Someone I know got a tech support scam popup that said their computer was being hacked. I said to bring the computer over. I wanted to see it.
I found the malicious site in the browser history–I’ll tell you how to do that after I finish my story–and pulled the page back up. The computer played an MP3 file with a scary-sounding message and urged me to call an 888 number. So I called. I got voicemail. I left a message.
The other night my phone rang. The caller ID said some state I don’t ever get calls from, so I knew what was going to happen when I picked up the phone. I didn’t have much time, but I answered anyway.
“Hello, I am calling from Windows Technical Support. My name is Daniel,” the caller said with a very slight Indian accent.
“Oh, hi, Daniel.” I said, pausing for a second to think of a name. The last project manager I worked with was a nice guy named Naim, who had emigrated from India to Minnesota. So I stole his name. “My name is Naim.”
Long awkward pause. I grinned. Too bad “Daniel” couldn’t see me.
“Your name is Naim,” he said. His sarcasm and disbelief was so thick it was bulletproof.
“Yes Daniel, my name is Naim,” I said pleasantly, making no effort whatsoever to disguise my midwestern accent. I’ve lived my whole life in Missouri and Ohio. Read more
I guess Matt Weeks is as sick as I am of tech support scammers, because he developed a way to fight back, in the form of a Metasploit module that exploits a software defect in the AMMYY remote access tool that these scammers sometimes use. Metasploit is a tool that penetration testers use to demonstrate–with permission–how hackable a computer network is. In this case, the would-be victim is penetration testing someone without permission. Run the module when the scammer connects to the would-be victim, and he or she gets a command prompt on the criminal’s PC. At that point, the would-be victim can break their computer, perhaps by deleting critical files, corrupting the Windows registry, or something else. Anything you can do from a command prompt would be possible at that point.
I’m anything but heartbroken that this threat exists, although I’m not going to do this myself. Let me explain. Read more
I guess the Windows technical support scammers are getting robo-dialers, because I got an automated call over the weekend telling me that my computer was sending alerts to their servers, and to press “1” to speak with a Microsoft Certified technician.
So I pressed “1” to see what tactics this particular scammer would use. Read more
It was bedtime and the phone rang. “Unknown name,” my Caller ID said, and the phone number was “1.” Sounds legit, right? No? I picked it up anyway. There was an audible delay after I said, “Hello.”
“Hello?” a distant voice said. “Hello?”
“Hello,” I said.
“Hello. My name is ‘Daniel,’ and I’m calling from ‘Windows Technical Support.’ How are you this evening?”
I really wanted to tell him my name was something obviously non-American, but I couldn’t think of anything so I told him I was fine. Next time I’m going to tell him my name is “Dhanesh.” After an introductory ramble, “Daniel” said my computer was sending alerts because it had lots of errors, and it was impossible for me to see them.
One night my son ran down the battery on his Memopad 7 and put it away, but didn’t put it on the charger or tell me about it. The next time he went to use it, it was dead.
I tried several different tricks I found online, including plugging it in overnight to the AC adapter, plugging it in overnight to a computer’s USB port, and holding down the power button for a full minute or even a full five minutes. None of it worked–the unit just wouldn’t power on or show any signs of life whatsoever.
Finally I resigned myself to the possibility I would have to send it in for service. Read more
I did a little more digging after getting yet another fake technical support phone call last week, and I’ve done some thinking on my own. If you want to troll these criminals when they call you, here are some ideas. Read more
I got another “Windows Technical Support” call on Friday evening. My caller ID said Minneapolis, and since I have coworkers in Minneapolis, I answered. But the guy on the other end was a long way from Minneapolis and probably doesn’t know diddly about ice hockey.
I’m pretty sure it was the same criminal as last time, but over a better VOIP connection. I remember the voice pretty well, because his parting lines from last time, “Enjoy your broken computer, Mr. Genius Man!” struck me as funny. And he started the conversation with, “I’m calling you again about your Windows 7 computer.”
My conversation with him revealed a few things about why this scam is likely to be profitable.
“Oh, so you think you’re Mr. Genius Man,” the crackly voice said, drowned out by static caused by his cheap VOIP connection. “Enjoy your broken computer, Mr. Genius Man. Goodbye, Mr. Genius Man.”
So ended 23 minutes of my life that I’ll never get back, but I figure it’s 23 minutes he wasn’t spending scamming someone else. I don’t do it often, but my kids were playing nicely and we were all in the same room, so I guess I don’t regret it too much. Read more
The smartest guy in the room cited the Commodore command LOAD “*”,8,1 as something he used for years but never understood why it worked except it was the command he used to load games on his Commodore 64.
So I explained it. Now I can explain it to you too. Read more