DEV Community


ScamBaiting Vs HackTheBox

juancarlospaco profile image Juan Carlos ・4 min read

Hacking games are kind of getting momentum recently, mainly on InfoSec,
games like "Hack The Box" and "Capture The Flag" and similar ones,
sometimes games are so complete that teams organized on Offensive and Defensive sides,
Bad Guys that try to crack it and Good Guys that try to harden it.

Often the code, recipes and tools are published for community review,
global rankings, competitive Gamification, Halls of Fame, Charts and stats,
and very imaginative and visual ways of presenting the games.
Fancy hacking games!

Smoke And Mirrors

That sounds kind of interesting and a full round experience,
...yeah, ...but, it is still a Simulation.

The Bad Guys are Fake, the Good Guys are Fake, the Box is Fake.
You are not helping anyone, you are only a number on a scoreboard.

Some games can even be tricked if someone shares the Recipe to win it.

Mimicking that you hack yourself or a fake prepared environment,
a lie to yourself made on purpose for a little bit of ego and a *.JPG badge,
from an skeptic nonconformist point of view this seems limited and mocked.

Does exist a way to get a more Real experience ?.

  • ScamBaiting gives a much more creative and real experience than a fixed Simulation on rails thats HackTheBox.

Fight Back Time

Scam Baiters are real-life Internet vigilantes,
doing real Activism, Anti-Pedophile Ops, or just for fun and amusement.

On ScamBaiting, the Bad Guys are real, the Good Guys are real, the Box is real,
the environment is real, the victims are real, the attacks are real, fraud is real,
you are doing a real-life good to common people, as real as you want it to be,
fighting the good fight by hacking.

Be our Cyber Hero

  • Remember Scam is like a robbery, but virtual.

They steal all money and data from the Online Banking accounts of your parents,
elders, disabled, job-seeking people, non-techie parents, war veterans,
the poor working person.

They will steal all personal photos of your girlfriend/boyfriend,
and silently hijack webcams and passwords of social networks.

They will say that the Social Security Number ID is infected by a Virus to retired people.
They say to hard working migrants that they will be deported unless they send BitCoin.
They will steal money from kids on Steam, about non-existent custom skins.
They will steal from singles on Tinder, about non-existent get-all-the-girls Swipes.

Scaming is a big multi-million Dollar crime corporation,
thats the reason you see so much Spamm everywhere, behind every Spamm theres a Scam.

Its like a crime where you can slow down time by wasting Scamers time,
hacking them up to gather information and data to report them,
any Hacking technique you can imagine will do, defensive or offensive,
making phuns and memes for amusements, form a community of followers,
practice real hacking techniques on real boxes, as real as it gets.

  • If theres Spamm it means someone somewhere is falling for it.

Getting Started

Basically you Cosplay as dumb non-techie Victim, the slower the better,
let Scamers easily steal everything they want from you, keep them interested,
online banking, gift cards, BitCoin, credit cards, passwords, Steam, nudes, data, etc,
the point is that everything they steal from you is Fake, including the PC,
at the same time you can try hack them, collect information to Report them,
get easily distracted about random stuff, sing, play an instrument, beg for mercy,
ask them details about where they are calling from, wheres the office,
usually they will say they are on some city of a first-world country (US, EU, etc),
but sometimes they share their real physical locations,
they are spreading everywhere (Japan, China, India, Africa, EU, US, etc),
find out GeoLocation data (Wifi, Cell towers, Coords), thats useful to Report them,
you can even try deleting their Victims list, so they can not steal more people,
connect 2 Scamers with each other, they will fight for sure,
if you have a friend, you can mimic Victim and another Scamer,
that already got several hundred Dollars from the Victim, they will get mad.

Every minute you hold the Scamer, is a minute they are not on your grandmas online banking!.


  • I never seen this discussed, it felt kinda Taboo, so I meant to write about it.
  • I am not Expert InfoSec, but thats the point, you dont need to be.
  • If you can HackTheBox then you can also ScamBait.
  • Saving the world by doing Memes feel too good to not talk about.

You can now Spamm the Spammers, Scam the Scamers, Hack down the rabbit hole...


Discussion (0)

Editor guide