Last Updated on June 7, 2014 by Dave Farquhar
“Oh, so you think you’re Mr. Genius Man,” the crackly voice said, drowned out by static caused by his cheap VOIP connection. “Enjoy your broken computer, Mr. Genius Man. Goodbye, Mr. Genius Man.”
So ended 23 minutes of my life that I’ll never get back, but I figure it’s 23 minutes he wasn’t spending scamming someone else. I don’t do it often, but my kids were playing nicely and we were all in the same room, so I guess I don’t regret it too much.
My mocker should have known right away that something was up when he called me. After confirming that I own a computer–which took 5 minutes because I could barely hear him over his cheap static-filled Magic Jack connection and the other people talking in the background–he told me to press my Windows key. I told him I don’t have a Windows key. He asked what was between my Ctrl and Alt keys. I said nothing. He asked what was on the other side. My space bar, of course.
His script doesn’t know how to deal with old-timers like me who use Reagan-era IBM keyboards. Yes, I checked. My keyboard is 27 years old.
So then he asked me what was in the lower left-hand corner of my screen.
“This black window that says, ‘R:\downloads>’ with a flashy blinky thing next to it,” I said.
Yes, really. I had a command window open when he called. I was trying to install some GPS software when he called, and using a command prompt was going to make it easier. Don’t ask me how–the guy interrupted me.
Finally I got him to tell me to hit the Start button. “Why didn’t you just say so?” I asked. “I moved my Start button to the upper right hand corner of the screen.”
Yes, I really do have my Start button on the side. I have a lot more horizontal pixels than vertical pixels to spare, so it makes it easier to work. Try it–you’ll like it.
Finally able to get back on script, my mocker walked me through bringing up the Event Viewer. Had he just told me to bring up Event Viewer, we could have saved five minutes, which I told him afterward.
“Look at all those warnings and errors!” he marveled.
I read a few of them to him. Most of them were DNS resolution errors. One was a warning that my APC UPS had switched to battery power a day ago. Another was an error from the Windows XP-loving GPS software I was trying to install when this hotshot from the other side of the world so rudely interrupted me.
“See how badly your computer is working?” he asked.
“My computer is working fine,” I said. “This stuff is perfectly normal.”
“No no no,” my mocker rudely interrupted me.
“Yes yes yes,” I countered. “This is what the Windows Event log is for–so my APC UPS can tell me when it goes onto battery power. I want to know that.”
“No no no,” my mocker countered. “How many total events do you have?”
“About 2,500. This computer is four years old, so that’s two events per day.”
“See, your computer is all wrong,” he said.
Trust me. Two Windows events per day is nothing. My job for about a year was managing all of the Windows events generated by a Fortune 100 company. They have 8 terabytes worth of logs, and they aren’t collecting and storing everything I wanted them to collect (yet). So I know a little something about Windows event logs.
Finally he gave up and moved on to the next item in his script, having me run MSConfig. I interrupted him about halfway through his script and asked him if he wanted me to run MSConfig. He said yes. “I know MSConfig,” I said.
He had me click on the Services tab and asked me if anything was unchecked, then on the Startup tab, where he asked me if anything was unchecked. Nothing was, which he tried to tell me was very bad. He also tried to tell me that services marked as “stopped” is very bad.
“Do you know what a Windows service is?” I asked.
He read me a line off his script.
“It’s a program that runs in the background and waits for something. Some of them have to run continuously. Some don’t.”
In my case, most of the services that were stopped have to do with Adobe updates. Those normally only have to run once a month. On the second Tuesday of the month, actually. That’s something else that wasn’t on my mocker’s script.
Their script is designed to pull up something that’s going to be on every computer, so they can use it to scare someone into thinking their computer has something wrong with it. Nothing he pulled up on my computer was abnormal at all. The only thing it proved is that nobody’s been messing with it.
“Your computer is very bad,” my mocker said.
“No, my computer is running very well,” I said.
He laughed at me.
“Listen,” I said. “I’ve been doing this for 25 years. I built my first computer as a teenager. I built this computer myself. I’ve written books and magazine articles about Windows. Open your web browser and go to https://dfarq.homeip.net. See that? That’s me.”
“That’s you? Riiiiight.”
“That’s my website running on my Linux computer in my basement. I’ve been blogging about this stuff for almost 15 years. Last week I reviewed the Windows 7 gold image that a large company is going to deploy to 30,000 machines and made recommendations for making it better. So I think I know when a Windows computer is working well.”
“Oh, you think you are Super Technician? You are Mr. Genius Man?”
After about five minutes of mocking, I set my phone down on my desk and walked away. I didn’t hang up, I just walked away. Even after he said goodbye, I could hear him taunting. After I heard the rapid-fire beeps of the line going dead, I picked the phone back up and turned it off.
Some of these scammers seem to think they’re really good with computers. But when they call someone who really knows this stuff–they’ve called a number of my colleagues, sometimes even when they’re at work–it becomes obvious very quickly that they’re working from a script, and they get very confused very quickly when they see something that deviates from that script, like the lack of a Windows key on my keyboard, or someone moving the Start button.
A year ago I flummoxed one of these scammers with a Windows XP box that had its network adapter disabled in Device Manager. It took me a few seconds to fix, once the guy shut his trap long enough for me to think. An entry-level helpdesk person–a legitimate helpdesk person–can fix this issue in about five minutes, even working from a script.
If these people were any good, they’d be working for some Fortune 500’s offshored helpdesk–they all have one, except for the companies that have more than one–not calling you from a Magic Jack and harassing you at night.
Normally my conversations with these clowns only last a few seconds. Or sometimes I’ll just set the phone down and let them converse with my kitchen counter for a few minutes before they give up and hang up. Every once in a while I’ll play dumb for a while, follow along, and then tell them they have their heads somewhere that heads don’t belong.
I look at it this way: If they’re talking to me, then they aren’t talking to someone less knowledgeable whom they can scare into handing over a credit card number.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.