Slashdot Mirror
The Unstoppable 'Tech Support' Scam
Barence writes "A pernicious new type of scam is targeting British computer owners, reports PC Pro. The con is both fiendishly clever and ridiculously simple. The fraudster cold-calls the customer and tells them that Microsoft has detected a virus on their PC, then invites them to download a piece of remote-assistance software. No doubt reassured by the lines of indecipherable code flitting across their screen, the caller assures the customer they can make the virus vanish – but first, of course, they want payment. £185 to be precise. The spoof site behind the scam is approved by McAfee's Site Advisor and bears Microsoft logos, something which both companies have failed to act upon. Meanwhile, an assortment of British regulators have said there is nothing they can do to stop it."
God, there are some real scumbags in the world.
"I bless every day that I continue to live, for every day is pure profit."
Change your logo immediately!
Well, yeah. You can't fix stupid. You can't fix gullible.
"A fool and his money are soon parted."
This does provide yet another argument against the camp which thinks that understanding the tools they use is not important.
It is a miracle that curiosity survives formal education. - Einstein
...and your refrigerator is running down the street to catch him. For help, please punch the monkey.
P.S. Turn in your brain for a better model.
You can only do so much to save the end-user from themselves.
How dumb do you have to be to fall for this one? The kind of people falling for these must be same ones who fall for the "suspicious activity in your bank account" scam.
Nothing to see here, move along.
Summation 2
The only thing you need to stop this unstoppable scam is for people to be unwilling to shell out a significant sum of money to some c**t who calls them up out of the blue.
I mean, £185, when you didn't know there was anything wrong with your computer in the first place? You'd need to have more money than brains to shell out for that.
"Meanwhile, an assortment of British regulators have said there is nothing they can do to stop it"
Of course there is nothing they can do to stop it, most of these calls are going through BT phone systems and it's not like BT track and log every single call that they handle. So finding the range of numbers these people are using and blocking them would be impossible.... /s
He rang me to relate an annoying but amusing call where someone with an unintelligible accent had been excitedly telling him that something must be done about his PC because it was sending out "the signals!"
He asked for a number to call them back on, then called me. I googled the number: obvious scam, lots of people reporting it.
It's like the one where some dubious company persuades you to install some new version of their operating system claiming that it's super fast and totally secure, etc. etc. and then after six months your machine crawls to a halt unless you give them more money for the next version which is faster, more secure, etc. etc.
Oh wait...
Once I was a four stone apology. Now I am two separate gorillas.
What is the difference between this and the tech support offered by most companies?
slashdot troll = you make a compelling argument I do not like the implications of.
This just reinforces my views about open-source. No money in that for McAfee or Micro$oft, though...
The Tea Party is just the GOP with a bag over its head.
Its funny how much creativity goes into these scams - they're more elaborate than any morally acceptable way of making money! I'm sure that creative energy could be used in a more positive way. However its probably the case that these scams feel easier than positive work.
It's hard enough to remember my opinions, never mind the reasons for them..
Is that you?
I get calls once or twice per month that start out like this. I usually just yell "NOOOOO" like I'm dying into the phone and promptly hang up. It's good for a chuckle.
But seriously, warn all your normie friends about this. My parents were surprised such a thing would be a scam, and my mom's sister even got popped for $90 by these people. Of course, after I told her about it and she tried to call them back, the number was "no longer in service".
Education about the scam is the only way to avoid it.
I'm pretty sure lying to convince someone to give you money is a criminal offense. Saying that they are from Microsoft or that they have detached a virus are lies.
... and tells them that Microsoft has detected a virus on their PC
Believing that Microsoft knows or cares if your machine has a virus is flat out ignorant. Being okay with the idea that Microsoft could monitor you is even worse.
Never mind shelling out hundreds to an stranger for doing nothing -- how many people are really so dense?
Sounds exactly like a telephone scam now happening here in Chile.
:-)
They call old people telling them that their grandson is involved in some sort of a car accident, and need money for bail or pay the affected part for the damages, anyway they tell them that if they don't get the money his/her beloved grandson will be in jail for a long time
Then, they ask for the address to send a messenger to pick up the payment, in terms of cash, LCD TV, Blu-ray, etc.
And people fell for it... even the ones without a grandson
Something about "an educated populace being the best defence against tyranny."
Then apply this to corporate interests.
Profit.
The spoof site behind the scam is approved by McAfee's Site Advisor and bears Microsoft logos, something which both companies have failed to act upon
Spammers have been doing the same thing for years. The "Canadian Pharmacy" sites always claim to be "verified by visa", "hacker safe", "bbb approved", etc... Any half-wit knows how to copy the logos from some other web page and use them to make your page look more legit than it really is.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
I think this is a clear case in which Obama needs to use his new powers to shut down the internet until this is resolved!
Anyone who falls for this are the same people who believe the phone calls telling them won some lottery they never entered in some country they've never been too. They'd get a short sharp fuck off if they called me.
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
...this is Geek Squad then? I do a bit of sidework now and then and many of my jobs are undoing what GS did...
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
My mother-in-law had a call like this last year - they told her to type "temp spyware" and "prefetch unwanted" into the Run box on her PC to prove it was infected..
...And we just tell them that we use Linux.
They either shut up then, or they continue regardless, adamant that we have a windows pc that's infected.
It's also fun to ask them how they know there is an alleged virus on my pc; and so on.
The actual site mentioned is thenerdsupport.com
I ran them through our SiteTruth system. Here's what comes out. "Rating: "Site ownership unknown or questionable. No Location. ... This certificate identifies the domain only, not the actual business.
No street address found on the site."
Compare the SiteTruth results for Geek Squad. Street addresses found, found in the US business directory, found in Open Directory.
It's not that hard to sort out the phony business sites from the real ones. You have to check business databases, not just the Web, for business legitimacy. If you just look at the web, you get bogus results like this: McAfee SiteAdvisor: "We tested this site and didn't find any significant problems." The site itself doesn't try to attack the user, so McAfee says it's good to go.
download versions too, or they are setting themselves up for some awkward calls :P
Actually, they kept calling me for weeks, every couple of days. Here's what actually happens.
It's a Bangladesh call centre.
They call up and say that a problem on my computer has been reported to them. Of course, I know this is not true. But one time, I went along with it to find out what they were up to.
They actually talk you through getting the windows event log up on the screen - and make you count the "error" entries. Of course there are error entries.
So, they say, that proves you have a problem. My parents, for example, would be completely convinced at this point.
Then they make you go to a web site, and download a remote control application. At that point I hung up. There is no way I'm giving control of my PC over to some whackjob on the phone.
They kept calling for about two weeks, every couple of days. We're on the do not call list - which in the UK means its illegal for them to call us. And they call asking for "Mr Bruce" after I answer - my wife's name and mine are different, and the phone is in her name.
The last time they called I asked to speak to their "manager" and I told them to look out the window because the police are coming to get them. What else am I going to do? Then they finally stopped calling.
"... something which both companies have failed to act upon."
If this was in the US, McAfee and MS would lose their respective trademarks for failure to enforce them. What's the law in the UK like in this area?
We are the 198 proof..
From Linus Torvalds. My kernel is out of date, and he's e-mailing me the latest source.
Now that's service!
You would have done well in times preceding Martin Luther. Assuming you were part of the aristocracy, of course. Bad luck if you weren't.
So how did the "company" explain the phone call in the first place? I highly doubt when people have to register for Windows XP activation they actually leave their phone number. And if so, how does a 3rd party get said phone number?
Domain Name: SUPPORTONCLICK.COM
Registrant:
Pecon Software Ltd.
Pecon Software Ltd. (peconcal@vsnl.net)
En-27, Salt lake Sector-V
Kolkata
West Bengal,700091
IN
Tel. +91.03340101601
Back to Windows for me.
Learn the patterns of manipulation and lying, and then you won't fall into the traps of manipulations and lies.
The price of this valuable lesson is whatever the last scam you fell for cost you, plus the time and energy required to keep your ears open and your brain turned on.
EVERYBODY gets scammed at least once in their lives. I've been burned several times, mostly during my childhood and teens when I was still learning the law of the jungle. If you only get taken for $100 or so, then you're doing really well.
Nowadays, it is much harder to catch me in a trick, and if you try there's a good chance you'll get hurt or severely inconvenienced in the process. Also, I consider most ad campaigns, political campaigns, religions and news agencies, universities, shopping malls and economic systems to be scams. I spend a lot of time walking around laughing in amazement at the crudity and callow nature of it all.
But the real skill is in being able to navigate the world effectively without getting bitter and angry; in recognizing that life is fun!
-FL
I read the article and the article, from March, that it references.
I didn't see any proof that the scam exists, other then anecdotes.
Other than the original phone call, what they describe sounds like Microsoft tech support.
Perhaps the scam is a scam.
There's no fraud.
I could cold-call someone right now, and with 95% confidence say that 1) they have a virus, 2) I can fix it.
Both statements 1) and 2) are probably true.
The only way this is a "scam" is if the guy either DOESN'T fix legitimate problems for the 185 pounds (with clamAV and standard free garbage removers of course), OR if the guy STILL charges for a "problem" even in the 5% of the cases above where the user legitimately has 0 viruses. As long as in those 5% of the cases (oh, who are we kidding: 2%) the guy says, "You know what, I was wrong, my mistake, there is no virus I can find. I waive my fee despite this time I invested with you, and despite the fact that if you had had a virus I really would have cleaned it for you."
Where is the scam again?
Well, three actually. The first two times I told them to p*ss off but the third time I decided to play along so I could warn family and friends. The site they were trying to get me to sign up to was RichTek Support (www.richteksupport.com)
After giving me the spiel about my computer sending out error reports to them, the first thing they did was talk me through opening up the Event Viewer. Any entries in there were, according to them, caused by a virus.
Next they talked me through opening the DOS prompt. Apparently cmd stands for Computer Management Device. I then had to type assoc, and everything listed there were file types that were affected by a virus. At this point I told them I was short on time and really wanted to get this solved, which was when I finally got the URL of the service they were trying to sell.
Scammer: Microsoft detected a virus on your PC.
Callie: OMG, Microsoft ssh'd to my box, guessed a login name and password, and then escalated from that user's privileges to the point where they had read access to everything, thereby allowing them to scan my whole filesystem hierarchy for viruses?
Scammer: Yep.
Callie: Holy crap, that means I'm compromised! How do I close the hole that Microsoft used?
Scammer: Download this program, chmod +x it, and sudo run it.
Callie: Ok!
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
It's interesting to me that this scam is predicated on the concept that the average user thinks (and accepts) that Microsoft is monitoring their computer's health. It's amazing that this is just accepted as standard and no one has a problem with the concept.
I think some viruses are bad enough to warrant the death penalty. Sometimes these things manage to shut down companies, costing millions of dollars. We should just kill these people who write these things.
That being said, I feel that the cure is worse than the disease. As long as I don't get a keystroke recorder stuck on my machine where they can get my bank info, I'd prefer not to have McAfee or Norton corrupting my machine.
There's no Tax Revenue in this.
"Doing what i can, with what i have." ~ Burt Gummer
The site doesn't seem to be posing as Microsoft, only using the Microsoft Partner logos. If that's the case, Microsoft would have to be the one to take action against them. Macafee seems to be checking for the site serving up malware and the like, and it's entirely possible the site itself is clean. In any case, again it'd be Macafee who'd have to take action about any misuse of their logos, not the regulators.
The best thing you can do to protect yourself against this kind of scam is actually not to protect just against this kind of scam. Be skeptical in general when someone else calls you making claims and wanting you to act on them. In past years it'd be someone calling claiming to be from your phone or utility company, saying there'd been a billing error and lo and behold you could make the payment over the phone to them and avoid having service cut off. More sophisticated ones claimed you'd overpayed and if you could just give them your payment information they'd credit the refund to you. This one they're claiming to be someone monitoring your computer for problems on behalf of Microsoft. The response to these should always be the same: get the details of the problem and any neccesary contact information, then hang up. Go to your contact information for the entity in question, ignoring any phone numbers the caller gave you, and place a call yourself to the entity. If it's legit, they'll have a record on your account of the problem and can connect you to the right department to handle it. If they don't know what you're talking about, chances are you just avoided a scam.
Meanwhile, an assortment of British regulators have said there is nothing they can do to stop it.
Yes, there is something that we can do to stop this kind of activity. Find the people who are doing it and kill them. That usually stops it.
We don't need the people who are doing this. They don't contribute anything. They won't be missed by anybody. And if it means that their kids will be growing up without a daddy, well, then kill the kids too. They're only children, and the apple doesn't fall far from the tree. Save the future generations grief.
While it sounds extreme and tongue-in-cheek, it's not. I realize that it feels horrible to order and facilitate the extra-judicial execution of financial criminals. But it is a feeling that decreases with each new asshole that we stuff into the wood chipper. It's good for the computer community. It gives faith to the general people that we can police our own industry. We 'take out the trash'. Gangsters do this kind of thing all the time. Plus there are too many people in the world already. These jerks won't be missed.
A fool and his money can't be kept together even at gunpoint.
When a true genius appears, you can know him by this sign: that all the dunces are in a confederacy against him.
A customer of mine received a call while I was onsite. The caller denied he was selling anything. The guy claimed they were calling every Windows user in America. The customer hung up and the guy called again. I picked up the phone and played his game for a while. He tried to get me to look in the event viewer and count the number of errors. He then said these errors will add up and damage the hard drive!
I asked him what company he represented and he reluctantly said onlinepccare.com.
This lady called AOL for assistance before she called me. I bet AOL officially or unofficially supplied her phone number.
would be better understood by the minions using PCs if the message said. "Oops, I just pooped in my hard drive".
Domain Name: THENERDSUPPORT.COM
Registrant:
DomainsByProxy.com
15111 N. Hayden Rd., Ste 160, PMB 353
Scottsdale, Arizona 85260
United States
The owner of a domain is the entity in the "Registrant" position, even if they're a "proxy service". (This is very real, and at times a legal nightmare. See RegisterFly.)
There's a 2009 legal decision here that's important: Solid Host vs. NameCheap. US registrars rely on a legislative immunity against lawsuits given them in the ACPA. But in Solid Host vs. NameCheap, the US District Court for the Central District of California held that "domain proxy" services don't qualify for that immunity. Even if the "proxy service" is also a registrar, that doesn't help them. "The court concludes that NameCheap's status as an accredited registrar does not shield it from liability in cases where it did not act as a registrar."
So DomainsByProxy is the entity to sue. They can try to pass the buck to their customer, if they can find them. But that's their problem. The proxy service may be on the hook for the activities of the entity they're helping to hide.
Unstoppable by people that go to a website and run software because someone cold called them over the phone and told them too ?
Just so I'm clear on this. What I need to tell my mother is, "If someone calls you on the phone and tells you to run software on your computer . . . don't do that."
Pug
An Invisible Entity of Vast Power whose existence must be taken on faith alone: Liberal Media
Flat out, Unless it is God on the phone, and he can do a miracle to prove it, I am not downloading anything a cold caller tells me to. not a snowballs chance of rolling through hell of that happening...
I don't give out information over the phone. PERIOD. Even companies I pay, if I forget to mail out a check and they ask I make a payment over the phone, I ask them if a bill has been emailed of USPS'ed. If they say yes, I say thank you, I will pay it when I get it. If they ask me to "verify" my account details, I ask them to go first. Like asking for the 3rd set of numbers on my card in question or my first 3 SS numbers. They always tell me they have to verify my identity first and I simply tell them that they called me. Then I point out that I have no way to verify who they say they are, the response is almost always "but we are Bank of America, why would I say I am if I am not, I really am!". Rarely do they understand my point: They called me and are asking for money over the phone.
6.8SPC TR of 550, l xwind at 6, drift rt at 26" drops 77". AT has 503 ft-lbs at 1403 fps. FT 0.86
I know a fair bit about this scam. They are Microsoft Gold Partners, which is a nice mechanism for them to convince victims that they are legit. Although they use local phone numbers (in the UK they generally use a Bradford dialling code) they are operating out of India. Getting the Indian authorities to do anything about it is nigh on impossible. The only way to stop them is either by shutting them down in India, or by consistent and determined cooperation between enforcement authorities, the telcos and the banks. The structure (and funding) just isn't there at the moment. The only response UK enforcement authorities are able to provide is in making a series of press releases warning consumers. Very frustrating.
Only contagious diseases require contagions, there's many, many, many thousands of diseases that require no contagions at all. Ever heard of genetic diseases? Ever heard of cancer? There's other types too.
I've never heard of this myself, but assuming it's true, I'm 1) baffled that anyone still uses screensavers, and 2) baffled about where these unfortunate people are going online to find screensavers to download for Ubuntu, since anything in the official repos has been vetted, and you have to go out of your way to bother with non-repo software.
Were these malware packages you mention downloaded from the Ubuntu repositories? If not, you're basically talking about people who take the effort to engage in known-risky behaviours by deliberately sidestepping the safeguards put in place to mitigate such risks. If the official Ubuntu repository screensaver packages contained malware, I'd feel upset that Canonical failed to audit the packages, and I'd feel sorry for the people affected. However, for folks who download Ubuntu packages from random sites on the web, I'm not sure I'd have much sympathy for them at that point.
Unless these malware packages came from the official Ubuntu repositories, this has nothing to do with open-source vs. proprietary -- this has to do with users not understanding basic computer hygiene and deliberately engaging in risky activities, which is a different kettle of fish.
Cheers,
"What in the name of Fats Waller is that?"
"A four-foot prune."
Stupidity tax: we collects it!
now seriously, the parent is right: somehow, some (a lot of?) people have lost something that is a very useful evolutionary trait: skepticism; for most of our fellow mammals, the lack of it usually means an early death (think mouse who eats poisoned food or walks into a trap without sniffing around, think the La Brea pits, think predator trying to bite more than it can chew)
Unfortunately for our species, these things most of the time only cost some discomfort (money lost), and are not life endangering; methinks we would have a much saner world if the latter were the case.
How about saying that the Brit's Health Care system is extended to PC's and then download the
remote app, make them wait a few months before connecting to the machine (so it seems normal)
then take it over.
It could work.
(/tongue firmly in cheek, BTW)
Have you read the moderator guidelines? Well, have you, PUNK? (and I want a Karma: Gnarly option)
This same scam was attempted on me about 3 weeks ago here in the US. I found it funny to string the would be charlatan through as many hoops as I could during our roughly 10 minute conversation.
I got a call back number based in Florida.
When he finally realized I haven't run microsoft in this house since over a decade ago he hung up after saying "You are the wrong person".
...when I and several other people submitted it to slashdot, complete with links to the PC Pro story that ran in February IIRC.
Thanks for the public service announcement Timothy.
If only it had been put out when it was first starting, hundreds of other people might have been warned.
Grrrrr.
Justin.
You're only jealous cos the little penguins are talking to me.
Symantec put out a video where they go "undercover" with one of these companies, then call them out on the scam afterward:
http://www.youtube.com/watch?v=pXdFRzkIypI
>Meanwhile, an assortment of British regulators have said there is nothing they can do to stop it.
This is bullshit (though it may be bullshit from people upon high who have no idea what they're talking about). They simplified a lot of UK law a couple of years ago with the "Consumer Protection from Unfair Trading Regulations 2008" and "Business Protection Misleading Regulations 2008". Essentially they made consumer protection laws deliberately vague in the form of making it illegal to "Trade Unfairly".
Phoning someone, conning them into installing malware, then only removing it after receiving payment sounds pretty Unfair to me.
If you don't risk failure you don't risk success.
I would pit the knowledge, technical skill, and ability to recognize an online scam of the average Linux user against those traits of the average Windows user. Any day.
When this is no longer true, it will be the Year of Linux, on the Desktop.
Regards.
All a scam artist has to do to pull a quick one is call up with a pretext saying they are from an anti-spyware firm and believe the customer is infected with spyware. Would they be interested in helping them remove it? If the potential customer responds yes then the scam artist says "OK". Let me just make sure you are infected. "You do have a MS Windows machine, that is correct?" "OK, this will be $149.99. How would you lie to pay? We accept visa, master card, & discover." Then they can go on to have the visit a website that would download a little program that really does disables the MS spyware that is bundled with every version of MS Windows. It's that easy! Who defines spyware? That's a legal definition that has to be defined. Some definitions would include software that Microsoft's bundles. And with 90% of the user population using it and nobody else in the industry disabling it you can safely assume if you haven't called the person before they haven't disabled it thus when you say you believe they are infected you are telling the truth. This should be a legally sound scam. It is no different than what Norton, McAfee, and other companies are doing selling anti-virus/spyware products that don't really secure your machine either. Sure- they do something. But it is utterly worthless. Little better than the fake anti-virus software out there. If you aren't infected with anything else it is basically little more than defective and a lie in that in can protect you from anything also. It is the other stuff you get with it that is the problem usually.