Model Boat Mayhem

Mess Deck: General Section => Chit-Chat => Topic started by: Martin (Admin) on February 28, 2013, 01:37:58 pm

Title: Bogus tech-support phone calls
Post by: Martin (Admin) on February 28, 2013, 01:37:58 pm
New Twist to Online Tech Support Scam.

http://www.ic3.gov/media/2013/130107.aspx (http://www.ic3.gov/media/2013/130107.aspx)

Security alert: Bogus tech-support phone calls By Fred Langa "Hello. This is Microsoft Tech Support. Your PC has notified us that it has an infection."
The call is a scam — an extremely prevalent one. Here's how it works and what you need to know to stay out of the trap.
Scams come and go, but this particular one seems to have staying power — and it's spreading quickly. It's now so common, the Internet Crime Complaint Center (a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center) issued a Jan. 7 special alert (http://www.ic3.gov/media/2013/130107.aspx), "New twist to online tech support scam."
Windows Secrets reader Scott Brande was recently on the receiving end of a typical tech-support con. Recognizing it for what it was, he carefully documented the attempted snow job, then sent in his notes as a service to all Windows Secrets readers.
His narrative, plus the resources I'll list at the end of this article, can help you — and the people you care about — avoid falling prey to this malicious tactic.
Scott's description of how the scam played out:
 "This morning I received a telephone call (the second such call in two weeks) about infected files on my computer; the caller then offered to fix the problem. Suspecting a scam, I decided to play along.
"I think it was the same caller both times. He had a strong accent, the kind I'm used to hearing on outsourced help lines. I asked the caller's name both times; the first time he replied, 'Mike Tyler,' and the second time he was 'Andrew.' He began the call by saying that he's with Microtek, an authorized supporter for Windows operating systems. (My spelling of the company's name was a guess; the caller never spelled it out.)
"I asked immediately whether this was a sales call. Without directly answering my question, he launched into what sounded like a script. He stated: 'Our servers have received information from your computer that indicates it is infected.'
"When I questioned him about his company, he told me I'd find 'Microtek' listed on [an online business directory] — as if a listing in the directory were proof his call was legitimate! When asked where the company was located, he replied, 'Houston, Texas.' I then asked for his employee ID; he gave me 'MSCE079502.'
"(After the call, I ran an online search and came up with a Microtek in Houston; it's a training facility for business computer users — not a technical-support center. I assume the caller just picked Microtek's name off the Web. I don't believe the real Microtek had anything to do with the bogus tech-support call.)
"Changing topics, I asked how he knew my computer was infected. He replied that his company is an authorized Microsoft Partner and, because I use Microsoft Windows, my computer sends notifications to Microtek servers.
"I then asked how he knew about my specific computer; he stated that his server gets updates from my PC. He then asked whether I ran Windows Update. When I said yes, he went on to say that Microtek servers got the information about infected files in my system via Windows Update.
"I countered, stating that Windows Update goes only to Microsoft servers — not Microtek servers. But he simply repeated that Microtek is an authorized Microsoft Partner.
"Next, I asked him which one of my computers was infected (I have several at home), to which he said something vague about a MAC address. When asked which MAC address he had for my machine, he would state only that, for 'security reasons,' he couldn't tell me the MAC address (even though it was my own PC).
"At this point, I expressed my doubts about all this information. But he was quite persistent; he stated that 'some of our clients in your area have been affected by the infected files on your machine.' He then claimed I had upward of '1,000 infected files.' When asked who these local clients were, he said he couldn't tell me that (of course).
"I asked how his clients' machines could possibly be affected by my home computer. He didn't answer this but went directly to the following: 'OK, I'll show you the infected files on your computer.' He instructed me to enter .inf into the Start menu search box, then declared that all these files were 'infected' (that .inf stands for 'infected' or 'infection').
"At that point, I said I didn't believe that was true; it was my understanding that .inf was a particular type of file that comes with software installed on my computer.
"At this point, he ended the call — probably because I knew that .inf didn't refer to infected files. As it was, I'd had him on the line for a good 15 minutes.
"As I mentioned, this is the second such cold call I've received in about two weeks. The pitch given in the two calls was very consistent; I surmise there must be many others who have been presented with the same scam."
 Great job, Scott! Your suspicions are totally correct: This was just a scam. And yes, it's extremely widespread.
 Bogus tech-support call raises red flags Two of the caller's assertions in Scott's narrative immediately indicate a scam:
 Microsoft or one of its partners made the call: False! Microsoft flatly states:
"Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes. … Do not trust unsolicited calls. Do not provide any personal information." (See the full text on Microsoft's "Avoid tech support phone scams" page (http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx).)
Scott's caller raised other red flags, too. For example — just as Scott thought — .inf stands for information, not "infection." An .inf is just a plain-text file containing information Windows uses when it's installing a driver. (See the MSDN article (http://msdn.microsoft.com/en-us/library/windows/hardware/ff549520%28v=vs.85%29.aspx), "Overview of INF files [Windows drivers].")
Knowledge of INF files is somewhat specialized — not everyone will know what they're used for. But the first two red flags should be easily recognized by any experienced Windows user.
Bottom line: If you get an unsolicited call from anyone offering to "fix" your computer (especially if they claim to be from Microsoft or a Microsoft Partner) hang up immediately — it's a scam!
 Further scam-proofing — and reporting scammers For more information about how to recognize the type of scam Scott ran into, see the MS Safety & Security Center page (http://www.microsoft.com/security/online-privacy/msname.aspx), "Avoid scams that use the Microsoft name fraudulently."
You'll find additional ways to generally scam-proof yourself on the U.S. Federal Trade Commission (FTC) site (http://www.consumer.ftc.gov/articles/0076-telemarketing-scams), "Telemarketing Scams."
If you receive (or have already received) a scam-related phone call, the FTC requests you dial (toll-free) 1-877-FTC-HELP or visit the Complaint Assistant site (http://ftc.gov/complaint).
If you're on the receiving end of an attempted scam via the Web (rather than by phone), file a complaint on the Internet Crime Complaint Center's free website (http://www.ic3.gov/default.aspx).
And here's some preventive medicine that might help. Register all your phone numbers with the National Do Not Call Registry (free; site (https://donotcall.gov/)). You need to register a number only once; the registry never expires. This won't stop all unsolicited calls, but it will stop most. If your number is on the Registry and you still get calls, they're likely to be from scammers ignoring the law. In that case, call the FTC number listed above and file a complaint.
 Additional steps you can take to foil scams The tech-support con plays on our too-often-justified fear of malware infections.
To ensure your PC is configured properly to prevent malware infections, download and run the free Microsoft Malware Prevention troubleshooter (site (http://support.microsoft.com/kb/2534555/en-us)). The software is a form of automated fixit that checks whether various Windows settings (Policy, User Account Control, Proxy, etc.) are configured for maximum safety. If anything's amiss, the troubleshooter can make changes for you automatically — or let you make them manually.
If you suspect that your PC is already infected with some type of malware, immediately run one of the free standalone security tools, such as ESET's Online Scanner (site (http://go.eset.com/us/online-scanner/run/)), Microsoft's Safety Scanner (site (http://www.microsoft.com/security/scanner/en-us/SysReq.aspx)), or Trend Micro's HouseCall (site (http://housecall.trendmicro.com/)).
And always, always, always use a good, constantly-on anti-malware tool — there are many good products available, both free and paid. I list six products in the Feb. 16, 2012, Top Story (http://windowssecrets.com/top-story/is-your-free-av-tool-a-resource-pig/), "Is your free AV tool a 'resource pig'?" You'll find much more on protecting your PC in this week's LangaList Plus column in the paid section of the newsletter.
 Keep everyone safe: Share this article! This bogus tech-support scam is widespread and on the rise. It's entirely possible you — or someone you care about — will be a target.
As a Windows Secrets reader, you likely already have the knowledge — as Scott did — to recognize the scam for what it is. But computer novices, the technologically unsophisticated, and the elderly often fall prey to this kind of fraudulent pitch.
So do them a favor and send this article to everyone who depends on you for tech support!
Title: Re: Bogus tech-support phone calls
Post by: w3bby on February 28, 2013, 02:32:49 pm
Went through a spate of this a while back, once or twice a week for about a month. In the end I kept them talking whilst I "went" to the computer  %) , listened avidly to the explanations %) , asked a few questions O0 , took another call {-) , pretended to do what was required  ok2 and finally informed them that I work on a Mac. Haven't had any calls since..... :-))
Title: Re: Bogus tech-support phone calls
Post by: inertia on February 28, 2013, 03:10:52 pm
What the posting above doesn't say is that these parasites will try to charge you for downloading their "fixing" software. This is actually rife with trojans to monitor and feed back all of your security settings! Cheeky-daft, huh?
We were plagued by the same little pest four or five times over the same weekend with this pathetic scam. He used several different names and claimed to represent Microsoft under various guises. I'd given up hanging up on him - it just seemed to encourage him.  In the end I lost my rag (deliberately) and told him he was a ******* liar, a cheat and a thief and he should either get an honest job or  **** off and pester some other poor ******. Funnily enough he didn't ring again................  <*<
The best thing was that I enjoyed it!!
DM
Title: Re: Bogus tech-support phone calls
Post by: heritorasphodel on February 28, 2013, 03:12:10 pm
We get this a lot. Dad's a senior programmer, Mum's an IT teacher, so our standard answer when they say "your computer has an infection" is "which one?". Most hang up straight away. Answers have included "the one connected to the Internet" (all but a couple are) "your home computer", "the one you use most" etc.


Any we get now we hang up straightaway.


Andrew
Title: Re: Bogus tech-support phone calls
Post by: Circlip on February 28, 2013, 03:59:01 pm
" This call is being recorded and your company will be charged £100 per minute, please carry on "   Surprising how fast they ring off, much more effective than TPS (What a joke that is).
 
  Regards  Ian.
Title: Re: Bogus tech-support phone calls
Post by: essex2visuvesi on February 28, 2013, 04:33:49 pm
My fathers favorite one is to answer the telephone with
"Good afternoon, Essex Police internet crimes division how can I help?"
Title: Re: Bogus tech-support phone calls
Post by: grendel on February 28, 2013, 07:32:08 pm
my dad had one of those calls and talked them right through to the point they tried to connect to his computer before revealing it wasnt connected to the internet - ever (he doesnt use the internet - just uses the computer to store his photos and type documents.
Grendel
Title: Re: Bogus tech-support phone calls
Post by: bikemec on February 28, 2013, 07:50:14 pm
I had the joy of watching my 72 year old Glaswegian father in law talkingto one of these, he eventually put me on and I had problems understanding what the person on the other end was saying.
 
the biggest confusion was that my father in law doesn't have a computer, but listening to him shouting down the phone " I dunae ave un ya bampot"
Title: Re: Bogus tech-support phone calls
Post by: raflaunches on February 28, 2013, 07:51:14 pm
Similar conversations have occurred between the same "company" and my mum with them saying that they have recvieved some recent reports that our Microsoft PC is infected, after a few minutes of time wasting my mum then tells them how on earth there can be any problem because our computer is an Apple iMac! {-) {-)
Needless to say they got very angry form being caught out and hung up very rapidly!
Title: Re: Bogus tech-support phone calls
Post by: NFMike on February 28, 2013, 08:31:57 pm
If I could be bothered I'd try to save a few other people getting these calls by playing along and giving them a bogus IP address to connect to (I believe they will try to get into your PC that way). Could be fun ... (tell you what, mate, you give me your IP and I'll try it from this end ... )  %%
Title: Re: Bogus tech-support phone calls
Post by: malcolmfrary on March 01, 2013, 11:08:44 am
This sort of thing is prevalent world-wide, and the example given is very US-oriented.  The FBI is probably even less interested in anybody doing us in the UK any harm than our own police.
If I'm bored, I might let "Rodney" lead me on before either telling him that chkdsk is running and is 5% of the way through, or use the magic words "hang on, I don't use Windows, its Ubuntu". 
When they have cleared down, I use 1471 to get their claimed number.  Since my line is TPS registered, it is unlikely to be a UK based number. 
If the number was withheld, 1477 reports it as malicious. 
If the number was from foreign (starts 00xx), again, 1477. 
Quite often its a spoofed number - usually not quite enough digits to be a real number, again this gets the 1477 treatment.  I can't tell where the number is, but the system can.  It has to, to establish a two way conversation, and it keeps an engineering record. 
Not all service providers have the 147x facilities, but its worth checking.
Title: Re: Bogus tech-support phone calls
Post by: steamboatmodel on March 01, 2013, 05:49:58 pm
I had one the other day and had just finished trying to get an old computer running, so I played along. Said yes I was having problems and perhaps he could help. I then described the problems I was having getting my old computer running, It runs a CP/M (http://en.wikipedia.org/wiki/CP/M) operating system (http://en.wikipedia.org/wiki/Operating_system) , and my Digital Data Pack drives were acting up. I strung him along for about 20 minutes before he hung up.
Regards,
Gerald.
PS the old system was an Coleco Adam http://en.wikipedia.org/wiki/Coleco_Adam (http://en.wikipedia.org/wiki/Coleco_Adam)
Title: Re: Bogus tech-support phone calls
Post by: Stavros on March 01, 2013, 11:34:44 pm
They soon hang up when I speak back to them in WELSH HA HA
 
 
Dave