65,000 Complaints Later, Microsoft Files Suit Against Tech Support Scammers

MojoKid (1002251) writes Tech support scammers have been around for a long time and are familiar to most Slashdot readers. But last month, the Federal Trade Commission (FTC) announced that it had issued lawsuits against several culprits responsible for tech support scams. Now Microsoft has announced that it too is going after tech support scammers. According to the company, more than 65,000 complaints have been made about tech support scams since May of this year alone. Bogus technicians, pretending to represent Microsoft, call the house offering fake tech support and trick people into paying hundreds of dollars to solve a non-existent issue. If successful in their ruse, the scammer then gains access to a person's computer, which lets them steal personal and financial information and even install malware. I managed to keep one of these guys on the phone for about 20 minutes while I stumbled through his directions, over and over, "rebooting," pretending to be using Windows, etc; the next one caught on more quickly. Have they called you? If so, how did the call go?

Edit needed in body of story

[SternisheFan]

"...the next one caught on my quickly." (?)

Re: Edit needed in body of story

It's perfectly cromulent.

Re:Edit needed in body of story

[SIGBUS]

Looks like he accidentally his post.

overflow?

was the magic number 65536?

Re:overflow?

[nukenerd]

was the magic number 65536?

That's enough complaints for anybody.

Re:overflow?

[Wabbit+Wabbit]

I understood that reference.

65536

Maybe the complaint system only support 2^16 entries?

Re: 65536

[O('_')O_Bush]

Your analogy misses the critical difference... A bum selling Rolexes on the street isn't a threat to the name or reputation of Rolex. If a jeweller claiming to be a Rolex authorised dealer was selling fake Rolexes as real, you'd better believe Rolex would be pressing charges, suing the living piss out of the shop, and working their PR department to save face. The issue isn't scammers, the issue is scammers claiming to represent MS, thereby harming MS.

Re:65536

[jcwayne]

Maybe the complaint system only support 2^16 entries?

They must be tracking them in an old version of Excel.

Re: 65536

[datavirtue]

Ring, Ring
Grandma: "Hello"
Tech Support: "Hi there, I'm Barry and I'm calling from inside your Windows. I'm trapped in here and I need your password to get out."
Grandma: "OH MY!"
Tech Support: "I know, I know, it happens all the time."
Grandma: "Well let me give you my password...it's fluffy2014" ...

Keep them busy.

[dav3hatt0n]

If I have the time I like to keep these people on the phone. My record so far is an hour and fifty minutes. I have a honeypot system ready to go and it's fun and informative to see how they operate. Keeping them busy means they have less time to prey on somebody else less compueter savvy. I see it as a public service.

Re:Keep them busy.

[JRV31]

I kept one on the line for about 45 minutes before I told him I was running Linux and that I knew of this scam. He got mad and said Linux is a scam and then he threatened to disconnect my internet. I told him to go right ahead and hung up.

Re:Keep them busy.

[fhage]

I've also done that. However, after I laughed at one of the operators (thick indian accent) I get a call back from someone with a Boston accent.

"You need to send me $10,000 if you want your life back."

Me: What? "If you ever want to see your stuff again, you'll have to pay me $10,000."

Me: Really? Why not $15k? My stuff is worth more than that. [hangup]

These calls can get pretty spooky. There's obviously an American presence which deal with the victims once the trap has sprung. Reverse number lookup on a land line gives them your home address. I don't recommend taunting criminals.

I now just say "I know about the scam. You should find a better job." I used to get 3-4 a month. I now get them only a few times a year.

Re:Keep them busy.

[i.r.id10t]

Dunno, but I managed to keep one on the line for almost an hour before I had to go get my kid from a football game. I even gave clues that I wasn't on windows - he wanted me to start task manager, I brought up top and read him the output. When I got to the Zombie Processes part, I freaked out.

Finally had to go, so I confessed that I had been screwing with him, and felt it was my duty to keep him on the phone as long as possible to keep him from harming someone clueless. He called me a "miserable son of a bitch" and slammed the phone down.

Wish I had some way of recording stuff like this...

Re:Keep them busy.

[bzipitidoo]

LOL, that's great. Classic "pot calling the kettle black".

I've had many calls from those miserable sons of bitches. The first thing they say is "This is Windows Technical Support. Your computer has a virus." They persist even if I tell them I am running Linux. I've tried telling them to prove it by telling me what my IP address is, and they ignore that too and plow on with their script. When I ask them for their name and phone number so I can call them back is when they usually hang up on me.

What I find strangest is that, given how relatively expensive it is to run a boiler room, it is somehow still profitable to try ths. Adding computers to zombie networks just doesn't seem worth that much trouble, isn't valuable enough to warrant trying to do it on an individual basis over the phone. So, they must be after something more lucrative, like information for commmitting credit card fraud and identity theft.

Re: Keep them busy.

[the_bard17]

This guy is an inspiration when dealing with the scammers:

Best Prank Call Ever by Tom Mabe: http://youtu.be/rBfsdkGeMc8

Re:Keep them busy.

[gstoddart]

He called me a "miserable son of a bitch" and slammed the phone down.

It never ceases to amaze me how someone who is actively scamming you, and knows they're actively scamming you, somehow expects to be treated with respect.

I'm sorry, but do you think you deserve to be treated as anything but a lying sack of shit?

It isn't possible to run this scam without knowing you're scamming. So if you don't get a good response, you shouldn't be surprised at all.

Don't care if it's the only job you can find. You know you're ripping people off, so you deserve all the shit and abuse you get.

Re:Keep them busy.

[dwywit]

My list so far:

1. "Your computer has been sending us error messages". "Which computer? I have several". "All of them" "The same message?" "Yes, sir". "That's impossible, they don't all use the same operating system, so which one?" "All of them, sir" and so ad nauseam.

2. "Can you turn on your computer, sir". "I can't". "Why is that, sir". "I have a broken leg and I am in bed and can't reach my computer" You could hear the script pages flipping while they searched for a response.

3. "Windows button? Oh, I use linux" "You are lying" He was shouting by this stage, and eventually called me a fucking son of a bitch.

4. "You're lying to me. What would your mother think of you lying to people? She would be ashamed of you" That one brought a few seconds of silence, then "Shit" and she hung up.

I really love fucking with these low-lifes. The only challenge is thinking up new ways to play.

Once a week forever

[JimSadler]

Those fools call me at least once a week. I have asked to be removed from their call list many times and it does no good at all. And I tell them that I would never have a Windows machine in my home and even that does nothing to stop them. The one answer to all of this is to require all solicitation calls to use a specific prefix both on PCs and on phone lines. That way any sales call in itself would be a felony if that special prefix is not displayed clearly.

Re:Once a week forever

[stoploss]

That way any sales call in itself would be a felony if that special prefix is not displayed clearly.

Hey! We could stop crime by passing a law to make it illegal! That would definitely keep those criminals from calling.

Bonus points for going directly to making this a felony. I'm bothered by the stench of my neighbors' preparing fish head stew. Can that be a felony, too? What about if they paint their front door red? I hate that.

Rather than pointlessly inflating the number of felonies in this country, I suggest that you instead obtain a Google Voice number and start giving that out instead of your real number. With GV, you can mark callers as spammers and they will get a "number disconnected" tone if they call back. You can also block people so they go straight to voicemail while others ring through.

Re:Once a week forever

[Livius]

Smart scammers (but not these ones) would stop, as they are only wasting their own time calling someone they already know will not fall for their pitch.

Although that seems obvious, quite a lot of legitimate businesses, charities, politicians, etc., have quite a bit of trouble understanding it.

I have a fun time with these calls

[jkastner]

I've gotten a half dozen calls and they were all great. Approaches I have taken include 1) Getting panicky because I can't find the Start button. "Did the virus make it go away?" Then asking if having a Mac was the reason I can't find it. 2) Asking if the virus was the reason I had so many pictures of naked men doing disgusting things to other naked men 3) Asking the female scammer if she was married. "Would you like to marry me?" she asked. "I dunno, we should get to know each other. What's your email address?" She gave me something that seemed sort of reasonable but it didn't actually work. What a surprise 4) Not being able to find the right key because I kept mixing up left from right, and top from bottom. 5) Asking "Are you proud of your job? Is this really the best job you could get? We know you are scamming people. Would your mother be proud of you?" I can't wait for the next call.

Re:I have a fun time with these calls

[lrichardson]

Used #5 myself - another 'The New Age' fan.

My wife has used the "But, we don't have any computers in the house. Phones? Yes, we've got one of those, with the dial that spins around."

I've also used the "There's a pop-up window. It says "Navigation to this site has been blocked. This site contains malicious software. What does that mean?"

my father-in-law handles these calls

[turkeydance]

he has mild Alzheimer's, but enjoys talking on the phone with anyone. he knows nothing about computers.

No, They Haven't Called Me

[Greyfox]

I run a call blocker on my android phone that only allows people in my contacts list through. Keeps the riffraff out -- an endless swarm of poor quality technical recruiters, phone soliciters, scammers and Comcast salespeople. Best $3 I ever spent.

Re:No, They Haven't Called Me

[Charliemopps]

Until a local hospital calls you to let you know your kids got a broken leg...

Re:No, They Haven't Called Me

[Ol+Olsoc]

Until a local hospital calls you to let you know your kids got a broken leg...

I've seen people drive themselves to distraction with your logic. They start sweating when their phone gets to one bar, and refuse to go anywhere with no cell service. Or drive through long highway tunnels. And yet....... somehow we've been able to survive all this time without everyone having instant access to us.

Talk about your first world problems.

Re:No, They Haven't Called Me

The hospital will leave a &^*(^&$ message. A scammer/telemarketer/politician ... will not. I don't answer any calls not on my phone list. If it is not important enough to leave a message, It is not important enough for me to answer. My cell phone is for my convenience, not yours. Thank you.

Re:No, They Haven't Called Me

[Calydor]

So they can leave a voice mail along the lines of, "This is NAME at HOSPITAL, please call us at your earliest convenience as we have someone here who has listed you as a point of contact."

Then when you get out of that long highway tunnel and can pull over you can check your voice mail and go to the hospital.

You don't NEED to be instantly accessible, there is nothing wrong with being QUICKLY accessible.

Re:No, They Haven't Called Me

[Ol+Olsoc]

Taking that logic to the extreme we survived without electricity too.

Not my point. trying to take my point to the extreme would be saying someone panics if they can't see a functional electrical outlet.

I mean seriously, I've had more than one occasion where a person has become very antsy because we were in an area with no cell coverage while traveling. "What if someone needs to get hold of me?"

Re: No, They Haven't Called Me

[Ol+Olsoc]

"Back in the day", if a loved one was in a life threatening accident, and the hospital only had your home phone number, and you were not home, guess what? You missed out on your one chance to say goodbye to that person. With the advent of cell phones, there is now a chance to get to the hospital in time.

Jesus man, I feel sorry for you. What if you are across the country? What if you are in a meeting where you are not allowed to take a phone? What if they die before you get there after being alerted by phone so you should stay with them at all times? You are the perfect example of the modern phone addict.

And I do not know anyone paranoid enough to restrict their travel by how many bars of signal strength they have.

In my job, I would often spend time out of cell phone range, either on ships, or in meetings where I could not take a phone.

Would you do this job? what if a family member was in the hospital dying while you were on the ship? What if you are in a place where it would take over a day to get home?

And yes, I do know people who are so addicted to their phones, with so many "What if" scenarios that they are completely urbanized, tied to their phone, and get scared if they see one bar or less on their phone. Very sad situation.

Re:No, They Haven't Called Me

[Ol+Olsoc]

We've also seen a sharp decrease in infantile mortality rates, disease spread, disease mortality, and much more besides in the past few decades. So aside from your fairly obvious strawman (not wanting to drive through long tunnels, really?),

Yes, really. A passenger in a car I was driving pulled out his phone going through the Squirrel Hill tunnel near Pittsburgh and was nervous about it for the short time we were in the tunnel. Another got very nervous while driving through Northern PA, and actually wanted me to pull over so he could hop outside the car to check to see if he could get a signal that way. Another stood on the roof of his car trying to get s sign. Just in case.

You'll be glad the person who sees you get into a car crash has a cellphone on them.

Especially when they were texting and the cause of the accident

Which is also part of my smartphones as an addiction jeremiad. Do you deny that it is a dangerous thing to text and drive? Anyone who TWD's puts their life and others at real risk every time they are doing it. But they think it is okay, and important, otherwise they wouldn't do it. Deny that is an addiction - it is electronic meth.

Re:No, They Haven't Called Me

[Charliemopps]

Until a local hospital calls you to let you know your kids got a broken leg...

I've seen people drive themselves to distraction with your logic. They start sweating when their phone gets to one bar, and refuse to go anywhere with no cell service. Or drive through long highway tunnels. And yet....... somehow we've been able to survive all this time without everyone having instant access to us.

Talk about your first world problems.

First world problems? If you've never been to the 3rd world, you're not allowed to use that line. It just makes you sound like an idiot.

I've been to the 3rd world, specifically Africa. Everyone has cellphones. EVERYONE.
People that don't have homes, cars, a bed... have a cellphone.
Why? So they can keep in contact with their family, in case of emergency. Most people have 2 phones, or at least 2 sim cards so they can be on 2 networks at once, just so they don't miss a call.

You find booths like this on every street corner:
http://en.wikipedia.org/wiki/M...

I had better cell coverage there than I do in the states.

My best was 45 minutes

[Registered+Coward+v2]

before I got bored. He, and his "supervisor of tech support" was already spitting mad so when I thanked him for playing the fool and provide me with some laughs it pushed him over the edge. My shtick is to pretend to be an elderly man, who off course has trouble hearing so they have to s p e l l r e a l s l o w l y and i still mess it up, have them explain the internet (isn't it that cable thingy that I plug in the wall? You want me to disconnect it?) all while obviously being vey very worried about them virus things. I've seen them talk about it on TV. Is it like Ebola? I don't want to get that.Of course none of his instructions worked because I don't use Windows.

The trick is to appear complaint while being confused and incompetent. The couple of times he doubted my old age gimmick I thanked him and joked the ladies tell me that as well.

Re:My best was 45 minutes

[CanHasDIY]

Next time they call I plan on acting amazed that my new computer can tell it's infected even before I inbox it. I then intend to see if I can get them to walk me (an idiot, of course) through putting it together so I can let them "help" fix it.

Here's hoping it kills an hour or more of their time :)

25-30 computers

[SledgeHammerSeb]

I usually say I have 25-30 computers, and ask them to tell me which one has the problem. Reasoning that they called me and must be able to know which unit it is. They will either be confused and pass me to the "next support level" or say it doesn't matter which unit I log in to. At that point I insist they tell me which unit it is. By this time they usually use some foul language and/or simply hang up. Mission accomplished.

Re:25-30 computers

[arth1]

They tried to get around that one by saying that the computer was the one on 192.168.0.something.
Which presumably fools a lot of people, because so many home NAT devices are set to use that IP range on the LAN side, and that they got the first three numbers right might just convince the less savvy.

One even asked me for my IP address so he could check it out better. Sure - it is fda7:60a9:2fd3:3::57 - hope that helps!

These days, I tell them to e-mail you the contact information and you'll get back to them. If they're insistent, I insist on them sending a W-9 too, as I cannot do business with them without it.

A more important issue...

[XB-70]

Where is the class action lawsuit against Microsoft for the man-decades of hours lost due to BSOD and other, major issues with the O/S that have cost billions of dollars in lost productivity and data?

If automakers built cars that crashed as often as all the versions of Windows, the earth's population would be about 1,000 people today.

Re:A more important issue...

[melstav]

Clearly, you never read the EULA, or even the Warranty statement.

Microsoft only promises that it will work as intended for the first 90 days after it's installed. After 90 days, if Microsoft decides to tell you to piss off, you're SOL, because the software is presented to you AS-IS.

During the warranty period, if you have a problem, Microsoft will, AT THEIR SOLE DISCRETION, either refund the money you paid for the software (if you actually paid anything for it. If it came preinstalled on your computer, you paid nothing for the software - the computer maker did. You have to talk to them) or they can choose to fix the problem.

If you're outside of the warranty period and you don't have an active support contract, Microsoft doesn't have to care about your problems at all.

Ref:

1. Win 8
2. Win 7 home premium
3. Win XP

Re:A more important issue...

[techno-vampire]

Nice piece of FUD there. I've been running Linux exclusively for almost a decade now. I've changed video cards, hard drives NICs and mobos, without any trouble. Most of the time, you make the swap, boot and It Just Works. Once in a while, you have to boot into a CLI to get a new video driver, but that's about it. Maybe you should actually learn something about Linux before you come back and slam it again.

Ouch

[wonkey_monkey]

the next one caught on my quickly

That must've stung.

Sporting

[CanHasDIY]

Is it me, or has wasting the time of these asshole scammers become a rather popular sport among IT folks?

I personally jacked one around for about 30 minutes. The best part was at the end, when I told him my hobby was murdering cows for no good reason. Dude got PISSED.

I got a call

[Enry]

All the trademarks. Middle of the day, thick Indian accent, said he was from Microsoft support, said there was a problem.

He really was. He was calling me about a ticket I had opened with Azure support. Go figure.

OT: Jehovah's witnesses once hung up on me

[SpaghettiPattern]

I pride myself with the fact that once Jehovah's witnesses called me and they themselves decided to hang up on me. I don't recall what I said exactly but I listened attentively, I actively engaged in a discussion, I never raised my voice and I always remained courteous. Now I realize I must be a absolute and genuine bastard. No matter how hard I try, my bastardness seems to ooze out out of every hole and pore of my body. Damn, my goal in life of becoming lovable remains far away on the horizon of my journey.

Re:OT: Jehovah's witnesses once hung up on me

[NormalVisual]

A friend and I had some fun at the Jehovah's Witnesses' expense about 30 years ago. I was over at his place, and there was a knock at the door. He peeked outside and said "Dude, it's the Jehovah's Witnesses, come here!" He threw his arm around me and answered the door in a very lispy voice, and they were mostly speechless. He then looked at me and said, "Well hun, I don't guess they have anything to say, so let's go back to bed!" and shut the door on them. He never got another knock again.

Re:Dilbert's Scott Adams: Hard to Distinguish MS/S

[Charliemopps]

Boring Little Story About My Windows

Right... and that's why you always pirate windows.

It's sad that the pirated version of an OS is better than the legit version, but with windows it's a fact.

I got a death threat

[Eponymous+Coward]

The person who called me didn't get far because I told him right away that I know it's a scam.

Then he threatened to kill me and my family. That was a little unsettling.

From 800-642-7676

Scammer: We have detected a denial of service attack launched from your IP address. You need to follow our instructions right now or all of your billing information will be all over the web.

Me: How did you find all of this out?

Scammer: The Microsoft security server flagged your computer as launching a DOS attack on the Whitehouse web site and then began sending out your credit card information to a torrent. There is no doubt that your identity is being hacked. Check your bank account to see if there are any transactions not authorized by you.

Me: So you work for Microsoft?

Scammer: Yes. This is Microsoft support. That's how we know that your computer has been compromised.
Me: You are not. You are a f*n scammer! I don't even have a windows computer on my network.

Scammer: Well, it is your IP address that is originating the DOS attack. What operating system do you run?

Me: Fedora 20 Heisenbug development release.

Scammer: That may be why. There is a vulnerability in the latest development release of Fedora that would allow attackers to do exactly what your computer is doing now. Your identity is being broadcast all over the Internet as we speak. Can you halt your computer?

Me: Let me take a look at the network traffic first.

Scammer: ...

Me: Wireshark shows no incoming or outgoing traffic that is out of the ordinary.

Scammer: That's what I am trying to tell you. The vulnerability sends the packets using the raw network interface so you will not see the packets in any traffic captures.

Me: Wait one second! I know the network stack in Fedora backwards and forwards. Traffic is captured from the Ethernet interface just before it is shipped out over the wire.

Scammer: The exploit actually replaces the Ethernet driver. What you are seeing is what the hacker wants you to see and no more. If you aren't going to shut down your computer, I will! Give me the root password!

Me: lol

Good luck trying to get resolution.

[Chas]

Most of these are little sweatshop ops out of India, China and Eastern Europe.

Microsoft can scream at the FTC all damn day. These guys, if caught, just uproot, disappear, and come back under another business name, registering new phone numbers, etc.

Bullshit

[wampus]

This place reads like a combination of Penthouse Letters, Soldier of Fortune, and Byte magazine.

Call redirect

I used to get these calls. They kept calling from the same number, so I set up a redirect on my VOIP system that routed their calls to the FBI office in my state capitol. My logs showed they chatted for just over thee minutes!

Some answers to the know-it-all comments:

[CFD339]

MS didn't sue earlier because it's really hard to find a legal entity to sue. When you get one of these calls, the thing calling you is not directly attached to a land line. It's a software pbx system that may be running on a compromised machine in some part of the world. The call only gets connected to the person you talk to after you connect and the system determines you may be a real person willing to talk to someone. The calls get routed through compromised voip service providers, compromised pbx systems, or termination lines leased with false id and credit cards. By the time the provider knows what's happening, tens of thousands of calls have been made and the front end system just moves to another provider. As to "opting out" -- only legitimate telemarketing organizations bother with do not call lists. These asshats just random dial. It's cheaper.

To figure out who to sue, you have to participate in the scam long enough to have an actual transaction processed and then follow the money -- but that's not so simple now. Most of these particular kinds of scams don't accept payment at the telecenter you're talking to. They just install the ransomware on the pc. Then once you're already compromised you have to pay someone else -- through a web site, a wire payment, or some other mechanism that's much easier to hide than just a credit card transaction.

My Records

[JohnPerkins]

...so far is 3 hrs 49 min.

Re:My Records

[ihtoit]

4 days 15 hours.

I took a call on my landline, it was a blatant Windows scam, so I put him on hold. Went off on a road trip (Brighton or it might have been Cardiff), came back and saw I'd left the phone off the hook and the hold light was STILL blinking. Same operator was on the line!

Turned out, he and one of his colleagues had taken shifts waiting for me to come back since I'd taken the trouble to put them on hold, at which point I came clean and told them I was running NetBSD.

Re:Why not blame the phone company?

[Technician]

You are subscribing, thus get a bill. They do not subscribe to your carrier. They call in from a peer, often VOIP such as Magic Jack with invalid location data.

VOIP service other than consumer packaged plans permit users to set their own CID info. For example, I can enter my 800 number for call backs.

Commercial lines are different from home lines where the in and out line is one and the same.

I have a DID Direct Inward Dial number. It can't call out.

I also have several trunk lines. They can call out, but can't take a call in as they have no number. On those lines, I can place my own CID info per call, or by extension as needed or for abuse.

Ever dial 9 to get an outside line? Several hundred phones may be using 3 or 4 outgoing trunk lines. CID can be set for the hotel 800 number or each extension can provide their own CID so return calls go to your shop 800 number or cell phone.

This feature makes fake CID child's play.

Goatse

[Holistic+Missile]

I'm exhuming a Slashdot meme from long ago, but if you have a spare VM, fire it up and string them along to the Team Viewer/WebEx part of the call, and give 'em a full screen goatse! ;-)

For those who are fairly new around here, it was an old meme - a picture of ... well, never mind. You don't want to know. I'll just say you cant unsee it.