Turning the Tables On "Phone Tech Support" Scammers

mask.of.sanity writes A security pro has released a Metasploit module that can take over computers running the Ammyy Admin remote control software popular among "Hi this is Microsoft, there's a problem with your computer" tech support scammers. The hack detailed in Matthew Weeks' technical post works from the end-user, meaning victims can send scammers the hijacking exploit when they request access to their machines. Victims should provide scammers with their external IP addresses rather than their Ammyy identity numbers as the exploit was not yet built to run over the Ammyy cloud, according to the exploit readme. This is much more efficient than just playing along but "accidentally" being unable to follow their instructions.

External IP

[tomhath]

Providing your own IP address to a criminal so you can trash their computer just doesn't sound like a good plan to me.

Re:External IP

[GloomE]

Upstream firewall? Not? Oh dear.

Re:External IP

[Noryungi]

... Depends if your IP address is dynamic or not. In my case, all I have to do is reset the DSL modem/router and, presto ! New IP!

I am more concerned about the legality of it. Running a live exploit on their network may make some ISPs fidgety. Also not sure about the position of law enforcement agencies...

Re:External IP

[thegarbz]

Why not? What can you do with one IP address? On the flip side why do you think this is any worse than giving someone access via a cloud service after which they can look at your IP anyway?
216.34.181.45

Come at me bro!

Re:External IP

[Charliemopps]

Unplug your DSL router/Cable modem over night. Someone else should get your IP in that time and you should get a new one when you wake up and turn it back on. Unless you have a static IP, in which case this is a terrible idea.

Re:External IP

Yeeaaah ... that's the IP to slashdot.org :)

Re:External IP

[BarbaraHudson]

I am more concerned about the legality of it. Running a live exploit on their network may make some ISPs fidgety. Also not sure about the position of law enforcement agencies...

The cops won't like the competition ... in Soviet Russia, law enforcement exploits YOU ... oh, wait ...

Re:External IP

[benjfowler]

Don't use your own machine, use a honeypot/goat machine.

Presumably, a bit of work is required to hit back at the scammers in the first instance; a little extra effort couldn't hurt.

Re:External IP

[DarkOx]

Yea but its a metasploit module so you run metasploit on some very disposable vm you have out on Amazons aws in the free tier.

Either have your revershell go back to that IP and forward it on your own system or just bank on tact these losers don't have the skills it would take recover your ip from your shell code in memory or see the outbond connection on their firewall and have it call your back directly.

These guys are following a script. Most of the actors probably don't know how to deal with things much outside that. They are using an off the self remote access tool and social engineering. If they could pwn your box without your help they'd skips the steps where they setup the bogus call center, train employees, pay to make a bunch of often long international phone calls, etc and move strait to the profit step.

If they can't get you to fall for the scam they probably are not very dangerous.

Re:External IP

[Luthair]

I'm not advocating for it, but one assumes it would be pretty unlikely they'd complain to anyone. They probably aren't in the same country and they are engaged in a variety of illegal activities.

Re:External IP

[goarilla]

Not if the pool of free DHCP leases is big enough and the DHCP server is configured to remember hardware addresses.

Re:External IP

[Trailer+Trash]

... Depends if your IP address is dynamic or not. In my case, all I have to do is reset the DSL modem/router and, presto ! New IP!

I am more concerned about the legality of it. Running a live exploit on their network may make some ISPs fidgety. Also not sure about the position of law enforcement agencies...

Look up the "clean hands doctrine". There's a reason that you don't see street gangs suing a drug supplier over a missing shipment....

Re:External IP

[gstoddart]

Look up the "clean hands doctrine". There's a reason that you don't see street gangs suing a drug supplier over a missing shipment....

Because they have guns and don't bother with the courts?

Re:External IP

[rickb928]

It seems like the entire internet IS ALREADY ATTACKING MY ROUTERS.

What's one more lame scammer gonna do that isn't already being tried every 20ms or so?

Oh, and my external IP at home is dynamic, but the lease is tenacious. I would need to wait a while to get it to change. Like a week.

Re:External IP

[rickb928]

Goatpot.

Re:External IP

[Noryungi]

Are you trying to imply that people using these exploits are street gangs? Or drug suppliers? :-P

I was more thinking about mob justice - sometimes, the people who were hanged really were innocent.

In a "darker" way, this could start an arms race, with scammers trying to take down machines and hitting innocent people and/or cyberwar getting started because of attacks on scammers and counter-attacks from the scammers tripping automated defense systems due to spiraling conflicts and increasingly sophisticated tools being employed by all sides. Collateral damage and all that. Not a pretty sight.

Wouldn't you prefer a nice game of chess?

Re:External IP

[mspohr]

They already have your IP address.

Re:External IP

[ShaunC]

Powering off the cable/DSL modem and changing the MAC address of whatever's plugged into it (NIC, router, etc.) is often sufficient, and much faster. When the modem powers back on, your "new device" will get a new lease with a new IP.

Re:External IP

Wow, what a coincidence! Mine is 127.34.181.45!

Come at me, bro!

Re: External IP

[rickb928]

It's not the DDOS. It's the login attempts, probes. You know all this. Relentless attacks. They even try to raise an SMTP or SNMP server. Stupid, but the scripts run forevet without attention, so this is the new normal.

Used to be you could put up a naked host and count the time to compromise on hours. Can one last a minute today?

Re:External IP

[thegarbz]

I have a static IP, but seriously why is it a terrible idea? You want to do a targetted attack? Go ahead. I'll wager what you'll do is no different from many of thousands of internet searching botnets creeping around for vulnerabilities. I get a random attempt to log into my wordpress account about every 2min (as admin user which doesn't exist of course), I see endless firewall logs port scanning for various services, and once a while ago someone actually exploited a bug in Apache which got them limited access to the server and now I focus a lot more on automatic updates.

For the most part these are dumb scammers not hyper intelligent hackers with the ability to flip bits using the wings of a butterfly.

Rife in the UK

Since moving back I find myself plagued with "windows support" and similar type phone calls, who try to claim my "windows" machine has a virus. The calls are from withheld numbers, all Indian accents (could be Birmingham, not India). They will never tell me the name of the company, and they insist on personal details. I've had these from the very first day of moving here and getting a new phone.

The joke is I only use Debian. But I'll keep them on the phone for as long as possible to waste their time and cost them their metrics.

Re:Rife in the UK

[stealth_finger]

"Hi, we've detected a virus on your machine etc etc"

"Yes, that's mine, I've been testing it. Can you tell me how and when it was detected please?"

".....[click]beeeeeeeeeeeeeeee"

Re:Rife in the UK

[WormholeFiend]

"Hi, we've detected a virus on your machine etc etc"

"How do you know?"

"We have a file about you and your computer."

"Yea? What's my name?"

".....[click]beeeeeeeeeeeeeeee"

Re:Rife in the UK

[91degrees]

The last one I spoke to was very unlikely to have been British-Indian. He didn't know enough about the UK, like, for example, how "Brighton" was pronounced.

Re:Rife in the UK

[andrewbaldwin]

I've had a similar experience - many times.

First of I am not a lawyer - but I can read Wikipedia :-)

So when we get to "we've detected a problem with your computer" I ask "how?" and get a stream of babble about seeing data which looks like a virus.

Then I ask innocently -- "so you can look at my traffic?" "oh yes and you definitely have a virus - we can see from how your PC is behaving" "so you can look at my PC?" "Oh yes"

I always ask - "are you sure about this?" to allow them to dig themselves even deeper into a hole and then ask for their name/company name (claiming I misheard at the start).

At this point I inform them that either (a) they are probably committing offences under one or more of Computer Misuse Act 1990, Data Protection Act 1998 or Regulation of Investigatory Powers Act 2000 -- or (b) if they want to own up (and I do know that they are lying because I'm not running Windows and my firewall is pretty tight) that attempting to obtain money through false pretences is an offence under the Fraud Act 2006.

"Which one do you want to choose?"

They usually hang up at this point having spent around 15 minutes with me when they could have been hitting another victim -- though one did ring back and shout abuse.

Re:Rife in the UK

[DocSavage64109]

If it's anything like how they pronounce lieutenant, then I don't know how British pronounce Brighton either.

Re:Rife in the UK

[91degrees]

Like "Bright" with "on" at the end.

Re:Rife in the UK

[Quietust]

"Hi, we've detected a virus on your machine etc etc"

"Which one? Is it my old [OS] system downstairs, or the newer one upstairs running [OS]?"

".....[click]beeeeeeeeeeeeeeee"

For best results, pick semi-recent Windows versions OSes (XP, Vista, 7, 8, or 8.1) that you aren't actually running and see if they actually try to guess which one it is, then see how they react when you casually mention that it's been turned off for the past several months or suffered from a hardware failure.

Re:Rife in the UK

[dwywit]

My record was 16 minutes, the sucker on the other end got more and more frustrated and eventually swore at me and hung up.

I've told them I can't go to my computer because I had a broken leg and couldn't get out of bed.

I've told them I don't have a keyboard, I use a touchscreen.

Most recently, I let the operator get through to the stage where they wanted to connect, then I told her I knew it was a scam, she should be ashamed of herself for telling lies, and what would her mother think? That one got 3 seconds of silence, "shit", then she hung up.

Love reading about it

[gnasher719]

I will love reading about anyone who managed to destroy a call centre of these scammers and get them out of business.

Myself, I would fear bad legal consequences if I did it, because hacking into their computers isn't going to be legal just because they are scammers.

Now telling them that you just hacked into their computers and asking them to open log files to show evidence, that would be fun.

Re:Love reading about it

[stealth_finger]

I will love reading about anyone who managed to destroy a call centre of these scammers and get them out of business. Myself, I would fear bad legal consequences if I did it, because hacking into their computers isn't going to be legal just because they are scammers. Now telling them that you just hacked into their computers and asking them to open log files to show evidence, that would be fun.

There's not really anything they can do apart from try to get revenge on your machine. "Hi international police, well we we're trying to scam this guy and he somehow managed to switch the flip and gutted our entire organisation........please stop laughing"

Re:Love reading about it

[gstoddart]

Myself, I would fear bad legal consequences if I did it, because hacking into their computers isn't going to be legal just because they are scammers.
So, you have to remember ... these are people operating in a foreign country which is currently ignoring your laws, and are actively lying to you in order to scam you.

What legal recourse do you think they're doing to take against you? Take you to court? Good luck with that.

Sorry, but these clowns are using spoofed caller ID, calling from India (by the sounds of their accents), and are hell bent on ripping you off.

You think law enforcement is going to show up at your door?

Now, if you used this one anybody else, you could be in deep trouble.

But these "This is the Microsoft Service Provider" or whatever they say ... burn 'em to the ground, wreck their computers .. I've got no sympathy for them, and they probably have no idea of who they're talking to anyway. Because it's just an auto dialer which connects you to the next available idiot when you answer.

So, anybody who has the ability to do this probably should. Because I can only imagine the conversation of them trying to lodge a complaint .... yes, I am the guy from the foreign call center doing the Microsoft support scam, this guy hacked my computer.

Re:Love reading about it

[gstoddart]

Crap, the Preview button is separated from the Submit, but I'm still an idiot. :-P

Re:Love reading about it

[GameboyRMH]

International police? No, this is a job for the CYBER POLICE!

You should point them to the proper authorities and tell them you'll be waiting with your wrists out :-D

How about

[BringsApples]

THEM: Hi this is Microsoft and...
US: hang up

Done. Fuck this war.

Re:How about

[i.r.id10t]

I got called by one last Friday night. Kept him on the phone for almost an hour, playing along. Even gave him clues I wasn't on windows (ie, when he asked me to run eventviewer I described the output of top, including clueless worrying about zombie processes).

Finally told him I had to go pick up my daughter and that I'd been screwing with him. He called me a "miserable son of a bitch" and hung up.

Kinda felt that it was my duty to keep him occupied, after all each minute I was screwing with him was a minute he wasn't scamming some truly helpless user "out there" somewhere.

Re:How about

THEM: Hi this is Microsoft and...

US: hang up

Done. Fuck this war.

Then they call back and say "don't you care about your computer?" (I really wish I was kidding, but this really did happen).

I usually follow your method actually, but this tedious shit still gets old pretty quick. Time-wasting, parasitic little fuckers.

Re:How about

[Wycliffe]

THEM: Hi this is Microsoft and...
US: hang up
  Done. Fuck this war.

That's exactly what they want. It's the same reason that scammers say they are from nigeria even when they aren't.
They don't want to talk to you. They want the non-gullible to hang up as quickly as possible so they can quickly find
the little old lady who they can steal from. They called my mom and luckily she had 2 things going for her. First,
she doesn't know enough to actually follow their instructions and second, she called me. Otherwise she would
probably be out some money and I would be left cleaning up the mess. So sure, it's easier to hang up on them but
you are actually doing them a favor and helping them out by doing so.

Re:How about

... I'll just put you on hold while I boot up my computer. I'm afraid its really slow.

20 minutes later he hangs up and calls back. ... No its still booting I'm afraid. I'll just put you back on hold.

40 minutes later he finally gives up.

Re:How about

[TheCarp]

These people call my mother incessently. Every other day or so I hear her yelling at her phone "you are not really with windows, windows doesn't call" (yes they say they are calling "from windows" lol).

I just saw this and ran down to show her, not so much for the exploit but the idea of playing mickey the dunce and keeping them on the phone for as long as possible. Lol she has a true talent for annoying tech support. Hell I once got a call from a guy at the help desk "I just got off the phone with your mother" "really?" "yah down in radiology right? I was on the phone for 45 minutes and had to send a technition out because I couldn't get her to plug the ethernet cable back into the wall" "now, she told you she is blind right?" "No she....what the fuck!"

Seriously.... I think I just punished them good suggesting she keep a log of how long she can keep them on the phone for.

Re:How about

I managed over an hour and a half the other day. I had to look up the different messages from Windows XP from online help pages. Basically imagine you are really really clueless but you have an IT expert son who has set up your Windows computer so you don't have the administrative privilages to do yourself any damage and all running of hacking software is blocked by some obscure anti-malware software that you don't understand yourself. It also helps if you are too clueless to use your mobile phone at the same time as typing on the computer.

You should manage to do at least 10 minutes of mindless work between each time you talk to them.

Never admit you are scamming them; the aim is to teach them to hang up on truely clueless people themselves depriving them of some of their most important audience.

Re:How about

[gstoddart]

THEM: Hi this is Microsoft and...
US: hang up

And, if you're lucky enough to have a telephone which lets you block callers, you can do that.

Setting our home phone to drop calls from "Unknown" and "Private" callers killed a lot of this, and being able to block specific callers also helps. If you're calling me from a Private number, I'm not interested.

Of course, they just keep adding new fake numbers, so it's a losing battle.

I would say 95% of all of our incoming calls are crap ... it's gotten to the point if we don't know the number we don't bother answering.

I wish they'd prevent the ability to spoof caller id, because I get more scams calling with a fake caller ID, and I don't really care if a 'legitimate' business needs to do it ... because they represent such a small fraction of calls I get that I'm not prepared to accommodate them.

Re:How about

[gstoddart]

Finally told him I had to go pick up my daughter and that I'd been screwing with him. He called me a "miserable son of a bitch" and hung up.

You know, the amazing thing is they feel they have a right to be angry.

Dude, you called me with the express intent of scamming me ... you seriously expect me to treat you like a human being?

I don't think so.

Re:How about

[Frobnicator]

I managed over an hour and a half the other day.

I learned a fun one from a particularly annoying call.

Get them to repeat the messages. They rattle off the instructions, wait ten seconds, then ask them to repeat it. Alternatively, wait until they have rattled of the entire instruction, then slowly repeat the exact words from the beginning "first.. press.. the.. start.. button.. and.. type.. in.. "

Tell them you need to write it down first to make sure you do it correctly. Since you as the 'victim' don't want the infection to be worse you obviously should write it down to make sure you do it exactly right.

Naturally you can use the time for more productive things, like looking up ways to best take up the time of the scammer.

Re:How about

[CohibaVancouver]

You know, the amazing thing is they feel they have a right to be angry.

You're using a western mindset.

He's some impoverished guy in India desperate to make a few rupees from someone who, in his eyes, is very wealthy.

The 'wealthy' person has wasted his time, so he's angry. His 'boss' will probably yell at him for being unsuccessful, so he's angry.

It's not cut-and-dry like you might think.

Re:How about

[BringsApples]

Never admit you are scamming them

How are you scamming them?

the aim is to teach them to hang up on truely clueless people themselves depriving them of some of their most important audience

Again, I don't get it. What are you teaching them? To hang up on true suckers? Silly, that's what they're after.

If everyone would just accept that it's impossible to 'get a call from microsoft out of the blue' or any other 'I'm just calling to help you' bullshit, then this whole thing would end. So rather than spend 30, 40, or 50 minutes on the phone, "scamming" these people, spend 10 or 15 minutes calling all of your friends and family that would probably be scammed, let them know what's happening, and go back to your regular day, then the world can proceed. But it's your own time, do as you wish. Thinking about it in the same terms that advertisers do, however, you will find that giving them (the scammers) your attention (your time) will probably only make them feel that it's working, and worth the troubles of calling another potential candidate.

Re:How about

[GameboyRMH]

You all need to learn to enjoy the sweet delicious lulz, and show your appreciation by laughing while they curse!

Re:How about

[BringsApples]

Yeah that's a good point, but rather than keep them on the line, hang up, call your mom, "Hey mom, no one will EVER call you out of the blue to help with your computer unless they're trying to scam you. If anyone EVER calls to help you with a computer problem, and it's not me, hang up. Bye mom, I love you."

Seems like a solid plan to me.

Re:How about

[gstoddart]

You're using a western mindset.

He's some impoverished guy in India desperate to make a few rupees from someone who, in his eyes, is very wealthy.

Well, that's NMFP ... he knows damned well that what he's doing is illegal, and would have no sympathy for me if I fell victim. He is certainly aware of the fact that he's not offering me a useful service. You couldn't possibly train someone to do that scam without explaining it to them.

So, he may well have convinced himself that there's no harm if he scams us a little.

But, I don't actually give a crap about his feelings.

If what he's doing is so noble and justified, call someone in India, see if they are interested.

From me, he gets a big "fuck off".

If he's expecting me to say "oh, gee, the poor cute little Indian is just trying to make a buck", he's sadly mistaken, and should expect the kind of animosity he gets.

Re:How about

[Jason+Levine]

We use Google Voice for our "home" phone number. When a call comes in, it rings our phones and we have the option to answer or send it to voicemail (where we can listen in and answer at any point). The exception to this is that we can mark a number as "spam." If we do this, they get a "This number is no longer in service" message and our phone doesn't ring. Double benefit in that we don't get harassed by them and they might just take us off their list for having a non-working number.

Re:How about

[Sloppy]

So sure, it's easier to hang up on them but you are actually doing them a favor and helping them out by doing so.

No, failure to take hostile action isn't a favor; it's neutrality. Installing their malware would be a favor. I can appreciate those with the time and energy to take fight to this enemy (good on you!), but I have other battles to fight with my (however high) limited anger.

The problem with this enemy, which makes it so hard to care, is how irrelevant they are. So they call people about bullshit, wasting their time. That can be annoying, but there are so many more annoying things.

I suppose some people would say this enemy is worse that that, because the call is just a way of performing a SE attack, but I disagree. I just can't help but get blame-the-victim-y with SE attacks like that. I think many of our society's real problems are caused by SE, much of it legal (e.g. "vote for me, because I'm a member of the correct party," or "believe our religion's dogma, because your parents did") and that we'd all be a lot better off with more "scam antibodies" in ourselves. So part of me hopes these scammers flourish, thereby teaching people to stop being so fucking gullible. Maybe you can't fix stupid, but we can try, and an environment full of con artists is good for that. These assholes are evil, but they're good for us.

No, I'm not fully committed to that outlook (sure, I wanna hurt the bad guys too) but I'm conflicted enough that it evens out. And while we're at it, don't knock lazy! So a position of neutrality, it is.

Re:How about

[barc0001]

That's not really correct. That only works if everyone in the world calls their mother, father, aunt, grandma, etc, which is obviously never going to happen. So again, all you've done is moved the scammer on quickly to his next target. Think of it this way: if it takes this guy an hour to scam someone, he spends an average of 30 minutes finding each new mark that leads to a cash scamming, and he works 8 hours per day, on average he will scan 5 to 6 people per day. If you waste an hour of his time, you've saved someone else from getting scammed that day.

Re:How about

[Angostura]

The bizarre thing is that I've had several argue with me for 10 minutes even after we've got to the point when I'm saying 'Look I know this is a scam, you should reall stop doing this and do something else" they have vociferously denied that they were scammers, even when I'm saying "I don't understand why you're continuing with this call".

Bizarre.

Re:How about

[DarkOx]

Yes is that cut and dry. This a person who has phoned you up with the intent to do you harm. His/Her reasons don't matter. (S)He has no right to try and defraud you. (S)He isn't stupid either, he knows the folks (s)he is working for are fraudsters and (s)he knows this and is participating anyway.

If this person is so desperately poor than they should be calling and asking for charity. This is malicious behavior and it deserves an in kind response.

Re:How about

[gstoddart]

There's a strong chance these people are staffing a call centre that is hired by the true scammers and are following a script

Have you heard these calls before? Have you seen transcripts?

There is no conceivable way you could be doing that scam without knowing you're lying. They're asking for access to your computer, and showing you stuff they'd be able to see on their own computer. If any of these people believe they're doing magical cold-call tech support, they're so incredibly stupid as to deserve contempt.

There are some things, like the idiots I get calling to clean my ducts, who could possibly not know it's purely a scam ... but I still have no sympathy for them. I don't have sympathy for so called "legitimate" cold callers either -- because I've had several charities who despite being told to stop calling simply call back the next day.

For the people doing this specific computer tech support scam, by the time someone has taught you how to do it, you can't not know it's a scam.

Re:How about

[BringsApples]

That only works if everyone in the world calls their mother, father, aunt, grandma, etc, which is obviously never going to happen.

Why not? I can't imagine being more backwards than feeling more like staying on the phone with a scammer for an hour, than your own family for 2 minutes.

Re:How about

[BringsApples]

I should also point out that if you are allowing for an hour of your time to give to these assholes, then what makes you think that eventually they'll start to get funding from viagra, and while they have you on the phone, and you're all "bla bla bla" about how stupid you are (pretending to be), why not take that time to toss in some viagra information for you to listen to? The faults with your logic are as flawed as they can be. Hang up, don't waste your time - it's not war unless you allow it to be. Also, get in touch with your family and let them know, if you care about them. If you don't care about them, then let these scammers have their fun, what do you care?

Re:How about

[Bob+the+Super+Hamste]

If they are that desperate I wonder if I could make them a counter offer and send them $50 US to go and kick their boss in the crotch as hard as they could while having the phone on speaker so I could hear it.

Re:How about

[joemck]

I've been thinking about installing Win98 (which I believe is the minimum requirement for Ammyy) on my 486 DX/33, and then installing a bunch of toolbars and adware to make it even slower. Win98 minimum requirement is 486 DX2/66, but I've gotten it to run slowly on a 33 MHz one. Let them suffer trying to install their probably XP-minumum-requirement viruses on that for a while.

"Thanks, I'm glad you called! My computer *has* been running kinda slow lately."

Re:How about

[joemck]

Bogging down the scammer for an hour puts a far larger dent in their profits than hanging up on them, letting them move onto a more gullible mark, and telling one other potential mark to do the same. This isn't about which activity is more enjoyable to you, this is about damaging them and their ability to hurt others.

And if even just a handful of people use the metasploit this article is about with an OS-killing payload*, it would probably put them out of commission for a good bit longer than trolling them, and at much lower time cost to you. *--or even just things that flip the display output, change mouse speed, force 16 color mode, set a 1 second screensaver timeout with password protection, or other general annoyances.

Re:How about

[Swave+An+deBwoner]

You want this:

http://itslenny.com/

Re:How about

[hawk]

Your argument is identical to that about poor young crack dealers, or mafia soldiers, or . . .

Re:How about

[barc0001]

Why not both? But you're not getting this, or you don't really care if anyone else gets scammed. Which is fine, but I also hope you don't expect other people to be altruistic towards you or your family. Because that would be hypocritical.

Re:How about

[barc0001]

"why not take that time to toss in some viagra information for you to listen to"

Now you're just being silly.

"if you don't care about them, then let these scammers have their fun, what do you care?"

Oh, it's FUN! Scamming vulnerable people out of money is FUN! Scaring the shit out of some grandmother and then scamming her out of most of her food budget for the month is FUN!!! Can I have your grandma's number? It's all in fun...

But I'm le tired...

[blueshift_1]

Seems like a lot of effort just to get back at a bunch of call center guys who may or may not call you. I mean, if they kept calling on a daily or even weekly basis, it might would seem reasonable.

You have a problem on your Linux desktop

[Old-Claimjumper]

Them: Hi This is Microsoft. You have a problem on your desktop
Me: Oh! Wow! how do we fix it?
Them: Do you see your START button?
Me: (Looking over my Gnome Desktop on my Fedora workstation...) No.
Them: Just look on you lower left.
Me: I have ACTIVITIES on the upper Left.
Them: That must be it. Pull down the menu from that START Button.
Me: OK
Them: Do you see the RUN item
Me: No...

And they get more and more frustrated by this looser who can't seem to work the START menu.
I really try to follow their instructions.
After all they said that they had analyzed my machine and knew exactly how to fix it. They MUST know what they are doing then.
You mean that, maybe, possibly, thay were not completely truthfull???

What is wrong with people?

[Mefesto44]

I'm always surprised by how people can be scared into using this service. I'm the NA for the largest private GP clinic in the state of Montana and I still have quite a few old customers call me from back when I ran my own tech service company. People who I would consider "smart" or "less-than-scamable" have fallen time after time from this exploit and handed over personal information and pretty chunky sums of money. No matter what you've done in the past to help educate or bring people up to speed on current scams it never is enough. The lack of deep understanding of technology seems to render even the most reasonable person inept.

I always get the statement "In the back of my mind I knew this seemed a little fishy, but the other day I was having trouble with X and then Microsoft called. I figured they knew!". Part of me wants to blame the current news reports of the NSA and how they are passing around the watercooler your email about how your last batch of zucchini made the best pickles... your everyday man thinks that Microsoft or these huge companies like Google are literally standing over your shoulder examining your every move. Hell, of course Microsoft knows about your problem with that Outlook plug in that keeps crashing on startup... they've been watching you for the last 2 weeks daily!

All it's doing is funding my side business and bringing me a stream of easy to fix computers at $80/hr. Maybe I should send these guys a cut of the cash.

Re:What is wrong with people?

[Bowlich]

Reading over your comment it just occurred to me that a lot of novice users could very well potentially have an argument for why they would believe that Microsoft "knows" of their problems -- every time Windows XP had some process crash it would pop up a modal asking if you wanted to send a crash report to Microsoft. Pretty much every OS I've worked on does this, Ubuntu will even ask if you want to report a problem.

If I never used, or rarely used a computer and didn't come across these messages often it would not be a large jump of logic to presume that clicking "yes" on that modal would open a ticket on some help desk at Microsoft and some lowly tech-support would call you up some time in the future to fix the issue for you.

Re:What is wrong with people?

[gstoddart]

I'm always surprised by how people can be scared into using this service.

Sadly, not everybody has a good working knowledge of computers, and don't have enough street-smarts to spot the clues of a scam.

Lots of older people who really don't know much about their computer, and are completely unaware this is an ongoing scam fall prey to it. They just think it's a nice person offering to solve a problem for them.

It's like any other form of spam or scam ... you only need a very small percentage of people to fall for it to be profitable. Especially since when you answer the phone it takes a few seconds for the auto-dialer to connect you with the guy on the other end. Because they're not calling you, a computer calls a zillion numbers, and then connects people who answer to the next available scammer.

So, if you know some older people who have computers, sit down with them and explain that the world (including the internet and the telephone) is full of lying, greedy bastards who are out to get you. It's like "stranger danger", but for adults.

Not everybody is as cynical and paranoid as people who work in IT. But you need to get them enough of both to not be victims.

I am continuously grateful that when my parents decided to get a computer I sat them down and had "the talk" (*) ... because they subsequently became people who could spot a scam on the phone from a mile away, and learned the kinds of things not to do on their computer.

(*) OK, I had to discretely have a separate talk with my father lest the lure of b00b1es caused him additional computer/wife problems. ;-)

Re:What is wrong with people?

[tlhIngan]

You'd think people wouldn't get taken in by those Nigerian 419 scams as well, but they keep falling for requests to send money to make money.

You would think they'd stop before they'd send away $25,000 or more, but...

I can understand elderly folks falling for the "Hi I'm your grandson stuck in the middle of nowhere" scams, but the people who traditionally fall for the 419s know they don't have grandkids, and typically middle-aged people.

I guess greed blinds.

Re:What is wrong with people?

[Jason+Levine]

They called my father and he almost fell for it. He got wise and called me when they said they were going to have him install software so they could remote in. He had just enough sense to know NOT to do that without asking me. He had told me a similar thing. It sounded fishy, but he was having trouble with Microsoft Office and so thought maybe this was related to it. When my response was "Hang up!", he actually argued with me "But what if they are legitimate?" Finally, he accepted that it was a scam and hung up. Luckily, he's not the type to fall for something twice so when they called him back, all they got from him was a verbal tirade from him followed by a hang-up.

Now my wife's grandmother is another story. No matter how many times we tell her "don't do X", she keeps falling for this stuff.

Re:What is wrong with people?

[Jason+Levine]

You would think they'd stop before they'd send away $25,000 or more, but...

The problem, once you've fallen for the Nigerian scammers, is that it can be hard to admit you've been scammed and have lost money. You can either admit that and realize you were an idiot, or keep believing that this $1,000 you're sending will finally unlock those millions that are "obviously" coming your way. The deeper these people fall for these scams, the harder it can be to admit that it was a scam and that there never were millions coming to you. So they keep going deeper and deeper in the vain hope that they will finally reach their payday.

Re:What is wrong with people?

[freeze128]

Yeah, but SIX MONTHS in the future?!?!?! That should tell you right there that their help desk is worthless.

Re: Actually

My husband loves the duct cleaning guys. He tells them that he needs there service so bad but first he wants to know how they clean the ducks and if they will clean his geese too. He continues his hilarious routine interspersed with quacking and squawking noises from his iphone in the background for a good 5 minutes.

For the tech support guys he pretends to feel it necessary to save them from the devil's work AKA the evil computer. Hilarious stuff.

I've gotten 4

[itwasgreektome]

I've gotten 4 of these calls. I'm glad there's someone working on a way to scam the scammers, a la 419eater.org. I've tried to keep them on as long as possible and mess with them, the last one got so upset he told me, "You're an idiot, your mother's an idiot, everyone in your family is a big fucking idiot. F*ck you!" Before he hung up on me, it was adorable. I did, of course, record him to show to all my friends how funny it was. I can't keep them on for more than 5 minutes or so before they grow wise and flustered and just give up though. As no law enforcement agency is going to go after these guys, and they are running free, I'm pleased someone is working on a way to mess them up a bit. It's not going to be illegal to scam a scammer, as in order for the authorities to know about it the hackers would have to identify themselves to them, something they would never do. And there's no way Interpol is going to deal with it, just as they won't deal with our complaints.

Re:I've gotten 4

[wonkey_monkey]

It's not going to be illegal to scam a scammer, as in order for the authorities to know about it the hackers would have to identify themselves to them, something they would never do.

I hope you don't generally live by the rule that "if you can't get caught, it's not illegal."

Re:I've gotten 4

[itwasgreektome]

You're right, my legal basis was poorly worded. Let me draw it in an analogy, it's usually illegal to shoot someone, one exception is when they're shooting you. It's illegal to record someone without their permission on the phone in California (felony wiretapping law), unless they know they're being recorded or if they're doing something illegal. It's illegal to break someone hammer, unless they're using it to break into your house. When a computer hacker is trying to gain illegal access to your computer for illegal purposes, you can use whatever means short of physical force likely to stop said attack. On top of it not being illegal to defend yourself and help destroy a burglar's tools, you also have jurisdictional issues, and the issues that short of them stealing several million dollars no one is going to bother with attempting to prosecute anyone EVEN IF somehow they found a legal loophole to do so. And even if they DID issue a warrant, and these fraudsters are surely foreign, there is no way the US Government would ever allow extradition. So it's a moot point. But my previous reasoning did fail to show a good enough reason, I grant.

Re:I've gotten 4

[ganjadude]

I have a VM set up JUST for when I get one of these calls yet I never do

Re:I've gotten 4

[wonkey_monkey]

Haw haw!

Re:I've gotten 4

[BronsCon]

That's because they're monitoring your computer and know you're out to scam them.

Re:I've gotten 4

[_anomaly_]

I haven't gotten any of these calls either. I'm not saying that I want these calls to start coming in, but I'd sure have some fun with it if they did.

So, I wonder. I only have a cell phone... are those that are receiving these calls on a regular basis only getting them on land lines, or am I just lucky to not be getting them on my cell phone?

Re: I've gotten 4

[itwasgreektome]

They are not monitoring your computer until you give them access. That they are monitoring your computer is the ruse they use to give them access.

Re: I've gotten 4

[itwasgreektome]

All landline for me. Though I did get a BofA scam call on cell phone the other day.

Re: I've gotten 4

[BronsCon]

And that you're replying at all.... *WOOSH*

Re:I've gotten 4

[jriding]

I wonder is a self-defense or "stand your ground" defense could be used if you were ever charged for hacking them when they were trying to hack / scam you....

Re: I've gotten 4

[itwasgreektome]

You were doing it as a means of defending your computer, not as a punishment or to be malicious. Also, you wanted to be able to identify your suspects (similar to an attack victim who scrapes suspect skin dna under their nail).

Re:I've gotten 4

[HiThere]

I've gotten one of them, but I'm afraid I was too impatient to hold him long. Eventually I told him I'd just been reading about them.

Start button?

[ArcadeMan]

Them: Hello, this is Microsoft. We have detected a problem with your computer.
Me: Really? And you're calling to help me?
Them: Yes of course. Do you see your "start" button?
Me: No I don't see any "start" button.
Them: It's in the lower left corner.
Me: I have a button in the upper left corner that says "OS/2 Warp"
Them: Asshole. (hangs up)

Re:Start button?

[countach]

Ha ha. You should say there is a Start button on your punch card reader, and you pressed it, but the card got jammed.

I've been looking for something like this!!!

[sabbede]

I get those calls surprisingly often (I'm IT support already), and as fun as it is to keep them on the line as they try and guide me to the download (which I do with Lynx), fighting back would be so much more fun!

What spam calls?

[Grizzley9]

Who receives these calls or any spam calls for that matter? Like an ever increasing number of people, I only have a mobile number. It's registered on the Do Not Call list. I've never, to my recollection, received a spam call. I know this is for scammers and they don't play by the rules but it's been like this for a decade (DNC started in 2004 and I've been mobile only since then). Am I an anomaly? Am I not worthy of a spam/scam call for some reason? My phone number is out there and with every online site I need to enter it in. Perhaps I've just been lucky or this isn't a problem for most Americans due to the Do Not Call list? I'm not sure. https://www.donotcall.gov/ (620)867-5309

Re:What spam calls?

[Scutter]

Scammers, by definition, do not follow the law. What makes you think they'd concern themselves with something as petty as a Do No call law?

And yes, you should consider yourself lucky. These kinds of calls are becoming more frequent and MUCH more aggressive. I had one scammer call me back over a hundred times in one day when I hung up on him. I eventually just routed all incoming calls to my fax machine.

Re:What spam calls?

[YrWrstNtmr]

You've been lucky. DNC or not, they do not care. They just cycle through every possible number in an area code, and when someone answers, the spiel starts.

A few years ago, it was the car warranty scam. Landline, cell, DNC list....does not matter. Recently, home security scams. I got 2 yesterday. 1 on the landline DNC'd number, one on the cell.

I'm just waiting for one of these virus calls, so I can screw with him.

Re:What spam calls?

[gstoddart]

I'm not sure. https://www.donotcall.gov/ [donotcall.gov] (620)867-5309

Well played.

Re:What spam calls?

[Grizzley9]

I'm not sure. https://www.donotcall.gov/ [donotcall.gov] (620)867-5309

Well played.

Well maybe I'm lucky, but I for sure am not going to post my real # on a site like this.

What Microsoft could do

[Jesrad]

One thing Microsoft could do easily and cheaply, which would eventually end this "Calling you from Windows and you have a virus" scam, is to have a short mention about this being a scam on the front page of their website. A single sentence would suffice.

When you get called by the indian call center employee, who for most of them believe they are working for a legitimate business, mention how the caller is NOT really affiliated with Microsoft because their website say it's a scam. "See for yourself !" and hang up.

The actual pirates can probably not do the mass phone call themselves and still rack up enough money, which is why they hire call centres to do it for them, and why they also take precautions to show them some pretense of legitimacy. If the call centres stop working with them they'll go away.

Re:What Microsoft could do

[Andrewkov]

99.9% of regular users never go to microsoft.com. Actually, I take that back, what is the default home page in IE? That would be the place to put a warning..

Re:What Microsoft could do

[BarbaraHudson]

The call center employees know full well that what they're doing is a scam, same as the duct cleaning, same as all the other scams. The call center employees were caught by CBC

In Marketplace’s undercover investigation, a Karachi call centre supervisor was caught on camera reassuring a new hire that they can’t be caught.

"There is no need to worry," he says. "The customer will not be able to report us. They can’t trace us."

Employees are also told to say they’re calling from Ontario, and the callers used fake names.

They know that they're lying. They know they're running scams. Screw them.

Re:What Microsoft could do

[_anomaly_]

what is the default home page in IE? That would be the place to put a warning..

I believe it's still MSN.com... so unless the text stating the warning is a link that generates ad revenue, they wouldn't think of putting it on the home page.

Re:What Microsoft could do

[Etherwalk]

M$ won't care, it's more money for them when your computer gets screwed up and you have to (a) call M$ tech support (b) buy a new PC (c) buy another M$ license (d) take your pc to a repair shop.

I am going to go ahead and make an educated guess that Microsoft has done more to improve computer security for gullible people than you have.

I'm not saying it's perfect--but it's a lot more secure than it used to be, and they want it to be secure, and they spend a lot of money on making machines secure.

Re:What Microsoft could do

[HiThere]

I don't think that's an educated guess. MS took a basically secure operating system and redesigned it by taking out all the secure features. True, this was done before the web was common, but they were the ones that did it. Starting to reimplement them in later versions of MSWind doesn't sufficiently mitigate their creating the problem in the first place.

Re:What Microsoft could do

[Aldenissin]

Beware of scam! Install and upgrade Mal-Ware Bytes today!

Re:What Microsoft could do

[anyGould]

Employees are also told to say they’re calling from Ontario, and the callers used fake names.

Using fake names is actually a thing in call centres. Once upon a time, I worked for a completely legitimate educational facility, calling alumni for donations. (Hey, better than retail, right)? Rule 1 was to never use your real name, because (a) you never knew if someone was going to go all stalker-y, and (b) it's an easy mental barrier between people venting at you, and, well, you (because they're not yelling at me, they're yelling at "Antonio".)

Re:What Microsoft could do

[SuiteSisterMary]

(b) it's an easy mental barrier between people venting at you, and, well, you (because they're not yelling at me, they're yelling at "Antonio".)

When your introductory training includes psychological coping mechanisms, rethink your decision to be there. :-)

Start Button ?

[OneSmartFellow]

Them: Hello, this is Microsoft. We have detected a problem with your computer.
Me: Really?
Them: Yes of course. Do you see your "start" button?
Me: No
Them: It's in the lower left corner.
Me:The lower left corner of what ?
Them: The lower left corner of your computer.
Me: The lower left corner?...........when viewed from where ?
Them: From the front.
Me: OK, let me see.....All I see is a little sticker that says Intel Inside on the lower left corner.
Them: I don't understand.
Me: The computer has a little sticker on the lower left corner. but no start button.
Them: No, I mean the lower left corner of your monitor.
Me: Wait I'll have a look..........I don't have a start button on the lower left corner of my monitor either. I do see a little sticker that says "Infant Optics" (it's a baby monitor) Them: click

Re:Start Button ?

[SQLGuru]

Next time you get the call, you could try this approach:

You: Wait, you know I have a computer? Are you my parole officer? I've been banned from using electronic devices due to my recent conviction. If you're accessing my computer, that makes you an accomplice. Per the plea agreement, we both going get 20 years in a federal prison. The NSA is probably now tracking us both.

Re:Start Button ?

[advocate_one]

they were asking me what label was on the key next to the bottom left corner...

it may be a windows key on my keyboard... but it doesn't bring up anything when I hold it down and press 'r'... that throws them... they get quite angry as I keep telling them that nothing happens and there is no start menu either on the screen, just a stylised bird... and that when I do click that icon I don't see a control panel choice...

Running Lubuntu LTS with LXDE...

Re:Start Button ?

[sconeu]

Oh, I LIKE that one!!! I may have to try that.

Re:Start Button ?

[dwywit]

"This is a silent number...how did you get it? I'm in witness protection and my calls are monitored by the {NSA/CIA/GCHQ/AFP}."

Or, when you get to the point where you've opened the windows event log and they ask you to read the warnings and errors (to prove their claim that your computer has errors), just say "there are no errors or warnings". This usually results in a short wait while they search their script for an appropriate reply, or a transfer to a "supervisor" to continue the fun.

TeamViewer

[bhlowe]

I had a "Microsoft" guy walk me through installing TeamViewer. After twenty minutes of goofing with him, I said it was installed (which it already was).. When he asked for my team viewer ID, I asked for him to give me his ID first. They didn't and were mad I wasted their time. But.. it makes me think that the TeamViewer company might be able help track down these jerks.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Windows is updating

[jmv]

I like to get these scammers on the line for as long as possible, but without wasting my time. So far, what I've seen to work well was "Oh, my computer just crashed, I need to reboot" and "Now windows is applying updates". This means they'll wait without me having to think of stuff to tell them. Any other effective tricks?

Re:Windows is updating

[antdude]

Or tell them you computer won't boot up since it cannot find an operating system or something.

Re:one did ring back and shout abuse

[DocSavage64109]

I never have these guys calling me, but several of the stories here mention these guys shouting profanity and abuse. I wonder if it is some sort of defense mechanism to keep themselves from realizing how low they are to be using these fraudulent tactics on innocent people.

Does your mother know?

I've taken to asking them questions like:

Does your mother know that you spend your days trying to steal money from people much like her? How does she feel about that?

How does it feel knowing that every minute you're at work, you're making the world a worse place to live? Do you sleep well at night?

etc.

I once had the employee's manager call me to chew me out for making the employee feel bad. Hopefully he quit.

Re:Does your mother know?

[Blue+Stone]

Oh yeah, I did this with one guy. I played him for about half an hour just making stuff up - I wasn't at my computer at all - and then I turned on him and asked him how he slept at night and what his mother would think if she knew how he spent his days stealing from little old ladies, etc.

He did not like that. Hung up on me and then, still enraged I guess, rang me back and tried to have a go (which didn't work, naturally). I hope what I said got to him.

I just give them access

[Khyber]

I keep an old XP laptop loaded with furry porn, pictures of cows and pigs being slaughtered, BDSM porn, transsexual midget porn, stuff from rotten.com/ogrish like beheadings, gential mutilation, etc., set on random rotate every second for the desktop with a nice fading transition, everything locked except the remote assistance tool, and when they call I put that machine live and let them in.

The extortion begins, and then they see something that invariably offends the piss out of them while they're forced to watch a constantly-changing desktop wallpaper they can't stop, and the extortion ends with me laughing in their ears.

Endless entertainment. I even got a "You're the sickest thing existing on this planet." from some chick that was playing the scam.

I lol'd hard at that one.

Re:I just give them access

[Eunuchswear]

You win the internets with that one.

Can't even get their names right...

[advocate_one]

Had one Indian woman claiming she was Dave from Microsoft...

How about THIS?

[Sloppy]

I have never gotten one of these calls. But I have gotten a few calls like this:

[Phone vibrates. I see the non-local calling number. Reject and block.]

That's the new, lazy version. Until a few weeks ago, I had many of these:

[Phone vibrates. I look at the non-local calling number and wonder who that could be. Google the number and apparently every non-local number that ever calls me, is associated with robocalling. Reject. They call again a few days later. Reject and block. Then a few days later I look at my Visual Voicemail which my shitty Galaxy S4 software never tells me has new entries until I refresh it, and some actual human speech may happen.]
ME: "Fuck."
[And I see they left a few messages containing nothing but silence. Delete.]

But that second scenario doesn't happen anymore. Robocallers have successfully trained me.

Re:How about THIS?

[BringsApples]

Yeah, that's even better. These people that are talking about hanging out on the phone with these creeps have me baffled. Even if you look at it in the same light as biological war, eventually not just outright killing (hang up the phone) the virus (the creeps), provides a way for the virus (the creeps) to gain some bits of immunity (understanding) of the treatment (logic of keeping them on the phone in order to waste the creep's time) and thus provides them a sort of way to plan how to deal with it. And in that light, they're actually making things harder for not only the already gullible, but also for the ones that want to play these games.

Virtualization

[uolamer]

I hope they call me one day so I can play dumb and let them into one of my worthless virtual machines..

Re:I just unplug my landline phone

[flyingfsck]

So, why do you waste money on the phone? Ask your phone company to change it to 'dry DSL'. A line with no dial tone. They will balk, but if you insist, then they will do it.

Most important line in the tech report

[Fnord666]

The most important line in the tech report by Mr. Weeks is the following:

No scammer group has ever called me, and I have never used this except to test it and in demonstrations.

So has anyone actually used this module successfully in the real world?

India: Scammer country

[ub3r+n3u7r4l1st]

ugh, this is a real disgrace on India. I think this scamming here is frequent from India because there is little to no regulation, law or enforcement of it if there were one about scamming 'foreigners'.

This is how most of the Indian GDP were composed of.

It is part of their culture. In the university that I went to, 90% of the Indians are cheating. This is in a electrical engineering master's program.

That's why our organization will not hire any H1Bs.

Re:India: Scammer country

[dickens]

It is kind of a shame. I worked at DEC for 18 years and I knew quite a few genius-level CS guys in the research and AD group where I worked.

But I think the wannabees followed them in. I finished my BS at Fitchburg State College where there are a dozen undergrads and 100 grad students in the CS dept, and almost all of the grad students were Indian. I went to a programming contest there, showed up 40 minutes late for a 2 hour contest, was the only one there writing in Java (because I was intent on learning it at the time) and took 5th place out of a field of 80.

Lots of fun

[SledgeHammerSeb]

It's fun to tell them you have 23 computers and insist they tell you which one is infected.

Re:I just unplug my landline phone

[mrbester]

Not in UK they won't due to BT's Universal Service obligation. This is so you can always contact the emergency services should you need to.

Re:I just unplug my landline phone

[Guy+Harris]

So, why do you waste money on the phone?

It provides a convenient phone number to provide to people who require one but to whom you don't want to talk, e.g. charitable organizations that will pester you to increase your donation. Turn the ringer off, give it an answering machine or similar service, and let people leave messages which you pick up later.

(It may also work better for speakerphone calls than a mobile phone.)

Re: Actually

[Naut]

I know this is sort of off topic, but duct cleaning is a real thing. I work in the HVACR (air conditioning / refrigeration) business. Now there are scammers in all trades, but if you are worried check the BBB or Angie's list to see. Duct cleaning makes the system more efficient, removes mold and bacteria. Just my $.02 .

oh noes

[Thud457]

Your computer has performed an illegal operation

You owe a civil fine of $150, please to be sending to me C/O the Prince of Nigeria or I will have to be sending the police to your house.

Much bettern than my idea

[ripvlan]

I have been using the "Yes..and" Improv method of Step In.

"What? Again? My damn kid put a virus on the computer again? Boy!! Get your Ass down here now... yes you... talk to this guy... WTF (whack)" [pull phone away from head, change voice "No Dad, that hurts, let go, stop, ow ow" "You get the phone with this guy right now and fix this.... and after we're going to have a talk...."

or -- two old people "Ethel - do you understand what this guy wants? Something about a computer... hmm.. our grandson was over last week. Hold on while I get him"

or -- "Oh - I've been waiting for you to call. See I have this problem where....."

of course if I'm in a rush I just say, "I have a Mac" and they hang up immediately. Seriously.. click.

Re: Actually

[ripvlan]

oh yeah - I'm sure they've never heard that joke before.

har har. [click]

Re: Actually

[HiThere]

If they're cold calling, they're scammers. 90%+ certainty. Some of them may not know it. Perhaps.

R Lee Ermey

[Jarik+C-Bol]

I usually just do my best to channel R. Lee Ermey in Full Metal Jacket, laced with the dredges of 4Chan and Bash.org, and see how long it takes for them to hang up under the verbal onslaught. Some of them last several paragraphs.

I never get these calls

[jonwil]

Probably because I dont have a landline phone and scammers (and telemarketers for that matter) dont call on Australian mobiles because it costs them too much.

Re:I never get these calls

[Kris_J]

That must be nice for you, but some of us need to maintain a landline for affordable incoming international calls from family. Also, my security system has a dialer that needs a landline.

Re:I never get these calls

[SternisheFan]

You might want to look at Google Voice, very cheap international calling rates.

Re:Ammyy

[PopeRatzo]

Seriously, is it safe?

Rude to the Max

[WoodburyMan]

They never seem to call me. I have a clean XP VM all setup ready to go to have them remote into. They do however call my parents (Asking for me by name somehow, my name must be linked with that number). Despite being non-technical, that doesn't prevent my father from screwing with them the old fashioned way. He usually keeps them on the line, saying things like "I already have a Window cleaner, he comes by on Tuesdays and does a good job! Even does the 2nd story windows!" He'll usually tag them along for a good 10 minutes or so. 50/50 change of them ending without incident, the other half they usually scream some swears or insult then hang up. The last time, when he had enough, the scammer asked "What is on your computer screen?" and my father replies "Oh! t's all pictures of naked woman!" The scammer then replied "Oh! That must be your mother! You mother f****er!" then hangs up. They are the ones calling and scamming, and the attitudes these people have are amazing. Some other fun tricks to try is talking in another language. My parents can speak basic French, and occasionally they confuse these scammers, who barley speak English, by talking French and it really throws them off.

I had a discussion of Indian movies with them...

[Taed]

The clearly-Indian-accented fellow called last week and I knew immediately that it was this scam. I am not Indian, but know many and I love international movies. I said, "Hey, you're Indian; let's talk about Indian movies!" Him: "No, sir, I'm not Indian; I'm American." Me: "Clearly from your accent, English is not your first language." Him: "No, sir, English is the only language I speak." Me (in my best Hindi, but I only know this phonetically): " ." ("I speak Hindi.") Him (very surprised): "You're Indian, too?!?!" Me: "Let's talk movies! Have you seen _The Three Idiots_? How about _English Vinglish_? _RA-One (Rawan)_? _Barfi_?" So we chatted for a few minutes and then it was time for me to go.

Everyone should see _The Three Idiots_; it's a great movie!

Re:Better solution

[anyGould]

That's my usual policy if I don't have time to mess with them.

But if they catch me on a quiet night, and I've got some excess nerd-rage to vent.. why not put in a bit of public service volunteering time and keep this guy busy so he can't call anyone else?

Re: Actually

[anyGould]

I know this is sort of off topic, but duct cleaning is a real thing. I work in the HVACR (air conditioning / refrigeration) business. Now there are scammers in all trades, but if you are worried check the BBB or Angie's list to see. Duct cleaning makes the system more efficient, removes mold and bacteria. Just my $.02 .

As a consumer, I'm not going to buy *anything* over the phone. If you're a legit business, you'll have better luck running ads or putting flyers in my mailbox or even knocking on my front door. There's so much spam over the phone (between the OMG-you're-in-trouble to the You-Just-Won-A-Trip-From-An-Airline), that you can be the most reputable company on the planet - I'm not buying shit from you over the phone.

Snail Mail

[muphin]

Has anyone actually social-engineered them to provide postal details.
e.g
me: you want me to install __?
them: yes plz sir, please download and install!
me: how about i just send you the money to come and fix it, i take it you're in india.... where should i send the $500 cheque?
them: please wait wile i talk with my supervisor
them: sorry we cannot do that, do you have a credit card....
me: sorry i only have a cheque, i'm a 70 year old retired investment banker... i have no need for a credit card, i can draw up a bank cheque if you like, isnt $500 enough... ok how much do you need, i never deal with my computer so i dont know how much these things cost... $1,500?
them: ok let me talk to my manager again please
them: ok, as your computer is majourly infected, it will be very expensive to repair, please send $5,000 to.........
me: ok, i'll send it tomorrow, thank you.
them: we will call you once we receive the money, hangs up.
me: calls interpol with the details.

clean hands doctrine

[hawk]

I am a lawyer, but this is not legal advice. If you need legal advice, and try to get it on the internet, you need a shrink far more than a lawyer . . .

anyway, the clean hands doctrine is a rule from "equity," not "law". It only applies to equitable relief, such as injunctions, not to suits for money

hawk, esq.