Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
Bright Mawudor,PhD Profile picture
Bright Mawudor,PhD
@BRIGHTZEED
Founder of @africahackon Blockchain Intelligence at @CrystalPlatform

May 8, 2023, 14 tweets

Someone chose to Target me today for a phishing scam but I decided to play his own game against him
#thread

Got a call today from a gentleman who claims he used to work with me at one of my former company. Engineer scammer1. Well I do not remember anyone by that name in history but he told me he serves on a board of SEKU and he will let someone call me about a tender.

He texted the number and I called Mr scammer2 who told me about the tender but needs 3k to register it on the system. I knew it was a scam but decided to just have a field day, so I did send him the cash. Mpesa actually shows “real” names.

He sent me the receipt which we can all see is fake and the TOR for the tender. I am sure most people would have fallen for this. There are too many ways to generate receipts online and these guys actually paid for a premium version

A simple visit to the website and domain name search can tell you all the indicators of a phishing scam. They could have been clever to copy the real seku website but as usual, scammers make mistakes too

A simple whois search can tell you these guys are in for business and I am sure there are many other domains they have bought to do the same

scammer2 called me with his boss (scammer3) who claims he is the chairman of the board of seku. Scammer3 after long conversations claims there are 14 people who needs to be compensated for the ksh14.7M Risk Assessment tender. Ksh20,000 each but I can send whatever I want.

I decided to just play his own game against him and set up a google form, set up VPS and passed the form through a phishing tool (don’t ask me, there are too many of them there). Called him back and shared 2 links as backup as redundancy (1 bit.ly & 1 ngrok)

This phishing link asks for your location and redirects you to the real google form I created of which the scammer accepted and filled in. I wasnt sure he was going to fill in so I set up another phishing page for Browser Exploitation Framework just in case this fails

Then boom, dude actually clicked on it and He used two phones for this and even though the second time he refused the gps location request, I still got the details.

Of course knowing SPF and DMARC records are not set properly, I sent him an email to come from himself and scripted it to be sent at least 10times everyday for the next 1 month just to teach him a lesson.

He event went to submit his real details...lol

I went ahead to call him and had the funniest conversation ever 
He claims he has been doing this for 15 years and getting arrested will do nothing to him.
whyp.it/tracks/95844/b…

I am pretty sure a lot of people have received the same. These guys did google details to know my history and chose the perfect Fake Tender document to send. I wonder how many other categories they have. Be on alert out there

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling