

Anatomy of a virus call centre scam - aymeric
http://www.troyhunt.com/2011/10/anatomy-of-virus-call-centre-scam.html

======
nekojima
My mother, who is almost 70, received four of these calls last year. The first
time she initially panicked, but wrote down a lot of information, including a
callback number and they number they were calling from, during the thirty
minutes she kept them talking. She then called the local police and emailed
Microsoft with the information she had, and emailed all her friends to tell
them to be careful & what to watch for. Some of them had been contacted
already.

The next time, she kept them talking and was making intentional mistakes to
keep them on the line, while using her mobile to call the local police to see
if they could do something to trace the call.

The next two times she talked to them for a similar amount of time as well.
She must be watching too many police & spy shows. LOL

~~~
redthrowaway
Your mom sounds awesome. I don't think mine would fall for the scam, but she
wouldn't drag them along, either. She'd just very politely (we're Canadian,
after all) tell them she wasn't interested.

~~~
techdmn
I was driving along the left lane of the interstate one day, a hundred miles
north of Chicago, 20 mph over the limit, passing many cars. I noticed a car
behind me in the left lane, not terribly close, but who hadn't been there
before. I assumed he was catching me quick, and started looking for a gap in
the right lane. I checked my mirror again a second later, he hadn't gotten any
closer. I thought this odd, but continued in the left lane - the right lane
was packed, and he was still a solid ten or fifteen car lengths behind me.
After a minute of this I found a three car length gap in the right lane, and
pulled over anyway. He was past in a flash. Canadian plates. Not that he
didn't want to get around me, he was just too polite to tailgate. :)

------
Isofarro
I've received a couple of calls of the same kind at home, typically on
Saturday mornings. (I'm in the UK).

Though I was very surprised to get the same call over December in South Africa
at my parents house (I recognised the script). Thought it was unusual. But
seeing this one is a regular issue in Australia, I wonder how many other
countries these people are targetting.

How wide are they reaching?

I played along with the first one - despite not having a Windows machine, and
when they failed to figure out I had no Windows key on my current keyboard
(old style Thinkpads don't), I got put through to a different person who told
me I needed to see a doctor because I was blind, and then he hung up on me.

In later calls one of them was shocked I declined to follow their
instructions, claiming it was a free service check. Another one got very nasty
and abusive.

~~~
kokey
Thanks for mentioning that this is happening in South Africa, since I recently
got my mother a land line there. That said, her laptop is so bad and used for
so little that it would be funny to see them trying to do anything with it.

------
sumukh1
It's interesting to think that this attack vector is more effective against
people. They won't trust "sites" on the internet because they have been
conditioned not to but will gladly follow the instructions of a "expert" over
the phone. What could someone do to stop this type of behavior? Repeated
conditioning might take too long.

Aside: I love the ending near minute 25.

> ~I'm the senior most technician here.

> "Could you help me out? What does the Event Log do?"

> "Uh... Event Log .... click"

------
dazbradbury
I've never received one of these calls, but someone should set up a VM and let
them in. See what they do exactly, and then report it. If you could get enough
info on them, am sure the central office could be taken down very quickly, and
the owners arrested.

Just a thought anyway, exposing them is an excellent first step though, and am
sure keeping them on the line is slowing them down a little.

------
jrabone
Link in the article comments to
[http://nakedsecurity.sophos.com/2011/09/21/microsoft-
dumps-p...](http://nakedsecurity.sophos.com/2011/09/21/microsoft-dumps-
partner-telephone-support-scam/) is worth reading. Amazing that someone would
have the balls to try this, but I suppose there are no penalties for what
amounts to abuse of privileges. I know MS tightened up on some aspects of the
partner scheme (presumably to stop everyone and his dog using it as a way to
get free copies of Windows).

So, who owns Comantra? There needs to be an international register of people
unfit to own companies, or whose companies one shouldn't do business with. In
the UK, Companies House records the _really_ bad guys who've managed to get
struck off as directors, but this kind of scam needs to get you on a little
list too.

------
felipemnoa
What I find surprising is that people still answer unknown numbers. I know
plenty of people in their 70s that are pretty computer illiterate but are
still savvy enough to screen calls.

If it is not somebody you know then your first assumption should be that it is
just probably somebody trying to separate you from your money. Odds are that
you will be correct.

If it is important they will leave a message. If in the voicemail they claim
to be from your bank or some institution you have a relationship with then
look up their number on their website and call them.

~~~
swang
A lot of scams now have numbers that are spoofed. I get tons of calls from
weird numbers (weird as in I live in LA, don't know anyone in the Midwest and
it's a number with an Ohio area code) and whenever I listen to the voicemail
its always a robocaller (sometimes in Spanish too, which is odd).

------
JacobAldridge
I've received one of these as well (UK). They told me my ISP had reported my
computers was visiting sites with viruses, and got quite frustrated when I
asked them who my ISP was and on which device they were reported?

Then they hung up.

------
johnx123-up
I think it's an old scam [http://blog.reverseaustralia.com/indian-microsoft-
telemarket...](http://blog.reverseaustralia.com/indian-microsoft-
telemarketing-scam/105/)

------
arethuza
Are there anti-spam filters for landlines?

------
InclinedPlane
I'm sure if this guy stayed on the line long enough he would have overhead the
sounds of helicopters dropping police on these guys to take them into custody.

