[AusNOG] Hoax calls ?

Tom Wright tom.c.wright at gmail.com
Sat Jul 16 21:45:36 EST 2011


Have seen exactly this, too.

They're aware they're dodgy, too, because they're quick to terminate the call once they know you're onto them.


-- Tom



On 16/07/2011, at 8:33 PM, David Walker <davidianwalker at gmail.com> wrote:

> Howdy.
> 
> On 16/07/2011, Keith Anderson <KeithA at apcs.com.au> wrote:
>> Hi All
>> 
>> My customers are getting calls from virtualitsupport
>> 
>> they seem to remotely connect to your PC so they can get all your personal
>> records.
>> 
>> The web site used was www.support.me / it just redirects.
>> 
>> The return phone number supplied is 08 72000407
>> 
>> Anybody know who they are ?
> 
> You don't get out much do you ...
> That's probably not true, you have a day gig right?
> My experience is that's when they call ... I've had three or four as
> of now and probably only one in the evening.
> 
> Still, this is not new ... and it's also very common.
> 
> Gummint:
> http://www.police.qld.gov.au/News+and+Alerts/Media+Releases/2009/04/New+scam+targets+computer+users.htm
> http://www.commerce.wa.gov.au/ConsumerProtection/scamnet/Scams/SupportonClick.com.html
> 
> Notice the dates ... 2009
> 
> Microsoft:
> http://www.microsoft.com/australia/presspass/post/Microsoft-issues-warning-on-phone-scam
> 
> Notice the date on that ... 2010
> 
> I had one of these calls a few weeks back and wondered ... when will
> MS get on the telly and make a statement.
> Coincidentally there's a story next day on A Current Affair with a MS
> spokesperson suggesting users hang up and so forth ...
> 
> I phoned Microsoft (Philippines) the other day and they have a
> synopsis of that warning during the on hold muzak.
> 
> Media:
> http://www.computerworld.com.au/article/314295/windows_event_viewer_phishing_scam_remains_active/
> http://www.smh.com.au/technology/technology-news/thousands-fleeced-in-microsoft-scam-but-police-powerless-to-act-20101209-18qgq.html
> http://aca.ninemsn.com.au/investigations/8250275/call-centre-scammers
> 
> Here's the usual script:
> 
> Hello, I'm ... deliberately muffled/indecipherable ... Microsoft ...
> ... we notice some problems with your machine that are from a virus ...
> ... or some other awkward phrasing ...
> 
> Open up the "Run..." dialog and type eventvwr ...
> ... which of course opens the logs replete with standard/common
> Windows warnings and errors.
> 
> See that, this is very dangerous ...
> Please do this to allow us to help you ...
> 
> What follows is predictably a remote session (everything goes) plus an
> offer to "fix" issues for some certain fee ... for good or bad, credit
> card details follow ...
> 
> http://nakedsecurity.sophos.com/2011/06/16/study-reveals-scale-of-fake-tech-support-call-scams/?amp&amp
> 
> I believe there's a thread or more at WP for this and many others
> scattered over the globe.
> They like to hang up on me ...
> ... there's usually palpable anger when they ask me "are you in front
> of your computer now ... which version of Windows ... sir" and I reply
> either with "please let me ask you, are you aware that there are other
> operating systems on the planet" or "how can you receive a bug report
> from one of my machines and not know which flavour of Windows it is".
> 
> I apparently got someone in training once - yes they are a real call
> centre with employees and training ... she put me on to her supervisor
> to whom I spoke for about 45 minutes ...
> Let's say the level of computing knowledge "on the floor" is next to zero.
> Reminded me very much of talking to Microsoft support ...
> ... they've hung up on me as well when I won't follow some lame script ...
> 
> So even though I'm fully aware what Event Viewer is and what it does
> and doesn't show and even though there's no way I'm going to type
> commands on my desktop peecee from a fake Microsoft over the phone
> unless I know exactly what they do .... the guys at Fake Microsoft are
> more than happy to type things on their workstations on my say so ...
> to illustrate a point on how to get messages to appear in the logs ...
> even when they say "they have never done that before" or seen that ...
> 
> So nothing new here.
> All basic stuff ... unfortunately like most things of this nature only
> combated by education ... which isn't happening soon ...
> 
> It'll be the same as phishing ...
> Joe Public willl be told ad nauseum to hang up ...
> The day Microsoft or their ISP does call they'll have no other skills
> up their sleeve ...
> 
> Best wishes.
> 
>> Keith Anderson
>> Managing Director | APCS / WIP
>> 89 Marcia Street, Coffs Harbour, NSW, 2441
>> T: 1300 3000 56 | F: 1300-765-427
>> E: keitha at apcs.com.au
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> Disclaimer: This email may be confidential and/or privileged. If you are not
>> the intended recipient of this email, you must not disclose or use the
>> information
>> 
>> contained in it. Please notify the sender and delete this document if you
>> have received it in error. We do not guarantee this email is error or virus
>> free. If this is a commercial electronic message under the Spam Act, you can
>> unsubscribe by return email to the sender with "unsubscribe" in the subject
>> line.
>> 
>> 
>> P Please consider the environment before printing this email
>> 
>> 
>> 
>> 
>> 
>> 
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog



More information about the AusNOG mailing list