Category Archives: scams

I read Microsoft’s site to a “Microsoft” scammer

“Daniel” from “Microsoft” called me the other day. The number looked halfway legit so I picked up. He out and out claimed to be from Microsoft and said he was getting alerts from my computer. His voice sounded familiar–I think I’d talked to him before.

“Which computer?” I asked.

“Your Microsoft computer,” he said.

Continue reading I read Microsoft’s site to a “Microsoft” scammer

A scammer called me a fraud

Someone I know got a tech support scam popup that said their computer was being hacked. I said to bring the computer over. I wanted to see it.

I found the malicious site in the browser history–I’ll tell you how to do that after I finish my story–and pulled the page back up. The computer played an MP3 file with a scary-sounding message and urged me to call an 888 number. So I called. I got voicemail. I left a message.

Continue reading A scammer called me a fraud

Microsoft Security Essentials alerts – don’t call “Microsoft”

Last Tuesday night my oldest son came into the room and told me he thought one of our computers was being hacked. So I kicked into incident response mode and walked into the other room to be greeted with a computer loudly telling me that Microsoft Security Essentials was unable to clean a virus and to immediately call Microsoft.

Instead I immediately shut down the computer. Here’s why.

Continue reading Microsoft Security Essentials alerts – don’t call “Microsoft”

Spot phishing e-mails with Outlook 2010

I got e-mail the other day from Turbotax saying someone had filed my taxes for me. Obviously a cause for concern, right? Here’s how I determined the message was fake in about three minutes.

Some people will tell you not to even open a message like this, but if you’re a computer professional, at some point someone is going to want you to prove the message was fake. I think this is something every e-mail administrator, desktop support professional, security professional, and frankly, every helpdesk professional ought to be able to do.

So here’s how you can get the proof. And generally speaking, Outlook 2010’s default configuration is paranoid enough that this procedure will be safe to do. If you want an extra layer of protection, make sure you have EMET installed and protecting Outlook.

Continue reading Spot phishing e-mails with Outlook 2010

Download more RAM — Safe? Scam? Joke?

A software developer asked me today about a website called Download More RAM. I don’t think he heard my other coworkers snicker. He asked if it’s possible to download RAM, then asked if it was a security issue. I said it’s best not to visit it, and spared him the history lesson.

Yes, there’s some history to it.

Continue reading Download more RAM — Safe? Scam? Joke?

How to disarm a scammer

Buried unfortunately deep in August’s Social Engineer podcast was some outstanding advice from British TV star R. Paul Wilson, who turned scamming into prime-time BBC TV for several seasons.

Wilson, who literally has sold someone a bridge that he of course didn’t own, has lots of experience on both sides of scamming, so his experience is invaluable. I was just disappointed that we had to listen to 45 minutes of Christopher Hadnagy and David Kennedy arguing before we could hear it, so I’ll cut through the garbage.

Continue reading How to disarm a scammer

How long do you think it takes to have a conversation you don’t wanna have?

Friday night, I took my wife out to get some coffee to get her a few minutes away from the house. There’s a corner in the front of the store next to the window that we always sit in, and it seems like some huckster is always huckstering something there.

And did we ever find a doozie on this Friday night.

Continue reading How long do you think it takes to have a conversation you don’t wanna have?

Beware “graded value” baseball cards on Ebay

There are a few hucksters on Ebay, whom I don’t care to give free advertising by mentioning by name, who hawk “graded” cards on Ebay and claim them to be especially valuable. One even puts supposed appraised values in his listings in parenthesis, then invites you to visit his page for an explanation of “graded” value, where he cites an example of a run-of-the-mill 1970s star card, normally worth $60, being worth $2,500 once graded.

The thing is, that’s an edge case, and it’s important to understand those edge cases to avoid getting ripped off.

Continue reading Beware “graded value” baseball cards on Ebay

How to ensure you never get another Windows tech support scam call again

I haven’t received a fake Windows tech support call in a very long time. A couple of the operations doing this have been shut down, but based on the continued popularity of the things I’ve written about them, I wonder if some people are still getting them.

That makes me reluctant to block them, just in case they call me again, but if you’re getting those calls and want them to stop, I can tell you how to do that.

Continue reading How to ensure you never get another Windows tech support scam call again

Microsoft sues the tech support scammers

I’m all torn up this morning. I’m torn up because Microsoft has sued a couple of tech support scam outfits for misrepresenting themselves and violating Microsoft trademarks.

I’m torn up because it’s taken this long. I’m also torn up because this may mean I’ll never get to see what kind of hilarity would ensue by telling a scammer with a fake western name that my name is “Suchita.” In the deepest voice I can muster, of course. Keep in mind that if I sing in falsetto, I’m a tenor. Also keep in mind that nobody wants to hear that.

But torn up as I am, I understand.

Continue reading Microsoft sues the tech support scammers