Friday, July 13. 2012Microsoft opens office in PoyaisA few months ago, I woke up after a long sleep-in to find A looking a bit confused. She had just received a phone call from “Microsoft” who had detected a problem with our router. At least, it was a problem on our router, or perhaps a problem from our router. Either way, apparently there was some malicious problem with the computer here — which one, they did not say — and they were apparently calling to resolve the issue; in English, no less! I shrugged it off as complete and utter bollocks, and life went on. After speaking with my father in Australia today, it turns out he's received a few of these calls too. For him, it was “Microsoft” on Castlereagh Street in Sydney, although with a terrible phone line and some almost incomprehensible Asian accent it could have been anywhere. The similarity between the two incidents seemed too much of a coincidence — it seems like our friends from the Republic of Poyais have returned. In actual fact, they've been doing this for quite a while now. After doing a bit of digging around on some forums, it seems that this scam has been operating for the last few years on a global scale. There are a few ways of identifying this scam, beyond the most obvious point that the real Microsoft would never cold-call you regarding a problem on your machine. Unfortunately, these scams also operate with fake technical support websites, offering you to call them on one of several phone numbers around the world. During the first call my Dad received, he told them that the only problem he was actually having was with them and promptly hung up; but the second time they called he tried to lead them on to find out some more information about the scam. They explained that normal anti-virus software wouldn't work with this particular type of very dirty malicious software, and it's a very isolated case, but they promptly hung-up on my Dad once he asked them how they knew this was a problem. Like all good scams, there's a bit of setup involved to gain your confidence. The bait is to get you talking about a problem that has been detected that cannot be resolved with anti-virus software. The problem is rare, highly sophisticated, and difficult to repair, and impossible for you to detect yourself, but they're aware of it. This even apparently includes problems with your router, which has absolutely nothing to do with Microsoft. Early indications that something might be up might be that your computer is running a bit slower lately, or you might get something popping up when you turn on your computer, regardless of what it is. If you're still listening at this point, they would then ask you to turn on your computer and press Windows-R and type in This is the hook: They rely on the fact that Windows often generates erroneous log messages, such as when an application crashes, which is unfortunately inevitable at one point during the lifespan of a home computer. After asking you to scroll through some messages, they will ask if you see any “red-cross errors” or “yellow triangle warnings” which they will explain is evidence of this particular type of malicious software that has found its way to your computer. From this point on, if you agree you want to resolve the problem, you will be transferred to a “technician” or “supervisor”. I believe this could be because the majority of the first-line team are mostly unaware of the reality of what's going on, beyond the fact that this earns them a minimum wage salary. None of the advice they will give you is legitimate. Treat this the same as if someone you don't know comes knocking on your door and saying they're from whatever company made your car, and they've detected a serious problem with your car that needs to be repaired. If you're still on the call at this point, it seems things can go in a variety of directions from here. Generally, you'll be asked for a credit card number and some personal details to authorise the credit card transaction. You may be asked to purchase technical support, specialised cleaning software, or a replacement warranty because yours has expired, all of which are snake oil. You may also be asked to visit a website in order to let their technicians take control of your computer to repair the fault, and Ammyy is apparently commonly used by scammers (if you ask me they look pretty dodgy themselves). All calls appear to come from terrible quality phone lines, but by most accounts (including those from A and my Dad) you can hear people in the background reading the same script, like battery hens. Some recorded examples can be found on YouTube, such as from quidsup (good, but he lost it at the end), a sting via Computer Active, and a lame trolling attempt from zz3astro (don't bother watching the end). In these videos, you can see the same elements of the scam being recycled. Microsoft would only ever contact you if you had already contacted them, otherwise they may contact you for promotional reasons. If you had contacted their technical support, they will always contact you with a support case number on hand for reference purposes, and would know your name. If you're calling for technical support from a generalised service, find a local company in your area or the nearest city, and double check their contact details against something reputable as the yellow pages or by calling directory enquiries — you'll support local business and have recourse if they steal your money. Have you been called by one of these muppets or something similar? Share your story in the comments below! Trackbacks
Trackback specific URI for this entry
Comments
Display comments as
(Linear | Threaded)
No comments The author does not allow comments to this entry
|
Calendar
Creative Commons |