After FTC crackdown, users chronicle tech support scam calls
Scammer uses profanity when he figures out intended victim is on to his game
Computerworld - The Federal Trade Commission (FTC) action last week against Indian scammers posing as Microsoft technical support has prompted users to relate their tales of woe.
Last Wednesday, the FTC hit six criminal operations, freezing assets of 14 companies charged with bilking consumers by posing as tech support from name-brand firms including Dell, Microsoft, Symantec and others.
In a statement last week, FTC chairman Jon Leibowitz said the criminals had "taken scareware to a whole other level of virtual mayhem."
The scammers cold-call consumers posing as representatives of major technology companies such as Dell, McAfee, Microsoft and Symantec, telling them that their Windows PCs are infected with malware and offering to help them scrub their machines -- for as much as $450.
In reality, the PCs are malware-free.
Computerworld readers and others used the crackdown to report their experiences with the scammers.
"Got [a call] tonight," said a reader in an email of Oct. 3, the day the FTC announced its moves against over two-dozen companies and individuals, but more than a week after a federal judge issued restraining orders against the accused. "Guy could hardly speak English and it was definitely a large call center. I told him I knew it was a scam and then said a few 'choice' words."
Another reader, Lynda Owens, related a Sept. 24 call she received.
"The gentleman on the other end was trying to tell me that my computer was sending out codes through my Microsoft [Windows] alerting them that I was having issues," Owens wrote in an email. "I started questioning him pretty hard and wanted him to identify himself and the company that he was with. After about 10 minutes on the phone, he actually gave up and hung up on me!"
Others described events triggered by advice from legitimate vendors, who told their customers to contact tech support firms which used the same ploys.
"My elderly parents called Canon because they were having problems with a printer," said reader Earle Greenberg. "Canon referred them to a [telephone] number for tech support, apparently third-party, who tried to do this exact same thing. They got so far as getting my parents to load a client so the tech could control my parents' computer and then showed them all the so called 'errors' and told them for $150 they could fix it and their printer problem."
But the most detailed account of a scam in action was given by a principal of Canadian software developer Amobius Group.
The executive posted a 19-minute recording of a conversation with a "tech support rep" who tried the same trick the FTC had outlined.
"Coincidentally, one of the principals of our company was recently sitting at his computer when he was contacted by likely the same individuals," the blog stated. "He had a virtual machine handy and so spent the next 30 minutes talking to the scammers and recording how they operated."
The recording was made Sept. 12, about two weeks before the FTC froze assets of the alleged scammers.
The website the caller told the intended victim to visit -- www.help22.com -- was offline Monday. Computerworld had found the site active on Oct. 4, however.
Near the end of the telephone call, the "victim" asked the scammer, who had identified himself as "Daniel" earlier, "How do you justify that you're stealing from people? When you wake up every morning, how do you feel knowing you're going to steal from people? Do you tell your mother what you're doing?"
At that point, the Amobius Group principal shut down his virtual machine that had been under the criminal's control.
The next -- and last -- comment from the scammer? "Are you a bloody ************?"
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His e-mail address is email@example.com.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts