After FTC crackdown, users chronicle tech support scam calls
Scammer uses profanity when he figures out intended victim is on to his game
Computerworld - The Federal Trade Commission (FTC) action last week against Indian scammers posing as Microsoft technical support has prompted users to relate their tales of woe.
Last Wednesday, the FTC hit six criminal operations, freezing assets of 14 companies charged with bilking consumers by posing as tech support from name-brand firms including Dell, Microsoft, Symantec and others.
In a statement last week, FTC chairman Jon Leibowitz said the criminals had "taken scareware to a whole other level of virtual mayhem."
The scammers cold-call consumers posing as representatives of major technology companies such as Dell, McAfee, Microsoft and Symantec, telling them that their Windows PCs are infected with malware and offering to help them scrub their machines -- for as much as $450.
In reality, the PCs are malware-free.
Computerworld readers and others used the crackdown to report their experiences with the scammers.
"Got [a call] tonight," said a reader in an email of Oct. 3, the day the FTC announced its moves against over two-dozen companies and individuals, but more than a week after a federal judge issued restraining orders against the accused. "Guy could hardly speak English and it was definitely a large call center. I told him I knew it was a scam and then said a few 'choice' words."
Another reader, Lynda Owens, related a Sept. 24 call she received.
"The gentleman on the other end was trying to tell me that my computer was sending out codes through my Microsoft [Windows] alerting them that I was having issues," Owens wrote in an email. "I started questioning him pretty hard and wanted him to identify himself and the company that he was with. After about 10 minutes on the phone, he actually gave up and hung up on me!"
Others described events triggered by advice from legitimate vendors, who told their customers to contact tech support firms which used the same ploys.
"My elderly parents called Canon because they were having problems with a printer," said reader Earle Greenberg. "Canon referred them to a [telephone] number for tech support, apparently third-party, who tried to do this exact same thing. They got so far as getting my parents to load a client so the tech could control my parents' computer and then showed them all the so called 'errors' and told them for $150 they could fix it and their printer problem."
But the most detailed account of a scam in action was given by a principal of Canadian software developer Amobius Group.
The executive posted a 19-minute recording of a conversation with a "tech support rep" who tried the same trick the FTC had outlined.
"Coincidentally, one of the principals of our company was recently sitting at his computer when he was contacted by likely the same individuals," the blog stated. "He had a virtual machine handy and so spent the next 30 minutes talking to the scammers and recording how they operated."
The recording was made Sept. 12, about two weeks before the FTC froze assets of the alleged scammers.
The website the caller told the intended victim to visit -- www.help22.com -- was offline Monday. Computerworld had found the site active on Oct. 4, however.
Near the end of the telephone call, the "victim" asked the scammer, who had identified himself as "Daniel" earlier, "How do you justify that you're stealing from people? When you wake up every morning, how do you feel knowing you're going to steal from people? Do you tell your mother what you're doing?"
At that point, the Amobius Group principal shut down his virtual machine that had been under the criminal's control.
The next -- and last -- comment from the scammer? "Are you a bloody ************?"
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
Read more about Security in Computerworld's Security Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts