Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Just How Stupid Do They Think We are? (Microsoft support scam)

microsoft support scam event viewer scam

This topic has been archived. This means that you cannot reply to this topic.
18 replies to this topic

#1 0xFACEB004

0xFACEB004

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 625 posts

Posted 23 November 2013 - 04:47 PM

Earlier today my mom got a call from a call from a company claiming to be from "Microsoft Technical Support" claiming that her computer has a virus and that it was sending information to their server, reporting the malicious activity. She told them that I was the computer expert in the family and that they should call back and speak with me. Well, even though I didn't think they would, they did indeed call back.

 

Upon answering, I explained that I was quite tech savvy -- a comp sci major who works with Microsoft products in school and well aware that Microsoft does NOT have a support center that randomly cold calls people regarding their products; and one who also has a paranoid firewall policy, of which I check the connection logs quite often for suspicious activity. But this was not enough to dissuade my would be hero from Microsoft Tech Support to stop right there and move on to another target. No, he continued on -- apparently confident in his abilities scam me, even though I explained to him that I have somewhat of an understanding of how malicious software, and Microsoft error reporting, works.

 

 

So I decided to play along for a bit, to see just how stupid he thought I was.

 

This "technician" proceeded to explain to me that he could prove that my system was infected and indeed sending information to his company's "global" server, even though my firewall logs do not show any activity to their IP. And after my first question -- "How exactly does Microsoft know about my errors when my home network is Linux based (I lied just to hear his response), and how did Microsoft get this phone number from the error report?" -- he proceeded to explain to me how the internet works; that, "every time you connect to the internet to go on Yahoo, Google, your browsing or email[...]," connects to their global server and reports malicious activities, and that activity, "is caused by viruses and malwares that causes these errors, and makes the system go really slowly and shut down, and that is why it is reporting to the server." Got it.

 

He proceeded to show me the proof of all of this, and especially show me that this was not a scam (because being an empirical person, he knew I needed proof that this was not a scam -- which, by the way, I had already told him I knew all about this type of scam).

 

And his proof?

 

He passed me to another person.

 

This new person claimed to be the floor supervisor, who came on the line to once again iterate that they are Microsoft's Technical Support company, and the error reports to the global server, and then (here it comes!) that they are not a scam... etc., etc., etc...

 

So I guessed that proved it.

 

 

Now on the proof on my system:

 

The "tech" had me go through a long and laborious process of getting to the event viewer, explaining to me where the "C", "T", "R", "L", key was...then helped me find the key next to that key with the "flag" on it (the windows key), and then the "R" key (really...he explained where "R" key was located).

 

Basically, they take you to the event viewer and claim that the errors and warnings shown are the information that is being sent to their server, and that this is the proof that the system has been compromised. I explained to him that most of the errors and warnings listed were from software that I had personally written, and even more from my hacks (forced exceptions, etc.), and asked what their system said about those messages. Of course he had no answer, but immediately wanted remote access to my system to "remove the viruses and malwares that are causing the errors..." -- GTFO! :o

 

At that point I explained that he was insulting my intelligence, and I offered to connect remotely, but only if I could connect directly to their server to see the logs for myself...and explained that I would require permission and the version number of IIS they were using since they were a Microsoft company -- to test for exploit vulnerabilities; and that I needed his permission to help fix their servers, and it would not be a scam...

 

And after a few moments of me laughing at him, he hung up.

 

I guess this is becoming more common, and many non-technical people are falling for this scam. I found a few vids of people who recorded their conversations with these scammers on Youtube, some were quite funny.

 

 

Has anyone else experienced these calls?

 

 


                                                                                                                                                                            FACEB00K Likes this.


#2 0xFACEB004

0xFACEB004

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 625 posts

Posted 23 November 2013 - 05:59 PM

My favorite: they tried to scam Jerome Segura, Senior Security Researcher at Malwarebytes, and then tried to trash his system. Here's his blog and video of the experience: http://blog.malwareb...d-and-trash-pc/


                                                                                                                                                                            FACEB00K Likes this.


#3 PBJ

PBJ

    CC Addict

  • Advanced Member
  • PipPipPipPipPip
  • 176 posts

Posted 23 November 2013 - 07:39 PM

@OP

I have experienced this call myself and find it quite amusing. I especially like when I said that I strictly run Linux, unless it is my net-book (which is rarely connected to the internet, its just for notes), and the 'tech' on the other end just goes on mumbling about something. I once again tell the 'tech' that I use no Microsoft products, I run elinks for a browser, not Internet Explorer but the 'tech' will just not give up. After about 10 minutes of this 'help' I went a head to enlighten him that I am well aware of social engineering, as a result of my teenage years being marked by shenanigans in the cyber world. After the 'tech' resumes to try and hack a former hacker (me), I resume to call the 'tech' a moron and hang up. As a result of my frustration, I actually made it so any out of country calls to my landline now forward to the FBI headquarters in D.C, I find this quite amusing.



#4 PuddingEatsPanda

PuddingEatsPanda

    CC Resident

  • Advanced Member
  • PipPipPipPip
  • 57 posts

Posted 23 November 2013 - 11:32 PM

My favorite: they tried to scam Jerome Segura, Senior Security Researcher at Malwarebytes, and then tried to trash his system. Here's his blog and video of the experience: http://blog.malwareb...d-and-trash-pc/

LOL watched that before too! Sadly others fall for it. Good thing our house PC runs Linux so no one here would fall for it. XD


Want to learn MOAR


#5 0xFACEB004

0xFACEB004

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 625 posts

Posted 23 November 2013 - 11:54 PM

LOL watched that before too! Sadly others fall for it. Good thing our house PC runs Linux so no one here would fall for it. XD

 

The funniest videos are when they contact people who are using Macs and then get angry...because everyone knows that Microsoft Tech Support takes care of all systems...even Linux :D


                                                                                                                                                                            FACEB00K Likes this.


#6 0xDEADBEEF

0xDEADBEEF

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 790 posts

Posted 24 November 2013 - 02:17 AM

yeah had these calls; quite persistently as well, so we block them now. 


Creating SEGFAULTs since 1995.


#7 PuddingEatsPanda

PuddingEatsPanda

    CC Resident

  • Advanced Member
  • PipPipPipPip
  • 57 posts

Posted 24 November 2013 - 03:30 AM

The funniest videos are when they contact people who are using Macs and then get angry...because everyone knows that Microsoft Tech Support takes care of all systems...even Linux :D

I think those Mac users will be really irritated because they do not like it when anybody calls their Mac a PC or compare it to any PC running in windows  :o


Want to learn MOAR


#8 BlackRabbit

BlackRabbit

    CodeCall Legend

  • Expert Member
  • PipPipPipPipPipPipPipPip
  • 3871 posts

Posted 24 November 2013 - 04:36 AM

We all know, for marketing people (and particularly scamers) human stupidity is an infinite resource.

I would have reported them to microsoft if I were you, or in fact, call myself saying I am a Microsoft's lawyer :P



#9 0xFACEB004

0xFACEB004

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 625 posts

Posted 24 November 2013 - 12:28 PM

We all know, for marketing people (and particularly scamers) human stupidity is an infinite resource.

I would have reported them to microsoft if I were you, or in fact, call myself saying I am a Microsoft's lawyer :P

 

I completely agree with you! Marketing (and especially scamming) definitely rely on peoples ignorance to be effective.

 

And I checked the MS website right after the call, and this is what I found:

 

 

Common scams that use the Microsoft name
  • Someone from "Microsoft Tech Support" calls to fix your computer

 

and,

 

 

Avoid these dangerous hoaxes

We do not send unsolicited email messages or make unsolicited phone calls to request personal or financial information or fix your computer.

If you receive an unsolicited email message or phone call that purports to be from Microsoft and requests that you send personal information or click links, delete the message or hang up the phone.

Microsoft does not make unsolicited phone calls to help you fix your computer

In this scam cybercriminals call you and claim to be from Microsoft Tech Support. They offer to help solve your computer problems. Once the crooks have gained your trust, they attempt to steal from you and damage your computer with malicious software including viruses and spyware.

 

Although law enforcement can trace phone numbers, perpetrators often use pay phones, disposable cellular phones, or stolen cellular phone numbers. It's better to avoid being conned rather than try to repair the damage afterwards.

 

Treat all unsolicited phone calls with skepticism. Do not provide any personal information.

 

If you receive an unsolicited call from someone claiming to be from Microsoft Tech Support, hang up. We do not make these kinds of calls.

 

So Microsoft definitely knows about it already...but apparently is doing nothing more than this. Would be fun to scam the scammers though!


                                                                                                                                                                            FACEB00K Likes this.


#10 Sundance

Sundance

    CC Devotee

  • Validating
  • PipPipPipPipPipPip
  • 572 posts

Posted 24 November 2013 - 12:44 PM

So Microsoft definitely knows about it already...but apparently is doing nothing more than this. Would be fun to scam the scammers though!

 

What more can they do? They can't track people down from a phone call (yes I know MS owns Skype however they cannot audit every call) and they would need access to phone logs from a phone provider to find the relative information.


Please read the

FaQ & Guidelines


#11 0xFACEB004

0xFACEB004

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 625 posts

Posted 24 November 2013 - 01:44 PM

What more can they do? They can't track people down from a phone call (yes I know MS owns Skype however they cannot audit every call) and they would need access to phone logs from a phone provider to find the relative information.

 

Actually MS themselves would not be performing the actions that could be taken. But, through legal methods and pressure brought to bear on governmental bodies that can get access to such information (both domestic and international; and to which MS contributes a lot of money to have influence with) -- they could do more to protect their customers (and probably would do more if they thought there was a financial benefit to them).

 

Further than this, MS could do a bit more in informing their "average" customers of such scams beyond posting on their own website. It's amazing to me that when they are releasing a new operating system, everyone on the planet knows about it through their marketing efforts...so why do you think there is not a bit more effort to inform and protect their customers after the sale?


                                                                                                                                                                            FACEB00K Likes this.


#12 Sundance

Sundance

    CC Devotee

  • Validating
  • PipPipPipPipPipPip
  • 572 posts

Posted 24 November 2013 - 01:56 PM

so why do you think there is not a bit more effort to inform and protect their customers after the sale?

 

Because they have your money by that point thus they 'do not' morally have to protect you from others, it's like if I were to buy a car from Audi, they would not call me ten days later to tell me to watch out for car thieves.

 

Not to mention it's bad marketing to say "Oh by the way, the product you're buying, you may become a target for scam artists by using it!"


Please read the

FaQ & Guidelines





Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download