
“I am calling you from Windows”: A tech support scammer  - chinmoy
http://arstechnica.com/tech-policy/2012/10/i-am-calling-you-from-windows-a-tech-support-scammer-dials-ars-technica/
======
bradleyland
Having done my time in the tech support trenches, I do one hell of an "end
user" impersonation. I held one of these guys on the line for 1 hour 20
minutes one evening, then told him my phone was dying and that I'd need to
call him back. I called back two days later and tied him up for another 20
minutes before he finally cracked and hung up on me.

Yes, it was a terrific waste of time, but boy did it feel good. I consider it
volunteering. All the time I spent on the phone with the scammer was time they
couldn't spend targeting vulnerable individuals.

~~~
dbecker
As much as I'd like to congratulate your volunteerism: you know that your time
is valuable and his employer is probably paying him $1/hr to call you?

~~~
pkulak
Only your work time is valuable. Fucking with scammers is liesure time. It's
like working in your garden.

------
akharris
Got the call from these guys a few weeks ago - actually about 20 calls. I
finally picked up and kept the guy on for about 10 minutes asking him
progressively dumber questions. Finally, I told him I was running OSX, which
led him to call his manager. The manager had a really hard time understanding
that I wasn't running Windows. It did not sit with his worldview at all.

~~~
jetti
This now makes me hope I get called. If so, I'm going to say that I'm from
Internet Explorer support and that THEY have viruses and they need to download
a program so I can remove the virus from their computer.

------
simonsarris
What is most bizarre to me is that someone could actually do this and do it
more than once.

Why wouldn't people feel bad about scamming someone like this? You have to
talk to someone, get them on your side, and then scam them?

I could maybe imagine myself in an alternate universe doing something like
this, perhaps enjoying a sort of "heist" feeling like when you're playing
poker and no one's aware that you're totally prepared to take the table. But
if I succeeded (at the scamming call) I'm sure I would feel devastated that I
just did that to someone.

Maybe I'm just supremely naive, but it seems hard for me to imagine anyone
I've ever met in my life scamming someone like this. It seems so completely
incredible that it could ever happen on such a large scale.

\--------------

Is there something in a culture (besides wealth discrepancy per se) that makes
this sort of thing more OK?

~~~
drumdance
Sociopaths don't care about other people. At all.

~~~
jetti
I wouldn't classify these kinds of people as sociopaths, just opportunists.

~~~
ChuckMcM
I would guess that the 'successful' ones have a higher percentage of
sociopaths in their group than the general population.

------
nicholassmith
If I get them I generally just put the phone down immediately, or I'll wind
them up asking stupid questions about their qualifications. However, my nana
has had a few recently who've been super aggressive about it, I told her not
to do anything they say and to call me if she's unsure, but apparently saying
'no' and putting the phone down gets you repeat calls if you sound like like a
good mark.

Edit: I'll point out, this happens in legitimate call centres as well. I
worked for a fairly well known a credit card company and left not long after I
heard a top seller say "Focus on old people, scare them enough and they'll
always buy".

------
jiggy2011
I've had these calls too, now and again but never had the patience to keep
them on the line.

So , they want to install some kind of remote admin software on your PC? I'm
going to assume it is something based on VNC or RDP.

In that case if you really wanted to troll them it might be fun to figure out
which protocol it was using and implement a custom server that you can run
when they call you.

Any fun ideas as to what that could do?

~~~
furyg3
It seems to me that the best idea would be for credit card companies to issue
"Fraud" cc numbers to certain groups of people.

Once a few these are processed, that merchant account can be shut down... it's
a fraud.

~~~
bradleyland
You needn't issue any special CC numbers. "Follow the money" is standard fraud
investigation practice, and a defrauded consumer's CC will do just fine.
Tracing the transactions back to the processor and merchant account is doable,
but it's often a temporary solution. How do you stop them from simply opening
another?

When someone establishes a merchant account, they often do so as a
corporation. Corporation blacklisted? Start another one. The requirements for
opening a merchant account are similar to a standard credit check. If you have
no credit history, your terms will be worse, and the bank will probably hold
funds for a longer period of time than if you had good credit, but ultimately,
that's just a cost of doing business. If there's inbound cash flow to be had,
the exercise of managing costs is standard business practice.

To stop them, you have to find the people behind the operation and put them in
jail. Given that they're not US-based, that takes time. Most foreign
governments have more pressing matters than taking down the scammer that is
stealing money from non-constituents.

~~~
dangrossman
That's what MATCH (Member Alert to Control High-Risk Merchants) and TMF
(Terminated Merchant File) are for.

When someone establishes a merchant account, they must provide the tax IDs
(SSNs) of the principals of the business, not just the business itself. If the
account is terminated for an egregious offense, like fraud, all those
principals get added to MATCH and TMF, which all acquiring banks have access
to when reviewing new applications.

In theory, it should be impossible to open multiple Visa/MasterCard merchant
accounts for fraudulent purposes without having a new human being signing up
each time, not just a new shell corporation.

~~~
bradleyland
It has been years since I worked in the industry, but once upon a time, I
worked for some online pharmacy guys. Yeah, I know. Yeah, I'm ashamed to admit
it, but I never spammed anyone, and we never did anything nefarious
(technologically speaking).

Anyway, things might have changed theses days, but the guy who ran that
business was always fighting to keep merchant accounts online. He kept the dev
team out of the business side, but I overheard plenty of conversations
involving fake identities and shell companies. I have little doubt that its
harder than it used to be, but still, it remains a "cost of doing business"
issue.

------
JimmaDaRustla
Had it happen to many people I know. They only were successful with one person
I know - they replaced her OEM Windows XP license with a pirated/fake
one...then stole the original perhaps? Can't imagine how useful an OEM XP
license to a Acer POS netbook would be valuable.

If you get one of these calls, just screw with them - pretend you are
following their instructions for as long as possible before saying "Ubuntu
doesn't have that."

~~~
Deestan
> pretend you are following their instructions for as long as possible

It's not just fun, it's a very responsible thing to do. Every minute they
spend with you is a minute they don't spend screwing over someone else.

But don't end with "Ubuntu doesn't have that" or "I only have a Mac, sorry" or
some other snarky comment. Just fake stupidity until they give up. They are
constantly tuning their scams based on successful and unsuccesful cons, and if
they realize you're screwing with them they'll just filter you out of that. Or
worse, they'll realize that "calling from the windows" tipped you off and
change it to "Microsoft Support Associate" or something.

If you instead come across as someone who _believes_ the "calling from
windows" bit, but for some reason aren't able to open the remote control
software ("i try to download it but the screen moves?" or "when i click RUN,
it says dotnet could not complete the operation?"), you will reinforce the
stupid parts of the scam, and _possibly_ have them waste time trying to
research the technical difficulty you "experienced".

~~~
jiggy2011
I wonder why they are not also targeting Macs?

I guess they are trying to get money out of people and Mac users probably have
more money (on a broad average).

I suppose they say they are calling from "Windows Support" but would it be a
far stretch to also claim to represent someone from Apple? Or put someone else
on the line under the premise of transferring you to Apple.

~~~
Deestan
> Mac users probably have more money (on a broad average).

I sadly suspect this is part of the reason. They have more money and chose a
Mac because they are educated and can get a decent salary _and_ mentally
independent enough to make a conscious purchasing decision.

If you just obediently go with what the trustworthy computer salesman pushes
at you, you end up with a Windows computer. And obedient trusting people are
what the scammers want to target.

~~~
untog
_They have more money and chose a Mac because they are educated and can get a
decent salary and mentally independent enough to make a conscious purchasing
decision._

I'm going to have to disagree with that. I know plenty of people (with money,
yes) that want to "get a Mac". There's no mentally independent purchasing
decision, it's just what other people have, and they look cool.

As it happens, it's a good choice. But it could easily not be, and they'd
still do it.

~~~
jiggy2011
Perhaps even knowing enough to discern between a Mac and PC is enough to make
them a poor mark.

Notice that they are saying "Windows support" not "Microsoft Support", not
knowing that Windows is a product from Microsoft would suggest they are
looking for people with a very low level of knowledge.

I'm guessing retired people who have a good pension coming in.

OTOH that must put an upper limit to the amount people are willing to spend to
get their computers back from the scammers. If you only paid $300 for a PC
from wallmart you won't pay more than that surely.

~~~
bradleyland
> Notice that they are saying "Windows support" not "Microsoft Support", not
> knowing that Windows is a product from Microsoft would suggest they are
> looking for people with a very low level of knowledge.

They do this to avoid being cornered. On one occasion, when screwing with one
of the callers, I had a little rage fit accusing them of breaking all kinds of
laws. The "manager" informed me that "We never claimed that we were calling
from Microsoft, we're calling from Windows Tech Support, which is the name of
our company." The agents are very careful not to say they're calling from
Microsoft. I suspect that this is some attempt at circumventing exposure to
local fraud laws wherever they are based. I'm not saying it will be effective,
mind you; just that I suspect that's why.

~~~
lindenr
It could also be that they're trying to filter out people who know "Windows
support" sounds dodgy. This also fits with the fact that they still seem to
all have Indian accents -- an immediate off-put to those who have heard about
these scams. People who don't hang up when they hear the words "Windows
support" coming from someone with an Indian accent would probably be very much
more likely to fall for it.

------
jiggy2011
I wonder how these guys are organised. Is it just a bunch of people doing this
from home who have heard about the scam from a friend and have tried to
imitate it?

Or are there actually physical call centres with rows of desks of scammers
doing this as a 9-5?

~~~
panacea
There has to be large scale call centres. The number of calls they're making
is impressive. I got two of them from different people last night (I'm in
Australia).

~~~
jiggy2011
Although that might suggest independent scammers. It would seem inefficient to
cold call the same person again if the first was unsuccessful. Although it is
possible they just take random numbers from a big list and don't update it
until the end of the day.

If they are indeed operated from actual call centres I would be curious to
know how agents are recruited. I wonder if people actually apply for call
centre jobs and are told they will be working for "Windows support" in other
words, maybe some of them don't even know that they are scamming people.

------
Pezmc
I have also had this happen to me and a friend. We have both calls recorded
and the numbers logged, is there anywhere we are supposed to send these
reports?

~~~
DanBC
[http://www.microsoft.com/en-gb/security/online-
privacy/phish...](http://www.microsoft.com/en-gb/security/online-
privacy/phishing-scams.aspx)

[http://blogs.msdn.com/b/securitytipstalk/archive/2010/03/09/...](http://blogs.msdn.com/b/securitytipstalk/archive/2010/03/09/don-
t-fall-for-phony-phone-tech-support.aspx)

------
eckyptang
We get these in the UK all the time. Usually either try and hold them on the
line as long as possible (if bored) or tell them to "fuck off" straight away.

~~~
rwmj
I use the "I'll just go and get the PC owner ... he's at the bottom of the
garden". Then put the phone on mute. My personal record is getting them to
hang on for 5 minutes.

~~~
corin_
Not quite the same, but I was on the phone to BT (British ISP) a couple of
years ago as my internet was down _yet again_ , and they were telling me to
reboot my router. I'd already does as much diagnosing myself as possible, and
completely knew rebooting my router would do nothing, but of course they
wouldn't budge. I was in a pretty bad mood at them, so I said I'd put them on
hold to go do it, then I went and had a bath. Twenty-five minutes later they
were still on the line, and I got back and said "OK it's rebooted, still not
working" and the call went on...

~~~
sovande
The joke might be on you. Support calls to your ISP typically have a price per
minute.

~~~
corin_
Luckily I'm not dumb enough to not know whether a phone call is costing me an
arm and a leg :)

------
16s
I won't answer when the caller has masked their phone number. I have too many
things to do. They can leave a msg if it's important. They never do.

~~~
pbhjpbhj
One of the things that frustrates me is that phone companies will carry calls
purporting to be from numbers that don't terminate. Why would they ever think
that was a good idea?

You get a scammer, they've sent their [spoofed] number, you ring it and get
'boo-boo-boop this number is not recognised'. The phone company knows the
numbers that aren't taken because they use that list when you set up a new
phone line.

Though it does just strike me that it's possible the number actual did
terminate but the scammers pretend it didn't; but that seems a long shot.

------
debacle
Back when I was a BOFH, I would string these calls on all the time. Usually I
could manage 30-40 minutes before the Indian would get tired of it and hang
up. Occasionally I'd get one that would last for over an hour.

~~~
pbhjpbhj
I've done this a few times at work - they are very convincing. This would
definitely catch some of the MS Windows users I know.

One time the Asian guy on the other end (who couldn't pronounce what he said
was his name) accused me of wasting his time and said that they were going to
invoice me! That was probably the funniest.

After a couple of goes around it gets boring. Now I just go along for the
first bit and then say I have to put the phone handset down to type and leave
the phone on the side until it screeches at me that I've forgotten to put it
'on the hook'.

------
kevinalexbrown
The most effective way to troll these types of scams is to let them convince
you, but repeatedly tell them that your computer froze and needs to be
restarted. If they feel certain you're willing to pay, they will wait for the
20 minutes it takes to "restart" your computer. The more you "restart" your
computer, time they invest in you, and the less costly that 20 minutes will
seem.

That said I don't think I'd have the patience to do it more than once. And I
suppose there are better ways to help humanity than trolling scammers.

~~~
JagMicker
I'd suggest trying to get the email address and any other personal info. of
the scammer. Tell them you have an office with 200 PC's and they're all
infected. Tell them you want to buy their software for all of your PC's. Try
to get bank wire/routing info or a mailing address to send payment. Then
report to FTC, DHS, FBI, et al.

------
patrickdavey
If you've not seen it... <http://www.itslenny.com/> you can forward VOIP
telemarkers to "lenny" - an automated bot who will happily chat with them for
... ever..

There are some classic mp3s to listen to.

------
mnazim
I couldn't help but read it in the Russell Peters style Indian accent. It
wasn't until the middle of article that I noticed the subconscious act.

(DISCLAIMER: I belong to the same part of the world and probably have the same
accent)

------
slashedzero
Ugh. A friend's mother fell for this exact thing. Spent a couple days
"disinfecting" her computer. A few hours later, it finally dawned on her that
she had been scammed (when someone asked her how the people could have known
she had viruses), but she was too proud to talk about it/fight with the
scammers.

Very smart though, targeting home phones, as they're just the right generation
to fall for this type of scam.

------
garazy
I had exactly the same call with someone, I wish I'd thought of the VM idea
but I didn't, however I did record it -

[http://soundcloud.com/gbrewer-1/microsoft-telephone-
scam/s-e...](http://soundcloud.com/gbrewer-1/microsoft-telephone-scam/s-ezcsf)

I felt a bit sorry for the guy it's clearly a boiler room with high
expectations.

------
navs
Ah such tales are so entertaining. There was a brief period here in New
Zealand when I'd receive a few of these kinds of calls. Folks in my Computer
Science class considered it a badge of honor to receive a call and troll the
scammer. It's been a while since I received any calls and I guess thats a good
thing.

------
darkstalker
I would answer him "Sorry, I use Linux".

~~~
TazeTSchnitzel
If you really wanted to mess with them, you could tell them you were using an
old version of Lindows (now Linspire...)

------
kevinbluer
Potential idea for a hackathon! A 419eater.com for tech support scammers.

Some of them are amazing: <http://www.419eater.com/html/samuel_eze.htm>

------
devsatish
The pitches for these sites can be seen on day-time tv, and late night tv,
sandwiched between infomercials. I heard these on radio too. ex:
doublemyspeed.com , totallyfast.com

------
CaioAlonso
The scam site: <http://windows4pc.webs.com/>

EDIT: Webs.com has just frozen it.

------
zapt02
This is interesting but the article is really sub-par and they ended too soon.

------
btilly
These guys call me every month. I hope the FTC does do something about it.

------
lampe
haha nice post!

can someone call me like this?

i got windows xp only in a VM :D

