Someone I know got a tech support scam popup that said their computer was being hacked. I said to bring the computer over. I wanted to see it.
I found the malicious site in the browser history–I’ll tell you how to do that after I finish my story–and pulled the page back up. The computer played an MP3 file with a scary-sounding message and urged me to call an 888 number. So I called. I got voicemail. I left a message.
My phone rang a few minutes later. I knew who it would be. A guy with a thick accent claiming to be from “technical support” said he was returning my call.
I told him I’d been expecting his call and I was just finishing up reporting his URL to Google Safe Browsing and to Microsoft.
“Get a real job,” I said. “You’re a fraud.”
“No sir, you are a fraud,” he said.
Pretty feeble attempt at social engineering, I’ll say. He argued with me for a few minutes, ending most everything he said with, “You are a fraud.”
Then he asked me what time it was. I looked at the clock and told him, and asked him what difference that made. He told me I was a fraud. I’m not sure why–I told him the truth.
“Keep talking,” I said. “The more time you spend talking to me, it makes less time you’re talking to someone else.”
In response, he muttered something I couldn’t understand.
I told him his English left something to be desired, although I used a less polite word than “left something to be desired.” That must have touched a nerve because he immediately hung up on me.
I got one of my buddies to call the number later–I dared him to tell him Dave said his English was terrible. He did much better than that. He pretended to be an old lady, and kept messing up the credit card number, and when the scammer got mad, he said in a very masculine voice, “Boy, Dave said your English was terrible, but he didn’t mention what a [jerk] you are.” But he didn’t say “jerk.”
Enough stories. If you get a page like this, pull the URL out of your history and paste it into Notepad. On Firefox, go to the History menu and pull the page back up, and copy and paste the URL out of the bar. In Chrome, type chrome://history in the URL bar, then find the link in the resulting page, right-click it, and copy and paste it. Then report it to Google Safe Browsing and Microsoft like I did–that’ll cut down the number of pages linking to them fast.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.