Trying to unmask the fake Microsoft support scammers!

Im pretty sure that most of you guys know about the recent phone scam which is circulating right now. They have been calling a lot of people in countries such as Germany, Sweden, the UK and probably more. The scam is pretty simple; they pretend to be from a department within Microsoft which has received indications that your computer is infected with some malware. They will then offer (for free) to verify if this is the case. If the victim agrees on this, they will ask the victim to perform certain actions, and also type certain commands, which will trick a non-experienced user that the output is actually showing that the computer is infected.

I just want to mention that there is no such department at Microsoft, and they would never call up customers offering this. So if you ever get a call from Microsoft stating that there are some indications that your computer is broken or infected - please hang up!

Well, they have called me several times, and finally Ii got fed up with this and started to play along. At the same time I had my virtual machines running and was recording everything that they were doing. The goal was to find out who they were and exactly what the scam was. Luckily I was able to get hold of information such as their internal IP addresses, the PayPal accounts used to wire money and the numbers they are calling from.

Lets pretend for a while that you have received the phone call, and you are playing along with the whole idea that your computer is infected. Their next step is to try to convince you that your computer is infected. This will be done in several different steps. Please find the steps below, including screenshots below:

  1. They will explain that your computer is only working with VERY low resources because the infection is consuming everything. This is completely wrong. What the picture actually shows is that your computer is only using very little resources at the moment.
  2. They will then open up the Event Manager to try to identify errors, warnings and other information that can be used to trick you into thinking that the computer is infected. The event viewer does show error messages, but not directly related to an infection. Almost all computers have errors in the log files, especially if the computer has not been re-installed lately and is running a lot of programs.
  3. At this point they are really pushing the idea that the computer is infected, and what needs to be done now is for you to confirm that your computer is actually the computer they have in their reporting system. They will then try to associate your computer with a unique number; a number they call the Consumer License ID, known as the CLSID. But the CLSID is actually a Class identifier. In the picture below you can see which program or CLSID an specific file extension is associated with. They will then ask you to execute the command assoc in a DOS prompt, and then ask you if your Consumer License ID is 888DCA60-FC0A-11CF-8F0F-00C04FD7D062. This is actually the CLSID for the ZFSendToTarget file extension.
  4. At this point they have not just tried to convince you that the computer is infected, but also that the computer that they are seeing in their system is actually your computer. They will now ask you to execute yet another DOS command called verify. They state that if the output from the verify command is off it means that your computer license is not verified. This command has absolutely nothing to do with your license, it only allows you to enable/disable operating system verification that data has been written to disc correctly.
  5. At this point the woman I was talking to was screaming OH MY GOD! in my ear, she was super upset that my license was not verified; according to her this meant that no security patches could be installed. She then suggested that the next step was to allow a technician to access the computer and fix all these problems.Of course I allowed the technician to do so - I was running everything in an empty virtual machine :)

  6. They use a Remote Administration Software called AMMYY. I had never heard of this software before this incident. It seems pretty straight forward and legit. From a unique ID they can connect to my computer and work with it. I could also see everything that they were doing. An operator with the ID 10878203 connected to my computer, and below is the permissions that he/she requested.
  7. At this point the administrator connected to my computer and was able to use it. He opened up the Certification Manager and selected an old certificate. I still had the woman on the phone, and she explained that the operator had now found out that my computer had not been updated since 2011 because of this invalid certificate.
  8. Now things started to get really fishy, they told me that the only solution for this is to activate my system and also to install security software which will protect me against viruses, malware, Trojans, hackers and other things. She asked me on the phone If this is what I wanted to do, and said that if I do want this the operator would fix my computer and also install this software. She said this would only cost me about $250 USD.
  9. The operator then installed a program called G2AX_customer_downloader_win32_x86.exe from the website www.fastsupport.com. When this was done a chat popup came up. It was a person with the name David Stone who informed me that my computer was no longer at risk.
  10. They then told me that since I agreed to getting my software updated, I now have to fill out a form and pay $250. They then opened up a PayPal form. I was able to collect several different PayPal accounts including: ukfastcare@gmail.com and ddkcare@gmail.com
  11. Since I knew that this was simply a scam I wanted to see if I could get some more information about these people. So I tried several times to enter fake VISA and MasterCard information and also said that I dont have the ability to buy things on the Internet with my card. They got quite frustrated with me at this point. I then asked them to visit a website, which I pretended to be the website of a friend who I know has put his card information on a website.The website is actually only a textfile containing a static text: Hi, please connect from a different IP since your behind a proxy
  12. We tried several times from my computer, using different browsers, but then I asked them to check from their site, and to my surprise they actually did. I was looking in my log file and as soon as they connected I got their IP address :)

    101.xxx.xxx.197 - - [01/Aug/2012:13:44:31 +0200] "GET //.txt HTTP/1.1" 200 413 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0.1"

  13. At this point I also just disconnected from the phone several times when we were talking, because I wanted to see which numbers they were calling from. I was able to collect the following numbers: 00441865589771, 008028, 002127773456 and also a hidden number.
  14. After collecting all the information, i have now contacted all the appropiate people such as the security team at PayPal, various law enforcement agencies with the hope that we can stop these people. They are stealing alot of money from innocent people. I know that people have been warned about these scams, but my conclusion is that they are still calling people because they are still making money out of these scams.

    The software that they were using was not malicious in any way, which means that no security software can detect these types of scams. This is one of the main reasons for this article and others like it - we need to keep informing people about it until the cybercriminals are forced to stop.

Related Posts

There are 62 comments
  1. Bonjour, c’est la première année que j’ utilise Kaspersky Internet Security et je suis très satisfaite de tous les services. J’ ai 67 ans, débutante et je suis très intéressée par vos informations. Bravo et merci à tous. Cordialement, Geneviève.

    1. Carol

      Is it possible that these scammers have put an insert into computer and printer boxes. I just purchased a new printer and computer. I couldn’t connect the printer to the computer so I called the number on the insert. It basically did pretty much as you describe in that they logged onto my computer and looked at it and told me that I was part of the mass hacker USA. They googled that and showed me 2 million people were hacked that I was not alone. They showed me files on my brand new computer and that it had been logged in by 6,984 x (I just got the computer the day before). I knew nothing about what they were saying (she was from India I believe) couldn’t understand half of what she said but for $299 (a discount for being a customer) they could transfer me to Microsoft’s Anti Hacker Experts who would do several things, basically get rid of the hackers, protect my banking information, protect my computer, etc etc etc. Now remember, I called THEM. Is it possible thjis was legitimate? I’m over 60 and one of those people you are worried about :(

      1. Lois Glanby

        I have been targeted as a victim. I have Guru Aid on contract for Technical Support. They had just tuned up my computer. I got these pop-ups which were very hard to remove from “Windows” that a Trojan horse virus had infected my computer and several others. I was immediately suspicious. I called the number listed. I talked to a woman, scolded her for a scam as I just had my monthly computer tune-up. She remained professional. I told her this was an extreme annoyance. We hung up. It didn’t stop. Still received pop ups and phone calls. As I am typing this report I am receiving pop-ups of Microsoft technical support. Thank you for your posts on the internet blog. My suspicions are confirmed. I have two reliable sources for technical support that I have used for years. Guru Aid and a local office supply chain. Today is October 24, 2014.

  2. joey sun

    thanks for the posting. there are still people calling and using the same scam. it happens to me today Jul 17, 2014.

  3. Hate to tell you this David but they are still at it in the UK and it is now July 2014. Got my call yesterday when my son answered and they phoned back today. Very plausible. I stopped at the point he wanted me to run an exe file and said I wanted to investigate and to call back in a couple of hours. We will see if he does.

    Good try on your part though.

    1. bert

      got me yesterday now they put a password on and I cant get in do you know what to do

      1. vivienne

        Try this let your battery go to completely 0 the computer will shut off by itself. Then plug it up to charge, turn it back on you should see the screen display name press on safe mode. Now you are going to have to restore your computer back couple of days prior. Before receiving their call and illegally accessing your computer. They did the same thing to me. I had to restore my computer to a later point, before they accessed it. The bastards keep calling me. If you can scrub the
        deleted. That you know you won’t need at all

  4. Several calls about this. did assoc on several computers (remembering they should all be the same) while I strung the guy along. After that, I asked how they could all be the same? No reply. Then I politely told him I knew this was a scam as I am an IT person (I actually am) and told him never to call back. If he did I would track the number and sue his ass. Not sure how the bozo got my number (possibly random or some kind of list). This is something I would not fall for as I was pretty sure the item number was the same .. Glad for the explanation about what it is. Next time I will have more fun with it.

  5. Christine Ekin

    Thanks for this information, just had a call from a scammer and asked him to identify my computer ID he gave me the exact number as above!! He then offered to talk me through finding this number on my computer so I would know they were legitimate but luckily found this info on my I pad while talking to him and refused to connect to my computer. Kept him talking for a good 15 minutes and then told him I knew he was a scammer at which point he was very unhappy that I had wasted his time(shame) !! Operating in the UK July 25th only worry was that he also knew my home address!!

    1. roy west

      I told the caller that I did not have a computer and he called me a liar and that he had my pc licence number I said well he must have been scammed, he got very angry and I hung up

  6. Jim Frederick

    Just got the same call. 7/28/14 4:30 pm

  7. Kimberly Bentley

    Approximately a year ago my husband called me at work. They had convinced him. He followed along to a certain point but knows little about computers. He told me as soon as I got home I needed to call them back and get my computer fixed as he didn’t understand all of the commands they were requesting him to do. My poor husband, I yelled at him and told him the best course of action was to throw my tower against the wall as hard as he could!! Obviously I was very upset!! They still cost me money though because I chose to replace my hard drive. My Husband, as I stated is almost computer illiterate and is also 60 yrs. old. I worry that the older generation is still being taken advantage of!! The phone rang several days ago and I heard him say “Microsoft doesn’t call people, quit scamming people!!” I said good job!! Obviously still going on in the U.S. These criminals must be stopped!!!! If he can believe it, many more can. He knows little about computers but is above intelligence.

  8. Bridget

    I just got the same call, 2:30 on Aug 4. It sounded off from the start although he said several times he was calling from Windows Service Center. Fyi, when I told him I had to call back since a client was about to arrive, he gave me this number: 347-227-6900, x137, James. I don’t plan to call. And it did looked like a 213-3370014 Teleservice # on my in-coming call list.

  9. Charlie

    These people call me regularly. Now their calls are from “Private Number” or “Overseas”, and I don’t answer them. Unfortunately legitimate callers are missed, to, but they could leave a message.

  10. Tom

    I was contacted by these guys this morning. I had been contacted many times before but when I told them I knew they were not on the up and up they stopped calling. This morning they used the CSLID part. after a few minutes I told him I was tired and hung up. He called me back ant told me what a MF’er I was for wasting his time and he called me a few other choice words and hung up. I don’t know how to stop these guys but they sure showed their unprofessional side. Maybe put them on mute ant let them ramble on.
    Thanks for your time

  11. Andres Bott

    You are my new HERO!!, i wish i had the pacience to deal with this people.
    my call ended really fast as i told them i’m using Debian. :-)

  12. Phoned me last night -12/8/14. Deep Indian voice, convinced me the PC was infected. told him I was uncomfertable to proceed with call. asked to speak to his line manager. One second later (ie same bloke, deep Indian voice) pleaded with me that he was genuine, the call was being recorded, that he was based in London and his name was Richard Cooper.Said their website was www-/e-mantra.co.uk. I said I would call him back. He gave me this number 0844 740 6976.

  13. Don Johnson

    8/15/14 They are still operating in the United States. I received a call form 215-555-9874. I knew right away it was a hoax, but kept him on the line over 10 minutes until I got tired of talking to him and siad I knew it was a scam and he hung up.
    If we keep them on the line then they are not calling someone else who might fall victim to their scam.
    I have reported it.

  14. Dmendez

    Just happened to me also. August 16, 2014. After I refused to give him any information, he got extremely upset. I told him not to call this number back and he hung up on me. He called me from a number out of Florida Jupiter. The phone number was 561 745 5427. He somehow knew my name but he screwed it all up. Please be very careful people!!!!

  15. Dorothy

    caught me today. Thought it was on the up and up as I did have someone hack my computer recently

  16. George

    I was called today – from 101-275-0501. Same story about Microsoft support calling to help me due to all the error codes my computer is generating. After showing me the number of “errors” on my computer I was connected to another operator (both with heavy Indian accents and supposedly from California) who tried to get me to connect to http://www.fastsupport.com. I figured it was a scam and went my way. I googled to see if I can find out how the scam plays out.
    Thank you.

  17. Bob Martin

    those guys call me almost every day for a couple of years now. it’s pretty annoying but i have a lot of stress so i use the opportunity to have somebody to yell obscenities at to let off steam. they seem to enjoy it too and they never give up, they have no soul.

    1. tony

      they called me and it was a girl, so i went along with it for a while, and she thought she had a big fish on the line till i started asking her if she tells her mommy and daddy what she does, lol then i said your daddy would be so disappointed what a shame lol again then she was freakin out and finally hung up …….

  18. Dynese

    Received 1st call asking for my husband who was not available. Asked may I help you, Sir. He gave same error reporting issues from my computer. They were from Microsoft Support, providing anti-virus services to Windows owners. I asked what was the cost. Eric Martin (his name-Indian accent) stated it was a free service from Microsoft. I actually am a Mac User (3 in the home) which are my babies. I know very little about PCs, which there is a laptop and a desktop in my home, as well. He kept insisting that I get my PC in front of me and find the “ctrl button” and the button with the 4 window flags. Press both same time. I pretended there was no windows flag on my keyboard. He kept urging me to locate it. I said “Hold Up! I really don’t need this b’cuz there aren’t any viruses on my equipments.” Oh yes ma’am they are invisible.” Only our software can detect them. I asked for their company name & website info. He first said that they couldn’t give out their company’s info, but after me badgering him for something, He gave me SOUTH END PC SOLUTIONS. #210-888-9112, Web site as http://www.southenterprises.net. He asks now to locate the CTRL button and the 4 windows button. I said I wanted to check out their site. Eric asked could he call me back later tonight or tomorrow. RED FLAGS really started flying in my head. I said ‘How do I know that you’re not a HACKER. That’s when I asked several times for a number. Long story short, I told him I wasn’t interested, hung up, got 3 more harassing calls. Threatened we were recording the calls for the Police and they were not to call my number ever again. No calls after that. I did ask if they were so legal/legit, why call people with “Unknow Number” or “Name Unavailable” and if a number does show and you call it back you get this number is not in service. No answer to that. The last caller tried to appease me with charm and I really like your voice, etc. CRAP!!!!!! What a HOAX. People Please Spread The Word. Be Careful!1

  19. Pam

    I too was a victim of these scammers, almost anyway…Called me today stating that he “Tom” was from Microsoft support and had been receiving tons of error messages from my computer. Was initially suspicious given his accent and stated as much and he agreed, “yes, you can’t be too careful nowadays.” Asked again why he was calling me and about which computer and he sounded almost thrilled stating “oh, you have more than one computer?” Asked if he could tell me which computer it was which he couldn’t, so I went to my laptop (which was already having major issues in addition to fan running constantly so I was somewhat taken that this might be a legitimate call…) He asked me to go to a command prompt and type some command (don’t recall exactly what sorry) and verified my Class ID (?), reading it off to me and since it matched what was there, I felt a little more at ease. He also told me “never give this code out to anyone!” He then had me go into event viewer and uncheck several boxes which left only the warnings and major alerts. He then had me read the number of events listed out of “how many total” and was very upset with how many there were, stressing even more why I needed his help. I asked why he cared, further questioning was it “clogging up Microsofts servers or something” obut he didn’t respond, only insisted that I allow him remote access to my PC to fix these issues. I again asked the same question, but more so stated how confused I was since this was a Windows XP PC and that I thought MS no longer supported this? (I had also asked several times during the call what OS the PC with problems had was running, which is when he had me pull up the Class ID, stating that he was not able to see my OS, just that it kept sending all these error messages to Microsoft…)

    I asked one last time why it was an issue that my laptop was sending these warnings, and also expressed that I frankly didn’t care much since I would shortly be decommissioning the laptop anyway as I felt it was going to die, which is why I got the replacement desktop. Once again, he could not answer my question so I tried a different tactic. I asked further about his employment with MS. He stated now that he did not actually work for MS, but rather was “contracted by them” to call Windows customers and fix their problems, then asked if I wanted to disconnect this call. I stated that no, I was not there yet but was still skeptical, and asked if he could provide me the name of the company he worked for and how much this was going to cost me to “fix” these problems. He stated that he worked for Sach Solutions out of “New York” and that it wouldn’t cost me anything for him to fix my problems. The only cost involved would be “if we can’t fix the problem on our own and need to use a tool to help repair it.” Gotcha, I was done… I asked him to call me back tomorrow (a Saturday) to give me time to research this potential scam (which I of course didn’t say to him) and he said “business hours please” so I said ok, since Monday is a holiday, how about Tuesday? He said ok and would call me then…I am now for sure going to have some fun with “Tom” , if he even calls back…!!!

    My only question is, if anyone can answer if I gave him access to anything by agreeing with him that my Class ID was in fact correct by verifying it was what he said it was?.. Should I simply decommission my laptop TODAY or was this just harmless by verifying this???

    Any advice would be appreciated, thanks!

    Pam

  20. Enrique

    I just received a call from “David Billsen”, deep indian accent, talking bad spanish, I’m living in Madrid where he called. We started talking in English. When I asked where was he calling from, he told me that from the Microsoft Headquarters, in Florida. When I told him MS HQ are not in Florida, he told me that these are special technical support headquarters. Then I asked him to give me my computer’s details, brand, operating system, configuration… He was unable to anwser so he told me he could not give confidential information. When I told him I have a Macintosh computer he got nuts and then we ended the conversation.
    Callers ID: 00300000000000 September 1st 2014

  21. William Graham

    Someone with a caller I/D of Robert Fuller called me yesterday, stating that he represented Microsoft Corporation and my machine was sending out malicious software. I have been working with PC’s and computers for over thirty years and know a scam when I hear one. This is the eighth time they have tried to scam me and it is very irritating. I thank you for your informative article disseminating information that people less knowledgeable really need to know. Putting them on a virtual machine was a good move(wish I would have thought of it), oh well. Just remember you can always just hang up; this is what I do as soon as they start flapping their lips. Healthy networking to all!!
    William Graham

  22. Pam

    Just wanted to update let you all and let you know that “Tom” from “Microsoft” never called me back on Tuesday as we had previously discussed him doing (as I suspected he wouldn’t…) Perhaps that is the secret here, to act as if you are skeptical then ask them to call you back, rather than just hanging up on them and them hoping or “preying” (yes, pun intended) on someone less skeptical or knowledgable to answer the phone…?

    Incidentally, anyone knowing the answer to my original question about if me verifying that my Class ID was in fact correct and in someway now makes me vulnerable to these cyber-bullies would be most appreciated. My guess is that unless I allowed him to actually access to my computer I am safe is what I am thinking but, would really like to be sure! Any techie- geeks out there who could answer my question or give me more information on the Class ID subject would be majorly appreciated !

    In the meantime, and until I know for sure, my computer has been placed in standby mode until I get an answer and can safely transfer the rest of my files/folders to my new computer “just in case” …

    Most appreciative…

    Pam.

    1. Ryan

      Hey Pam

      Don’t worry, that was just a tricky way of them to let your guard down. As long as you did not give them remote access to your computer, your files are safe to transfer!

  23. This is brilliant, I wish I had the patience to get so much info out of these jerks.

  24. DB

    Thank you David for this page. I was called this morning here in MN, and luckily I knew of the scam, so while he was going through the scare tactics and telling me what my “unique” license number was, I googled up this page on my MAC. I never started my PC, and used your page as a script. When he would ask, “what do you see on your screen?” I would randomly pick one of your screenshots and recite things from it. This had him going in circles, “please close all the windows and we will start over.” 45 minutes and two operators later, I had an incoming call and never went back.

  25. Judith Mewllet

    I was caught in this scam around 2 years ago. I live in Cape Town in South Africa. These people are really good and had me totally believing that Microsoft was being kind to me. So we did the whole thing with them “taking over” my computer. Lasted around 20 minutes!
    It was only the following day when I mentioned this to a colleague that I got the rude shock that my computer was now infected.
    Fortunately my bank picked this up and had blocked transactions from their side.
    I had such a fright and actually ditched my computer and stayed without a compute for a few months until I could afford to buy a new one. A good lesson learned and at a cost, but I am not nearly as naive anymore. :)

  26. Bunna

    I had fun with them tonight (sept 2014 Australia) told them my computer screen was displaying different letters no numbers and read them out : f u c k o f f. I then heard heaps if background laughter so he must have had a team listening. To his credit he persisting at which point I gave him a serve. Next time they call I’ll really teach them, I’ll put them on the phone to my toddler !

  27. Steven Graham

    I have had three similar calls in the last few days. I keep them on the line for as long as possible, on the basis that whilst they are talking to me then they will not be scamming some unsuspecting individual. Normally when they ask me to type Win-R or assoc in the cmd window and ask me what I see, I normally tell them that I just see four characters displayed …. S C A M. They get very upset at this point and start swearing.

    One claimed to be calling from Manchester, so I asked him the name of the local cricket ground. He got very upset at that point too. Then they tend to hang up.

  28. Fred Parker

    Every single day here in France we get a microsoft scammer, ive asked them to take me off there phone list, asked to speak to a supervisor, played along ,shouted and lost my temper , still they ring, id love to be able to get my own back.
    Fred ,Dorgogne 11.09.14

  29. Linda Podd

    Had a call today at 8.15pm from an Indian sounding man who said his name was Brett Adams, that he worked for a company called DNA who are authorised to revoke computer licences. He said mine was at risk if I didnt go straight online and go through certain actions with him to save my licence. I told him I was a police officer and my son was a computer programmer and insisted he told me what i need to do but I wouldnt do it with him on the line but for him to hang up and ring me back later. He kept trying to get me to use my computer while he held on. In the end he gave me a 32 digit code and other commands to put into my computer and told me he would ring me back in ten minutes. The code he gave me is the same one you mention above starting888DCA60 etc. I have not attempted to do this at all and needless to say he hasnt rung back!!!Today is Saturday 12th September weird for a Saturday night!!

  30. Basil Burgess

    I get these calls from time to time. I teach IS development but am not a security expert. This time I strung them along to see how the scam goes. I got to the part where they wanted me to use remote access software (legit software). As I did not want remote access, and didn’t think to start up a virtual machine (I happen to have one), I stopped them there. I reported the remote access key they gave me to the software company, but it looks like all they did was de-activate the key. I had hoped they would go further and identify the hackers. I suppose they did what they could.

    Thank you for your story. It explained something I had not known (the common CLSID). I know amateurs should not get tied up in such things, but I, too, would like to identify and bust these people. Another drop in a large bucket, but then a bucket can be filled, drop by drop.

    Cheers
    Basil Burgess

  31. Paul

    I received the same call, with Caller ID displaying “Unknown Name/Unknown Number,” so I was suspicious. But I wanted to have some fun and string the scammers along. I started with a woman with an accent, then was handed off to a man after she took me to the “Run” window. He took me to the point of typing “assoc” at a DOS prompt, but I had enough at that point. I told them I knew they were scammers from the very beginning and that they were idiots and scum, then he hung up the call. Less than 60 seconds later she called back, asking why I had hung up. I told her they were idiots and scum, and she started yelling at me “You are idiot, you are scum!” over and over again. I hung up this time and laughed at their pathetic ways. Next time I will tell him or her “Your voice is so sexy” and ask him/her a series of intimate questions in a low sexy voice (got the the idea from a “House of Cards” TV episode) and see how long they last before they hang up on me. Or maybe I will play the part of the drunk PC expert who slurs his words telling them where their descriptions of certain items, like CLSID are wrong. Anything that works to get them to stop calling my number.

  32. Bob Kent

    I received six calls today from these clowns. Most of the callers had such heavy accents I could not understand them. After hanging up repeatedly, I realized that the only way to stop the calls was to play along and cost them some time, so I did that with a caller whose English I finally could understand. I asked him to verify that he was receiving errors from my PC by telling me what my IP address is. Of course he could not do that but he tried — he read to me the 32-digit CLSID number mentioned in David Jacoby’s article. I then asked him who he worked for and he said “The Computer Maintenance Department.” For what company? “‘Fix My Computer’ in Nogales, Texas.” (Nonexistent, of course.)

    David Jacoby’s excellent article revealing identifying information about these criminals was written over two years ago and this scam is still going strong! Why? Why aren’t these extortionists in jail?

  33. VINCENT

    I got tired of these nearly daily calls so purchased a very loud whistle. I let them talk for a few minutes then I blow as hard as possible directly into the phone. At least they won’t be bothering any one else until their ears stop ringing!

  34. Helen Choy

    I got the same call just now 6:30pm 23 Sept 2014 in Sydney! They are still at it. How can we stop them?

  35. Patricia

    I just hung up after getting a call from a Fastsupport tech from my home phone (which is unlisted). Yet they knew my name. Actually spoke with two techs as I could barely understand their heavily accented english. I suspected that it was a scam call as they wanted access to my computer. One even tried to convince me that they could lose their job if anything were to happen to my computer to cause it not to function. I asked for their name and phone number which they didn’t want to provide until they had fixed my computer first. Yeah right! They hung up on me after I kept asking them questions.

  36. Patricia

    I couldn’t believe they tried to call 3 more consecutive times after they hung up on the initial call. I hung up on their last 3 attempts.

  37. debbie

    Just had one of these phone calls. I let him explain everything then I said that I didn’t have a computer at home as my husband has it at work. He then asked when my husband would be in. I said that it would be early morning. I then said that it was strange that my husband’s IT department hadn’t picked up the problem as it is a company laptop ( total lie by me!). He then said have a good evening and I’m sure he said thanks for wasting my time. I asked him what he said and he repeated ‘have a good evening’
    So glad he thought I had wasted his time cos it meant he couldn’t be conning someone else whilst I was wasting his time. At least I wasted 11 minutes for him!

  38. Copy-pasted from Atma.es:

    “In May-June 2014 several people in Spain was phoned from a fake Microsoft customer service. So far these are the numbers we got to know: 16077670057 and 15124511556. Beware also of 4935120443, 442033100000 and 18176499077.”

  39. Elena

    I have got a call today from a woman with a very strong Asian accent who insisted I went on my computer to perform some action with the pretest that my IP address was sending Microsoft some error message
    I have let her talk for quite a while letting her believe that I was going to do what she asked me on my computer, at which point she said she was calling her manager and then hang up. She then called again but i did not answer any more, now thinking about it I should have said her to get a real job!

    1. Pam

      Robert, that was awesome !!! I have to admit, I was kind of blushing on my end at some of the stuff being said but clearly, you a- wasted their time and b- ticked them off royally that they themselves were “scammed.”

      The guy (both times, unsure if it was “Vicki” both times but “he” lol, sure sounded the same) was clearly not even listening to a single word you said until you cursed them both out in the end ! Sorry to anyone who might have been offended by these calls (as I’m sure you Richard, would yourself admit that some definitely had to have been) but it’s almost like nothing else will stop them so really, what do we have to lose to do something along these lines ??? Maybe if we all just start stringing them along (with or without some of the more graphic details that you went into, lol…) maybe they will eventually catch on and stop calling us all knowing that they themselves are now being scammed back.

      What I found I think most hilarious about this whole thing was the yelling at each other – even the agent who called you – going on the whole time he’s talking to you ! Seriously, do they honestly think we are all that dumb as to remain on a call with this going on – even if we don’t have a clue what they’re saying?

      I’d be even more curious to hear feedback from anyone who speaks whatever language they’re speaking, as to what they’re actually saying in the background ! (Any translators please feel free to step forward…)

      Keep up the great work Robert !!!

    2. BILLY

      loved your conversation with that so caring Indian Michael ,I sort of did the same thing acting as if I was half deaf and had fun when he was asking for my credit card info ,I made a fictitious credit card number I could tell that he was getting excited ,then he would come back and say that I had give him the wrong number now this was going on for 45 minutes and I was in stitches,
      he would ask me to repeat the number so I would say for the number 3 I would say freeee & 6 for sex and so on, and if I was getting a bit tired as I fancied a cup of tea I would crumple a piece of tin foil over the phone and say we had a bad connection ,
      as you said Robert they have no soul

  40. David

    How and who do you report these phone numbers to? The scammer got so lazy to not even block his number in caller ID. He even gave me an 888 number that worked. So they are investing in the scam. They call I got was today (Sept 2014), so it must be working. They tried to do the same steps as listed.

  41. Helen

    Good Work Robert! I loved it.
    We are in Sydney Australia. They called yesterday during lunch and my son (18 yrs) said “What computer? We don’t have a computer” and hang up.

  42. Kim

    I get these calls in cycles and always have a little fun (wasting their time)

    “my keyboard is really old and I can’t see any of those keys they are asking for

    “please help me – but I don’t speak English”

    “Robert called last week and we fixed my computer”

    and if I can’t have fun – “I don’t have a computer”

  43. Anjum

    I got a call from Peter Smith (v thick Indian accent) from Microsoft Technical support this afternoon. Got the BS about how the internet gate on my PC was not protected and so cybercriminals and hackers are using my machine for illegal activities and i could be a victim of identity theft. And as per UK federal law (really??!!) i could be held responsible. He wanted me to log on and check the CLS id. I told him i could not access the machine and i’ll call him back. The number he gave me was 02081332538. Kept insisting he would call me back when I had access to my computer. Kept asking me loads of questions about my name and who else uses the machine and what their names are. I refused to give him the details and said i was uncomfortable. Would check out what this is about and call him back when we are ready.

    It was lucky i answered the call – usually my parents/grandparents would and they would not likely do all this checking. These people ought to be caught if they are indeed cheating innocent people out of a lot of money. Any idea who we can report such things to here in the UK? thanks a lot!

  44. BILLY

    I just got a call this morning from an Asian operator with a Indian accent, saying that they were from Microsoft and that my computer was infected ,so I acted like I was a very old man aged about 96,after a bit fun saying that I was deaf he asked me to switch my computer on and say what was on the screen ,so I did I told him that I had a picture of a church, he said what ,I said I had a picture of a church a place of worship, well I do not no what upset him but he called me a f*$£!£g idiot and put the phone down, so I pressed the number for last number caller, this is the phone number 001003451 .plus I asked where he was from he said Sydney come off it tell me another one you idiot,

  45. babrry

    Just tell them you don’t have a computer End of !!!

  46. ducky

    Well i just got a call on 10-10-2014 from a windows company from sunnyvale california phone #408-757-0112. well i fell victim of them basically the same thing as described above. but they wanted to charge me $120.00 and i couldn’t afford that much. is there some way to get our money back. also i noticed on my online bank the money went to canada. i should check into my bank and file a grieveance. any suggestions

  47. Michelle

    I got a call from “Peter” this morning at 1-245-897-6589 and he asked about the Microsoft computers in my house. Having been an IT professional–system admin, system engineer, and systems and software security officer, I knew that this was not a legitimate call or request. So, after messing with him and asking him which Microsoft computer and how many I had, he began to get angry and impatient. At this point I made a made a friendly suggestion as to what he and his mother could do to themselves, at which point he angrily returned the sentiment and hung up. Oh well, you just can’t please some people.

  48. Jay Pascarella

    looks like this is still going on. I just received a call today 10/15/2014 the interesting thing is that I had placed a support request into Microsoft for Office 365 earlier today but had ended up resolving it myself.

    The gentleman with a deep Indian accent called from an unknown number (I wish I was prepared as I would have asked for a number and then lit up their call center with inbound calls from a war dialer. Insisted that my machine was infected. I asked him several times if he was from Microsoft and also told him that Microsoft doesn’t ever call customers in this fashion he then changes his story to say he was from a company Microsoft had hired.

    He asked me to bring up the run command using the windows hot key when I asked if he wanted me to run a program he asked me to type cmd. So playing along I did and he had me print out the clasid association. At which point I told him this is was a class ID and not my machines license number. He got angry and was insistent that it was I played along some more to see how far he would go and he asked me to run event viewer. He didn’t say what it was so I asked him you want me to run event viewer so I can look at events in my logs and he said yes. Then he told me that all of the red and yellow icons meant that my machine was infected (nice try if you don’t know this stuff) and that if I clicked on anyone of them they would multiple and make the problem worse.

    I then told him that he was full of it as this is typical behavior and the warning message about a disc not being in my DVD drive was not a virus. I will give him credit he proceeded to argue with him at which point i laid in to him letting him know that I was an IT Professional with a security background and that if he called again I would contact the police (I also used a couple of choice words to describe what he was doing and his character). I really wish I could have gotten him to give me phone number and a real company name so I could turn it over to the authorities.

    I could see my in laws who are older and both use a computer as getting caught on this one. Hopefully they will get caught and pay the price.

  49. Gary Kemp

    Happening in Africa, too.

    Got a call today saying my PC had logged a critical virus with their “Microsoft Service
    Centre”; the lady (of Indian accent) was very efficient and directed me via the MS-Start button, right-click Computer, Manage, Computer Management, to Events viewer where lo and behold to a log absolutely filled with critical
    errors.

    Coincidentally just an hour before, a website had prompted me to update my Java-version,
    where I blithely clicked OK to all the User-permission and Terms-&Conditions prompts in
    blind faith that the link provided was a bona fide Java mirror.
    So -panic attack (I’m an old fart, and not prticulrly computer-literate).

    Urging me that my PC was on the edge of self-destruct, the lady directed me to the
    RUN-prompt, and patiently spelt out what I needed to type in there – “www.supremotecontrol.com”.
    Alarm bells rang; the fact that she had asked whether it was a work- or personal PC, what
    operating system I was running (surely my PC would have logged that information with
    Microsoft?), that she had phoned me on my landline whilst I had bought the PC from a
    store with Windows preloaded (never the two to meet).
    When pushed, she said they were Help & Secure, a Cape Town-based contracted agent for
    Microsoft.
    I offered to call her back; she didn’t offer their telephone number…

    Needless to say, I started researching the issue, and found your site.

    1. E. Speike

      Is this yet another scammer?

      PCCZARS Support

  50. Gandalf the Grey AND White

    I had a fun conversation with one of these guys on Monday. After a while, it went something like this…

    Me: Where did you say you were from?

    Him: Australia, but I live in San Diego.

    Me: You don’t sound Australian. You sound Indian.

    Him: Well, I AM Australian and I have an Australian driver’s license and my name is on my Australian driver’s license!

    Me: Uh-huh. So why do you sound Indian?

    Him: I went to the University of India so maybe I picked up an accent!

    Me: Interesting. I don’t know of anyone who goes off to college and leaves with an accent.

    Him: I don’t like you insulting me!

    Me: I don’t like you scamming me.

  51. laura

    They have been pestering the hell out of me…The last I heard from them <I told them that I would contact kaspersky and norton and give them their number so that they could resolve this issue. then I blocked their number.I could only tract their account as far as north florida.

Leave a Reply

Your email address will not be published. Required fields are marked *