The local newspaper ran an article about the recent spate of scam telephone calls who tell you your computer is infected with a virus and offer to "help" you get it disinfected.
Internet scam reports increase
Since reading this article, I have taken three calls from these folks, two on Saturday, 16 April 2011 and one today (Fri, 22 April 2011). Each time it is a man with an Indian accent -- "Ronnie", "Shane", and "Jack". Each asked if I have a computer with an internet connection and told me it is downloading viruses and infecting my hard drive. Ronnie and Shane said they were from the "Technical Department of Computer" in Newark, New Jersey. Jack said he was from "Tech 4 PC Support" and gave me a phone number of 631-456-4455, which appears to be an unlisted number in Suffolk County, New York on Long Island.
All three calls had the Caller ID information blocked. The first two hung up after I asked them for their phone number. After each call, I hung up and phoned *57 to capture the caller information at Comcast for potential use by law enforcement.
After the first call, I phoned the county sheriff and filed a report and also filed a report with the Internet Crime Complaint Center, as recommended in the newspaper article.
I kept the third caller on the line a bit longer to find out more about the scam. He had me use Windows-R to pull up the Microsoft "Run" dialog and then "eventvwr" to open the Microsoft Event Viewer. Then he had me go to the "Windows Logs", "Application" pane and look at all of the "Error" and "Warning" lines.
These are all pretty normal entries in an uninfected Windows system, but the scammers hope that the user has never had occasion to use Event Viewer before and is awed that the scammer would know about these errors on their computer.
The third caller asked me to open Internet Explorer and go to "www.teche4pc.com", which I declined to do.
On the next call, I may try putting the phone on speaker and recording it, as these folks have done.
Fake tech support call scam
Behind the IRS Scandal and the attacks on Obama
4 hours ago
16 comments:
i have just had a phone call from what i believe to be the phone scammers you discribed, they told me to do exactly what they told you (eventvwr.exe)then they passed me on to their so called technitionso they could help me remove the virus. I explained that i had norton installed on my pc and they said no anti-virus can pick this up as it happens over time, alarm bells were ringing from the start now they were giving me a headache, lol so i ask them if they would phone me back in an hour after i had contacted microsoft to check.
Do you think they will.... I WON'T HOLD MY BREATH. lol
I am in Kent England and just had the same call. I refused to enter any instructions that I had received on the 'phone and rang off. I tried to recall the phone number, but it was not given.
Thanks for this blog, just had one of these calls,2/2/2012, from Gungerdin aka Brad. Told me to go to "run" put in eventvwr, said it's tea time got to go, so looked up on Google and found this blog, thanks for info, will tell him put Foxtrot Oscar in his English dictionary when/if he phones back Cheers Jon, Robin Hood Country, England.
I just kept one of them on the phone for 15 minutes, pretnding to be incompetent and fussing about. When he asked me what I could see when I went to google www.support.me....I told him I could see www.faud.uk.... He didn't understand at first so I spelt it out... He said Oh My God and laughed... I then told him what I thought of him and hung up I was the one laughing... Great game.
I am in Calgary (Alberta, Canada) and got this same call today (Feb. 20, 2012). Microsoft would never call in this manner. The red flag went up when they wanted to take control of my computer.
I called the local police and they were already aware, added my input (the name and phone number I was given to verify the accented person who called). Apparently, some people have gone as far as giving out their credit card no's to these people. I hope these people get caught!
It would be nice to know how to contact MS regarding these scams.
I'm from Sweden. I just received the same call. I didn't follow his instruction, but told him to call back later, in order for me to check up on the "eventvwr". Obviously it's all a scam.
"Shane" is currenty informing me about payment details now. I've known of this scam from the start.
wants me to go to www.logmein123.com
I just end up stringing them along and playing Nyan cat at them until they hang up. http://youtu.be/wZZ7oFKsKzY
I just had the same call about 30 minutes ago.
Currently home alone while my parents are in Japan (I'm in Denmark), and this 'person' got me so freaked out I almost started crying.
However alarm bells started going of as soon as he wanted me to start searching for something, and I just tried to see where he was going with it.
By the end I think he was so freaked out by me freaking out and crying that he just said: FUCK it, and he said: I'll call back later.
As soon as I called my dad (PC specialist) he just said - it's a stupid, stupid scam, and you did well for not giving any information, or going to any website.
I was glad I found this blog-post, so I now know what to do when/if he calls back - blast some Justin Bieber at him until his ears bleed.
Btw. my brother said they'd recieved those calls like 5 times before (I currently don't live at home), so they are extremely persistent!
I got a call from these guys on August 25, 2012.
The guy was very aggressive, and they tried to keep me on the phone as long as possible, even though I was obviously uninterested.
At the end he tried to guilt me into staying on the line, by saying that he was just trying to help, and it was too bad if I didn't want to be helped.
He tried to get me to visit 1stopesolution.com. Why is it that they are trying to get people to visit different websites? Is this some sort of weird SEO strategy? Or are the websites they are sending us to infecting people with malware, in order to support their case?
I too have had such a phone call. Yes Indian voice on line (after a silent gap) saying he's from Microsoft and they had received "error reports" (any time my computer syas "send error reoprt?" I always click "NO". So yes he tried to get me to enter "EVENTVWR" in the "run" box. I told him I wouldn't 'cause i didn't know if he was bonafide. He tried to persuade me he was so I asked him to give me his tel no and name and that i would call back when I had spoken with my "computer guy". He gave me a number starting with "800" I haven't rung it yet (maybe premium rate?) and before I got chance to 1471 and check if it came up as caller witheld someone else had rung my phone so i couldn't do that. I am very wary of folk calling me "unannounced" like this (just as well) especially with Indian accents (by the way i am not being rascist). Beware folks..! Dave in London 26/11/2012.
I had exactly the same call today and to be fair I get about 4 a week and each time I use a different approach from not owning a computer to owning an apple mac... however today after he asked me to click windows r and put in eventvwr he also gave me his number as 0808 280 2518 also 07390129 followed by an address and a website... the website being www.companyhouse.co.uk and an adress being
3 midhurst close
highfield
Crawley
West Sussex
RH11 0BS
Feel free to pass any of this information on to be checked as I think these people need prosecuting. They expect people to pay £99.99 for them to sort it .. after they have access to all personal details
I had the same experiences as those above. I did not enter the eventywr code but told the caller that I did enter it, As I was waiting I asked the caller for my name and she had that and more information on me. Where did they get the information from. I would like to speak to that person ..I hung up.
Geo Florida
I just got the same one.
was asked to do this too - but I googled it all, made sure to check if anything of this could be a scam.
So it was - thank you google. Thank you Bill Starr's blog!
Glad to have found your blog, and glad that I quit before anything got screwed up....for what it's worth the number calling me was 78--409-4786. Guess they are still getting away with it, as I note these comments go back over a year.
RAC Massachusetts
I just rec'd my second call from the eventvwr scammers. I acted like I entered his info in the RUN box and he asked me what it said.
I told him that it said: "some F*****g hacker was trying to get into my computer". My caller id said the caller was AMEYO at 780-409-4786
Indian accent with three personnel, sound like a long distance echo on the phoneline tried to get me to their site. "Personal or Business use of your computer, your computer is infected, we can help you" Get real with a name Jason Morales for an Indian? Gave him the Blue Screen of Death story when I log onto their site which I did not.My Norton antivirus is going haywire... he did finally let me go.
Cuury Leaves.
Post a Comment