They are basically a PC in your PC and require virtualization software and the virtualized PC or an operating system. We use them for a variety of purposes. Some of them are used to provide a secure, sandboxed environment for the scammers to connect to, without harming your host PC with all your personal files. Another purpose is the use of highly customized operating systems that contain tools and software used for scambaiting research, penetration testing, or other IT-security-related tools. To run a virtual machine, your computer needs to have somewhat recent specs, such as at least 8 GB of RAM, about 25 GB free disk space to accommodate the software itself as well as the virtual machines and a decent CPU such as an Intel i5-7xxxx or an AMD Ryzen 5 2600 or better.

Windows 11 Scambaiting VM

If you don’t want to go through all the hassle of disguising a virtual machine and getting it ready, then look no further. I present my pre-made scambaiting virtual machine and its required software:

This virtual machine is based on Windows 11 Insider Preview. I created this virtual machine for VMware so it works best with VMware products, e.g. VMware Player (free) or Workstation Pro (paid) to run. Download the .7z file. To unpack this archive, you’ll need 7-Zip (download link below). Open VMware and click on ‘Open’ and select the .vmx file. I set RAM to 4 GB, depending on how much physical RAM you have installed, change it up to 8 GB for better performance. Don’t assign more than 50% of your physical resources to the VM. The default user is Joe, the password is 0808. Also, I included a fake popup if you need one. It’s located on the desktop as ‘Micerosoft’ link. You can edit the number in the HTML.

Version 1.0 (2021-10-11): initial release
Version 1.1 (2021-10-12):

  • fixed the Task Manager saying “Virtual Machine: yes”
  • fixed Installed Programs showing VMware Tools


Windows 10 Scambaiting VM (paused)

If you don’t want to go through all the hassle of disguising a virtual machine and getting it ready, then look no further. I present my pre-made scambaiting virtual machine and its required software:

I created this virtual machine for VMware so it works best with VMware products, e.g. VMware Player (free) or Workstation Pro (paid) to run. I converted it to VirtualBox as well which should work, just I don’t know if it’s fully disguised. Download the .7z file depending on which version you want. To unpack this archive, you’ll need 7-Zip (download link below). Open VMware and click on ‘Open’ and select the .vmx file. I set RAM to 4 GB, depending on how much physical RAM you have installed, change it up to 8 GB for better performance. Don’t assign more than 50% of your physical resources to the VM. The default user is Ben, the password is root. This virtual machine has BestX Keylogger installed to see what the scammer is typing. To see the interface, open the Run box with ⊞ Win + R, then type unhide. If that doesn’t work you need to re-install BestX Keylogger (bestxsoftware.com). Also, I included a fake popup if you need one. It’s located on the desktop as ‘Micerosoft’ link. You can edit the number in the HTML.

Credits:
– Basic VM provided by Microsoft at https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/
– Jim Browning [Tutorial] How to make a stealthy Virtual Machine at https://youtu.be/6TM45vNI4Qc
– Lost Key who created an easy-to-use batch script: https://pastebin.com/hRsC5a8h
– UFO Pilot’s fake msinfo32: https://scambait.club/upscambaittools/upmsinfo32
– Firefox Browser History generator: https://trackthis.link
– Cyberror Scambaiting Guide: https://web.archive.org/web/20210214220701/https://cyberror.com/how-to/scambaiting-guide/

Kali Linux

Kali Linux (formerly known as BackTrack Linux) is an open-source, Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali Linux contains several hundred tools targeted towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics, and Reverse Engineering. Kali Linux is a multi-platform solution, accessible and freely available to information security professionals and hobbyists. It also contains software, namely Maltego, used for OSINT investigations and thus is interesting for us scambaiters.