Who called from 2027345690

I was interview by Ben McCoy too but the name on the IM said Bert Marshall.  To me it looked like a scam i answered his question but was not going to provide any information other than my name. At the end he said I got the job and I was going to need some material that the company will provide that I was going to get a check. He wanted me to print it out to deposit it so I can get started soon. I was not doing that.

They're in Nigeria, with VPNs in Frankfurt, Germany and Brooklyn, NY. I think one of them is from Sierra Leone, though.

I directed them to a site I wrote to look like a personal finances app. From there, they gave me their email and password. Of course, I failed to require a recovery email, so I had to get that through an hour of social engineering.

Here's what I gleaned:

Email: [email protected]
Password: Companyodec12345 (they changed this from Company12345 about a week ago, and it's changed again)
Recovery email: [email protected]
Recovery phone: 0810-726-5608

The scammer actually entered his personal Gmail (and name, I think) as well:

Email; [email protected]
Password: okikiola232
Recovery Email: san********@o**.com

Okikiola seems to be a popular name in West Africa, and 232 is the country code for Sierra Leone.

I got into the Odecee email for about three minutes, during which time I tried killing all their access to the account (there seemed to be six users), but I didn't get them fast enough and was kicked out. Okikiola got upset and switched into what I figure is a Nigerian pidgin, telling me "you be mumu" and my "mama no dey real" and "so Na you won dey hack me abi, yon don mental ooo", and "Where you beleive say you no work reach some ppl pass you for the level you no no."

So, two lessons learned:

1) Don't change the password right away. It sends an email, and they all get it.
2) Be mean, and use really simple English. I challenged Okikiola's integrity, which made him eager to prove himself, and by using really simple (and inflammatory) English, I think it made him feel confident enough to go off script. This is how I finally got that alternate email address.
3) WARN EVERYBODY. I should have immediately gone into each chat window and pasted, "THIS IS A SCAM, don't give up any more information," but I was too busy screwing with their account to do what, in retrospect, would have been the right thing.

Next time, my first priority after warning the victims is to download this group's Google account data. They had about 15MB in there, only email, so it was a pretty new account. I'm going to try to change the recovery method before the password, and if I'm in long enough, do two-step authentication with my own (burner) device.

I'm trying again under a different name tonight, so if anyone has any hints, reply here.

I too got a call and the same procedure followed, what are they upto? IS it really scam?

Wow Detroiter!  I commend you.  Good luck getting these guys.  Every time I go to share a picture or something I'm reminded of this spam company because in the suggested sharing they pop up in my Google Hangout.  I'll have to look into blocking the contact all together after reading your comment.