[Tfug] A Strange Phone Call

Adrian choprboy at dakotacom.net
Tue Jul 3 22:56:05 MST 2012

On Tuesday 03 July 2012 18:29, John Gruenenfelder wrote:
> Hello again,
> I'd like to share a very strange computer scam phone call I just
> received today...
> At about 4 PM I received a call on the house's land line and the
> caller ID said unknown caller and the number was all zeros.  The
> caller had a very heavy Indian accent and I could tell that it was a
> scam in under 30 seconds.  
> The caller, as best I could make out, was calling because my Windows
> computer had sent them information indicating that there were errors
> and/or malicious programs running.  He wanted to walk through some
> steps with me to verify the problem.
> Has anybody else ever received such a phone call out of the blue?

This is a very common scam call that has been going on for the last few years. 
Normally, the scammer will claim to either be Microsoft or a contractor 
working for Microsoft. These seem to often be routed thru open SIP proxies, 
so the call is fraudulent to begin with.

As you experienced, they call asking you to look at the error log, which will 
of course contain errors, then express shock that your machine is so 
badly "infected". Occasionally they will direct you to a malware site, but 
far more often they will direct you to a legitimate remote management site 
(LogMeIn, etc.). Once you allow them to connect thru that site, the scammer 
has control of your desktop and will open up regedit on your machine and 
begin doing "clean up" work as they talk you thru what they are supposedly 
doing. This "clean up" namely involves killing all services and disabling the 
startup routines.

At this point, the scammer will proclaim that your machine is horribly 
infected and you must pay them to restore it to an operating manner, as 
evidenced by your computer no longer booting successfully. At this point, it 
is a basic extortion racket.


More information about the tfug mailing list