Warning! MS scam guys are active again.

[viking60]

For all our Windows users!
I got a call from a person with Indian accent today pretending to represent Microsoft (again), and this time I played along to get a really good overview on how it is done:

Bad phone line:
Hello sir how are you doing etc
We have reports that your computer is infected with a virus. (me playing allong)

press CTRL+R and write cmd then write assoc

I played allong and pretended that I saw everything he said - apparently this should convince me that I am infected.
I think he was refering to the line

Code: Select all

.zfsendtotarget=CLSID\<somenumber>

(maybe they have a point - what does that do?)
So now that I was convinced it was time for the senior "MS technician" Mr Brian Smith :

He wanted me to Hit WINKEY+R and type
WARNING! this is a criminal scam site so do not download anything from it!
http://www.microsoftcare.webs.com
It looks like this:

And here I should Click port one, and being the naive idiot - i did of course - so it wanted to download the file AA_v3.exe
I even asked if this was safe and yes I should just click and accept everything (might be a remote control software). If you let them control your PC they will probably encrypt the entire enchilada and ask for money to give you the key to unlock it.

I asked him if it was ok to open it in Wine?
"Huh?"

Yes that is the only way a know how in Linux.

"LINUX!"

Yes sir and you should be very careful that you do not get arrested, Microsoft would never do it like this.

For some reason that is where the conversation ended.

If anyone wants to analyze the file just say so - or download t from the scamsite - but only if you know what you are doing.

I bet that the motive behind this is to steal your Creditcard data and all your passwords.

In short if anyone calls you and say they are from Microsoft - just hang up. Or call them back
And feel free to occupy them for an hour or so on the phone by being incredible stupid - that will work wonders on their phone costs.

[viking60]

I checked the site with the Microsoft forum, and they confirm that this is a fake site - so stay away from it.
http://answers.microsoft.com/en-us/wind ... f62abd9a3b

If you listen carefully you can probably hear "Senior Consultant" Brian Smith here - Someone has recorded the process (.. he is a bit to much in love with his own voice ):

[viking60]

They tried again today:
Clearly African accent this time and besides lousy English there was a lousy line. I am tired of this by now so I told him off in no uncertain terms and said he belonged in Jail and that I do not have a Windows computer, and hung up.
This must have been encouraging to them because now a guy calling himself Peter Parga called and this time they were experts on avoiding hacks on Mac computers!

I do not know if the combination of Winkey + R even works on Mac (I doubt it) but I let him speak to check out the Mac approach.
And they really have no clue... So I made him spell his name and due to the bad line and English I really needed him to repeat everything.
Finally he understood that I do not use Mac either - and guess what? He was a Linux expert too!
Then I went here and told him what he wanted me to do. That was the only part that he understood so he wondered if I had received this call before. Not to bright these guys.

Again I tried to make my point clear to him : That he should stop the scam and etc etc. He maintained he was only trying to rescue my PC and that he was the only one who could do it.
I asked him why he would call from Microsoft to rescue my Linux PC and what distro he was talking about.

By now he gave up and claimed that he called to f.... my mother.

Rude - but probably closer to the truth.

They called from this number 001023337855 (I might have missed some digits at the end due to a bad display)

[rolf]

I hate spammers and scammers, too.

My email address has been around for more than 12 years, so it's on a lot of spammer lists. Earthlink does a pretty good job at filtering them out before it gets to my computer Seamonkey account and I check what they have filtered at the web mail site periodically, to override the mistakes. It's a good enough system. If something slips through to my computer, this event is few and far between enough that I take the time to look at full headers, do a whois, and fire off a report to the abuse or admin contact, maybe the the domain registrar.

I have discovered just how disinterested the various corporate enablers of spammers, yahoo, google, for two bad apples, are. Google is especially skillful in not providing any easy way to report how their services are being abused for spam. Yahoo and many others will bounce from the abuse addy back to you that it does not read email to that address, their human support misunderstands or intentionally misdirects the attempt, some mail boxes don't exist, bounce my report as spam, or the mailbox is full. Some, especially the msn|hotmail microsoft servers are actually polite about it, with an auto-response, at least. Whether the report triggers any action no one can tell but I feel like I'm doing something.

We get a lot of phone robo calls, here, which is against the law. I try to fight back about this, also, and the FTC manages a Do Not Call Registry where you can have your phone number blocked from solicitors and complain about illegal calls. Yes, it is government and yes, Wall Street and the banks have stolen most of our money, moved it to offshore tax shelters, but I have actually received letters of acknowledgment back from FTC when I file a complaint.

It's not perfect, doesn't deal with international calls, afaik, but, in your next audience with the Queen, you might convince her to have Norway blaze some trails making agencies to help berserks deal with this outrage, provide an example for the rest of the world.

[dedanna1029]

Everyone has surely read about this scam right? What happens is a phone call unexpectedly comes into your home and a supposed representative from Microsoft tells you that there is an issue with your computer which they just received a notice about.

They then typically ask you to turn on your computer and will give you some instructions to access a website and download a program that will fix the issue with your PC that they say you have. That download is usually a piece of malware or a form that you then fill out to provide personal information such as name, address, phone number, credit card, etc. They may also tell you that they need to charge your credit card so they can fix the problem for you.

More at WindowsObserver

[dedanna1029]

My own fix to this is just simply to say, "Get the f#ck off my phone", and hang up. However...

“Hello. This is Microsoft Tech Support. Your PC has notified us that it has an infection.”

The call is a scam — an extremely prevalent one. Here’s how it works and what you need to know to stay out of the trap.

https://windowssecrets.com/top-story/se ... one-calls/

[jkerr82508]

This and similar scams have been going on for years. Most of the calls seem to originate in Indian call centres. I used to receive many of these calls as well as numerous telemarketing calls. My solution was to acquire a telephone with integrated answer machine and caller display. I only answer the phone if the call is from someone in my phone book, in which case the caller's name is displayed and the phone plays a louder ring-tone than usual (which I can actually hear.) The answer machine handles all other calls.

Jim

[dedanna1029]

Nice. My mum & I are on the U.S. do not call list. They're not supposed to make marketing calls for those on the list. http://www.donotcall.gov/ (it's mentioned in the article)

From what I understand, there's one for the UK, too.

[jkerr82508]

The UK one is useless for calls from outside the UK - and for many calls within the UK. There is no proper enforcement.

http://www.tpsonline.org.uk/tps/index.html

Jim

[dedanna1029]

Ah, OK. That's also what I heard. lol.

[viking60]

merged with corresponding topic

[jkerr82508]

The UK one is useless ....... for many calls within the UK. There is no proper enforcement.

Perhaps that is going to change:

http://local.stv.tv/glasgow/218266-dm-d ... ing-calls/

Jim