I’ve been watching some videos with scam baiters. Some of them just waste the scammers time (like I do from time to time) but some of them will wreck their computers.
So two different scenarios:
1 - In some cases, they do this by Trojan horse. I.e. they’ll have a file marked “Credit Card Information” or “Bank Information” but is actually an infected exe. The scammer downloads the file, and once they run it their computer is done.
2 - In some cases, they reverse the connection allowing them control of the scammers PC. They then either syskey the computer or in some cases try to get an infected file onto their PC, and execute it.
So what is the legality of this? It seems that, while righteous, it would be illegal. Of course, the scammers have little recourse to complain. It seems unlikely that anybody would bother prosecute (and good luck getting a jury to convict).
IANAL and the legality probably varies by jurisdiction.
I’d say 2 is almost certainly illegal in most jurisdictions. 1 is probably is more questionable as the scammers are being proactive in stealing the file from you. I’d guess if all the facts are known and could be proved, it would be illegal at least in some places just as booby trapping your car in a way that can cause injury is illegal in many places.
Not the same. In the US the courts hold that protection of property through a boobytrap is illegal because of the possibility of injury or death. That is not what happens when boobytrapping software.
All 50 states have computer crime laws. There is also a federal statute, but I don’t know that requires interstate hacking for it to kick in. And I don’t know if any of these laws prevent you from hacking someone in another country, which I am sure is where many of these scammers are.
The Federal government is currently deciding a new standard, though, that might allow for greater freedom in this realm. The last overview of the proposal, that I read, was that corporations would be free to hit back at anyone abroad, but they had to register a request with the FBI and get approval for it.
I’m challenging only the “because” part of this statement. Can you provide a reference to a legal decision that made that specific claim? That is, it would have been found not illegal if such a possibility did not exist?
Scambaiting is a sport and wasting their time and money,keeping the scammers away from real potential victims and screwing around with the minds of deserving thieves.
If you fancy trying it, here is an excellent website for advice and success stories.
So if a criminal tries to burgle my house, and I break his burglary tools, is that illegal?
Not that I think it’s likely that the burglar would go to the police about it. (Nor would these scammers from Nigeria or wherever.) But nowadays, I suppose they could find a shyster lawyer to sue me in Civil Court.
Legal or not, what jury is going to convict?
**
Prosecuter:** I am going to show how the defendant willfully and maliciously destroyed the property of SuckEmDry.com and… (pauses as the foreman of the jury rises)
FotJ: (glancing at the other jurors who nod in confimation) We, the jury find the defendant not guilty.
Prosecutor: But I haven’t presented my case!
Judge: Yes, you have; defendant, you’re free to go. Counselor, I’d like to see you in my chambers.
Specifically this case said if you are at home, sure, you may grab your shotgun to repel an active intruder; but if you’re *not *home then you may *not *leave a tripwired shotgun set to blast whoever comes in.
If he’s in the process of attempting the burglary and your actions to deter/repel the burglary and/or chase him away result in the destruction or seizure of his tools, you should be within your rights. But the Law will probably not be as sympathetic if you wait a couple of days and go into his garage in the night to wreck his property.
Ummmm … yeah. Remember that the conversation was about boobytraps specifically and if boobytrapping software is illegal because boobytrapping your home is illegal. Not sure how your point about stand your ground applies.
It was addressed in the case – a state case in Iowa – as the distinction on when you can take a certain kind of action against an intruder. The court found that boobytrapping your home went beyond the bounds of what was reasonable self defense. Which ISTM raises the question, is software running in the background to thwart an attempted hack or scam by causing retaliatory or preemptive damage to the intruding system akin to a passive boobytrap, or to active defense?
Damaging somebody else’s property (i.e. hacking their computer) is a crime. One of the definitions of hacking includes (quoting from memory here, so not exact language) ‘accessing another persons network, devices, system or resource without permission’. scenario 2 definitely matches this. The first scenario is called ‘phishing’ when it’s done to innocent consumers and also considered a crime.
I’m not aware of ANY legal principle that legalizes revenge. I’m pretty sure the hacking laws don’t exclude systems and resources owned by hackers. I know for a fact, the police needed a warrant to hack the Silk Road servers a few years ago, and even that was challenged at trial.
There’s a big difference. Booby trapping a vehicle is frowned upon because they are typically in a public place and there could be instances where first responders / law enforcement need to get/look inside a vehicle.
There is no way in hell anybody needs remote access to my files without my permission.
Think about it this way. To make it a closer analogy, imagine you went to the burglar’s house, broke in, rummaged through his things to find his tools, and broke them after finding them. Would you expect to be prosecuted if caught?
True. The Law recognizes and allows private self defense and reasonable protective measures, but discourages private revenge and retaliation and excessive response, as the whole point is that it is the society/state who assumes the punitive function. Where do you draw the difference is itself up to the Law to define — it may or may not have done so on a specific case, though.
As DesertDog mentions, this is a case for jury nullification if there ever was one.
Whatever scammer tries to sue someone for destroying his computer, or have him criminally charged, had better hope I’m not on the jury. Because I am voting Not Guilty/finding for the defendant, instantly and automatically, and I am never going to change my vote.