Im pretty sure that most of you guys know about the recent phone scam which is circulating right now. They have been calling a lot of people in countries such as Germany, Sweden, the UK and probably more. The scam is pretty simple; they pretend to be from a department within Microsoft which has received indications that your computer is infected with some malware. They will then offer (for free) to verify if this is the case. If the victim agrees on this, they will ask the victim to perform certain actions, and also type certain commands, which will trick a non-experienced user that the output is actually showing that the computer is infected.
I just want to mention that there is no such department at Microsoft, and they would never call up customers offering this. So if you ever get a call from Microsoft stating that there are some indications that your computer is broken or infected – please hang up!
Well, they have called me several times, and finally Ii got fed up with this and started to play along. At the same time I had my virtual machines running and was recording everything that they were doing. The goal was to find out who they were and exactly what the scam was. Luckily I was able to get hold of information such as their internal IP addresses, the PayPal accounts used to wire money and the numbers they are calling from.
Lets pretend for a while that you have received the phone call, and you are playing along with the whole idea that your computer is infected. Their next step is to try to convince you that your computer is infected. This will be done in several different steps. Please find the steps below, including screenshots below:
- They will explain that your computer is only working with VERY low resources because the infection is consuming everything. This is completely wrong. What the picture actually shows is that your computer is only using very little resources at the moment.
- They will then open up the Event Manager to try to identify errors, warnings and other information that can be used to trick you into thinking that the computer is infected. The event viewer does show error messages, but not directly related to an infection. Almost all computers have errors in the log files, especially if the computer has not been re-installed lately and is running a lot of programs.
- At this point they are really pushing the idea that the computer is infected, and what needs to be done now is for you to confirm that your computer is actually the computer they have in their reporting system. They will then try to associate your computer with a unique number; a number they call the Consumer License ID, known as the CLSID. But the CLSID is actually a Class identifier. In the picture below you can see which program or CLSID an specific file extension is associated with. They will then ask you to execute the command assoc in a DOS prompt, and then ask you if your Consumer License ID is 888DCA60-FC0A-11CF-8F0F-00C04FD7D062. This is actually the CLSID for the ZFSendToTarget file extension.
- At this point they have not just tried to convince you that the computer is infected, but also that the computer that they are seeing in their system is actually your computer. They will now ask you to execute yet another DOS command called verify. They state that if the output from the verify command is off it means that your computer license is not verified. This command has absolutely nothing to do with your license, it only allows you to enable/disable operating system verification that data has been written to disc correctly.
- They use a Remote Administration Software called AMMYY. I had never heard of this software before this incident. It seems pretty straight forward and legit. From a unique ID they can connect to my computer and work with it. I could also see everything that they were doing. An operator with the ID 10878203 connected to my computer, and below is the permissions that he/she requested.
- At this point the administrator connected to my computer and was able to use it. He opened up the Certification Manager and selected an old certificate. I still had the woman on the phone, and she explained that the operator had now found out that my computer had not been updated since 2011 because of this invalid certificate.
- Now things started to get really fishy, they told me that the only solution for this is to activate my system and also to install security software which will protect me against viruses, malware, Trojans, hackers and other things. She asked me on the phone If this is what I wanted to do, and said that if I do want this the operator would fix my computer and also install this software. She said this would only cost me about $250 USD.
- The operator then installed a program called G2AX_customer_downloader_win32_x86.exe from the website www.fastsupport.com. When this was done a chat popup came up. It was a person with the name David Stone who informed me that my computer was no longer at risk.
- They then told me that since I agreed to getting my software updated, I now have to fill out a form and pay $250. They then opened up a PayPal form. I was able to collect several different PayPal accounts including: ukfastcare@gmail.com and ddkcare@gmail.com
- Since I knew that this was simply a scam I wanted to see if I could get some more information about these people. So I tried several times to enter fake VISA and MasterCard information and also said that I dont have the ability to buy things on the Internet with my card. They got quite frustrated with me at this point. I then asked them to visit a website, which I pretended to be the website of a friend who I know has put his card information on a website.The website is actually only a textfile containing a static text: Hi, please connect from a different IP since your behind a proxy
-
We tried several times from my computer, using different browsers, but then I asked them to check from their site, and to my surprise they actually did. I was looking in my log file and as soon as they connected I got their IP address 🙂
101.xxx.xxx.197 – – [01/Aug/2012:13:44:31 +0200] “GET //.txt HTTP/1.1” 200 413 “-” “Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0.1”
- At this point I also just disconnected from the phone several times when we were talking, because I wanted to see which numbers they were calling from. I was able to collect the following numbers: 00441865589771, 008028, 002127773456 and also a hidden number.
At this point the woman I was talking to was screaming OH MY GOD! in my ear, she was super upset that my license was not verified; according to her this meant that no security patches could be installed. She then suggested that the next step was to allow a technician to access the computer and fix all these problems.Of course I allowed the technician to do so – I was running everything in an empty virtual machine 🙂
After collecting all the information, i have now contacted all the appropiate people such as the security team at PayPal, various law enforcement agencies with the hope that we can stop these people. They are stealing alot of money from innocent people. I know that people have been warned about these scams, but my conclusion is that they are still calling people because they are still making money out of these scams.
The software that they were using was not malicious in any way, which means that no security software can detect these types of scams. This is one of the main reasons for this article and others like it – we need to keep informing people about it until the cybercriminals are forced to stop.
Trying to unmask the fake Microsoft support scammers!
Genevive Derroitte- Meex
Bonjour, c’est la première année que j’ utilise Kaspersky Internet Security et je suis très satisfaite de tous les services. J’ ai 67 ans, débutante et je suis très intéressée par vos informations. Bravo et merci à tous. Cordialement, Geneviève.
Carol
Is it possible that these scammers have put an insert into computer and printer boxes. I just purchased a new printer and computer. I couldn’t connect the printer to the computer so I called the number on the insert. It basically did pretty much as you describe in that they logged onto my computer and looked at it and told me that I was part of the mass hacker USA. They googled that and showed me 2 million people were hacked that I was not alone. They showed me files on my brand new computer and that it had been logged in by 6,984 x (I just got the computer the day before). I knew nothing about what they were saying (she was from India I believe) couldn’t understand half of what she said but for $299 (a discount for being a customer) they could transfer me to Microsoft’s Anti Hacker Experts who would do several things, basically get rid of the hackers, protect my banking information, protect my computer, etc etc etc. Now remember, I called THEM. Is it possible thjis was legitimate? I’m over 60 and one of those people you are worried about 🙁
Lois Glanby
I have been targeted as a victim. I have Guru Aid on contract for Technical Support. They had just tuned up my computer. I got these pop-ups which were very hard to remove from “Windows” that a Trojan horse virus had infected my computer and several others. I was immediately suspicious. I called the number listed. I talked to a woman, scolded her for a scam as I just had my monthly computer tune-up. She remained professional. I told her this was an extreme annoyance. We hung up. It didn’t stop. Still received pop ups and phone calls. As I am typing this report I am receiving pop-ups of Microsoft technical support. Thank you for your posts on the internet blog. My suspicions are confirmed. I have two reliable sources for technical support that I have used for years. Guru Aid and a local office supply chain. Today is October 24, 2014.
DeWen Kight
Sadly to sad they got me for $250.00 last night, using the exact same popups as you described here.
Danny williams
Guruaid is also one of them, and its an scam. please do not pay them any amount and if you had paid then go for a refund or a chargeback.
Black
New scam. They called to tell me that they needed to RETURN my $199, as I was on a Mac and Not Microsoft, and they needed to return my $199. Thick Indian voices, lots of background noises, I told them I could not hear them and it got better. I asked them to just credit my credit card account. They asked me to open my bank account and they would send the money to my account, and I could see it going into the account. Wow! So they did! But they returned $1,199 to me instead. Did they goof up? They said yes their accountant made a mistake–he is 75 and doesn’t see too well. Well, there it was. An extra $1k. I couldn’t take that from them. Oops! They noticed that! So how would they like me to return the money? Just go down to nearest Walmart, or Moneygram and forward the money to them, take off $60 for my trouble. They went into my bank acct, got a cash advance from my credit card account, moved $1,199 into my checking and it llooked like I received $1,199 from them. Then they wanted me to send them $940. I called my banker and we figured that one out. They had done work a month earlier and said that they had over charged me. I have had to change lots of computer, bank and other passwords. DO NOT BELIEVE THAT THEY ARE RETURNING ANY MONEY TO YOU!
Roger
Unfortunately there are lots of people who get scammed by these Indian’s citizen. Which makes me think whether they all a part of a scammer group of something.
Even if you need a support for a software or any hardware related issue you should never reveal any personal information to these guys.
A Security company will never ask you for these over the phone or even remotely access your computer. Remember when accessing your computer from a remote location, they could be retrieving personal information through terminal window or even without visual action.
I recommend people to search for a local tech support or tale your computer or laptop to the nearest Software/Hardware shop.
For people like these the real support agents face a hard truth and difficulties to perform their jobs.
Judy Nichols
just got rid of them today!!! I have been receiving many calls for at least a month. They have been tenacious. I am female so they may have had better luck with intimidating women. I have an answering machine for my online business. They learned to hang up before the recording. As I am writing this they just called; waited for my answering message; then said hello. I thought I had finished with them this morning when I said that I am an IT Engineer-they hung up. 2:00- they just called again. I told them that I knew all about them, They hung up How do I get them to stop calling???????????? Judy Nichols
chaz
I like to keep them on the phone as long as posable without giving out any important information.Record so far is almost 30 minutes.
TheKLB
I got them for 1 hour and 20 minutes the other day! Fun stuff.
greg
Dangit!!! I thought I had done well at almost 19 minutes… I told them that bad porn was the cause of my computer problems and then played a movie for them while I commented what was going on… they finally gave up! Lol…
Denise
That’s Awesome! Wish I would have thot of that. I love it
david gindel
why wife got this scam today on google chrome said u have a virus call us to remote access your computer. thank good she has a brain and called me but they made it look like Microsoft and acted like they were with them. checked my anti virus which is Kaspersky. It say no treat no virus. (also is that a got antivirus) family member told me to get.
this is very shady Microsoft need to get involved. also now explorer edge some new thing is sometimes using 5k of memory.
don’t know why if this has something to do with thanks DG
joey sun
thanks for the posting. there are still people calling and using the same scam. it happens to me today Jul 17, 2014.
Kosha Kumar
Still people calling today in the USA. I got one on November 26, 2014.
Kelly
I just got the phone call today August 18,2016 he got so nervous when i said i will go to a computer store to get my computer checked out cause i told him his Indian accent was too strng n i couldn’t understand it he kept saying no no we can fix it over the phone the preceded to connect me to another person i guess hoping i would be able to understand him better i had them spell out the website fastsupport.com very very slowly just to annoy them n kept saying can you repeat that i can’t understand you i had him on the phone for 15 minutes just repeating every thing he was trying to say then i went on to fastsupport.com n told him what the site options were then hung up on him the number he called from was 1-732-958-3492 after i hung up on him i tried t call it back n i got a message from verizon saying my call can’t be completed i guess they can’t recieve calls
tim
09/09/2016
Just had a similar experience, but was solicited by pop-up on MS Edge. Told to call their # or my hard drive would safety delete in 5 mins. Was told to log on to fastsupport.com and download GoToAssist launcher. I refused and was told my computer was “doomed”. The “certified windows technician” called back immediately after I hung up. Very thick Indian/Pakistani accent. Tim
D Daniel
This has been going on for years. Microsoft makes money when you call their actual number Microsoft charges 150,00. This is not an easy scam for non security people to recognize.
Richard Beeden
Hate to tell you this David but they are still at it in the UK and it is now July 2014. Got my call yesterday when my son answered and they phoned back today. Very plausible. I stopped at the point he wanted me to run an exe file and said I wanted to investigate and to call back in a couple of hours. We will see if he does.
Good try on your part though.
bert
got me yesterday now they put a password on and I cant get in do you know what to do
vivienne
Try this let your battery go to completely 0 the computer will shut off by itself. Then plug it up to charge, turn it back on you should see the screen display name press on safe mode. Now you are going to have to restore your computer back couple of days prior. Before receiving their call and illegally accessing your computer. They did the same thing to me. I had to restore my computer to a later point, before they accessed it. The bastards keep calling me. If you can scrub the
deleted. That you know you won’t need at all
Bob
Howndo you restore it?
Harry
To get rid of the password, just hit F8 while booting then choose restore from an earlier date. All their krap will be gone.
Ricko
Several calls about this. did assoc on several computers (remembering they should all be the same) while I strung the guy along. After that, I asked how they could all be the same? No reply. Then I politely told him I knew this was a scam as I am an IT person (I actually am) and told him never to call back. If he did I would track the number and sue his ass. Not sure how the bozo got my number (possibly random or some kind of list). This is something I would not fall for as I was pretty sure the item number was the same .. Glad for the explanation about what it is. Next time I will have more fun with it.
Charity
Got a call last night from 406 266 4910. he slipped up and gave me two different employee IDs when I said I didn’t get it the first time.
Christine Ekin
Thanks for this information, just had a call from a scammer and asked him to identify my computer ID he gave me the exact number as above!! He then offered to talk me through finding this number on my computer so I would know they were legitimate but luckily found this info on my I pad while talking to him and refused to connect to my computer. Kept him talking for a good 15 minutes and then told him I knew he was a scammer at which point he was very unhappy that I had wasted his time(shame) !! Operating in the UK July 25th only worry was that he also knew my home address!!
roy west
I told the caller that I did not have a computer and he called me a liar and that he had my pc licence number I said well he must have been scammed, he got very angry and I hung up
Jim Frederick
Just got the same call. 7/28/14 4:30 pm
Nicole
Jessie called me last night, I was sure it was BS, I told her I could not open my computer, she said WHY? not near it, I’ll call you tomorrow, she did. Feed me the same garbage about a secure number she will provide for me. Then I told her I been using a computer at the public library and I don’t have a computer of my own anymore. I live in the US, this happens frequently. I block the number but they regroup and start calling back from another area code. 845-582-8204 current number, Hell , I was Laughing out loud for real as I read this, $250, they trying to Scam,,,, I paid 200 for this laptop I’m on.
Kimberly Bentley
Approximately a year ago my husband called me at work. They had convinced him. He followed along to a certain point but knows little about computers. He told me as soon as I got home I needed to call them back and get my computer fixed as he didn’t understand all of the commands they were requesting him to do. My poor husband, I yelled at him and told him the best course of action was to throw my tower against the wall as hard as he could!! Obviously I was very upset!! They still cost me money though because I chose to replace my hard drive. My Husband, as I stated is almost computer illiterate and is also 60 yrs. old. I worry that the older generation is still being taken advantage of!! The phone rang several days ago and I heard him say “Microsoft doesn’t call people, quit scamming people!!” I said good job!! Obviously still going on in the U.S. These criminals must be stopped!!!! If he can believe it, many more can. He knows little about computers but is above intelligence.
can not believe it
It is April 2016 and still going on. But no phone. They went right in and frozen my computer. I stupidly called the number on screen. Yup I did. I even let them in. Paying for it now. And I just purchased computer. It was 2wks old.
Denise
Just happened to me today. They froze my computer (via Safari browser somehow) then a window popped up with a phone number for support to call because I had a supposed virus. I called them & the minute they wanted money I said I’m gonna investigate & I’ll call u back. Then I hung up. All these posts just verified my instincts were correct….Scammers!!!!
Bridget
I just got the same call, 2:30 on Aug 4. It sounded off from the start although he said several times he was calling from Windows Service Center. Fyi, when I told him I had to call back since a client was about to arrive, he gave me this number: 347-227-6900, x137, James. I don’t plan to call. And it did looked like a 213-3370014 Teleservice # on my in-coming call list.
Charlie
These people call me regularly. Now their calls are from “Private Number” or “Overseas”, and I don’t answer them. Unfortunately legitimate callers are missed, to, but they could leave a message.
Tom
I was contacted by these guys this morning. I had been contacted many times before but when I told them I knew they were not on the up and up they stopped calling. This morning they used the CSLID part. after a few minutes I told him I was tired and hung up. He called me back ant told me what a MF’er I was for wasting his time and he called me a few other choice words and hung up. I don’t know how to stop these guys but they sure showed their unprofessional side. Maybe put them on mute ant let them ramble on.
Thanks for your time
Andres Bott
You are my new HERO!!, i wish i had the pacience to deal with this people.
my call ended really fast as i told them i’m using Debian. 🙂
DAVID ROBERTS
Phoned me last night -12/8/14. Deep Indian voice, convinced me the PC was infected. told him I was uncomfertable to proceed with call. asked to speak to his line manager. One second later (ie same bloke, deep Indian voice) pleaded with me that he was genuine, the call was being recorded, that he was based in London and his name was Richard Cooper.Said their website was www-/e-mantra.co.uk. I said I would call him back. He gave me this number 0844 740 6976.
Don Johnson
8/15/14 They are still operating in the United States. I received a call form 215-555-9874. I knew right away it was a hoax, but kept him on the line over 10 minutes until I got tired of talking to him and siad I knew it was a scam and he hung up.
If we keep them on the line then they are not calling someone else who might fall victim to their scam.
I have reported it.
Pete Hagerty
How do we report this? It is still happening in the US. I was called last night. They claimed to be associated with Microsoft, but said they were NOT actually “Microsoft” when I asked for clarification about who they are. They said that my computer was generating a lot of error messages and needed to be fixed, that they would walk we through the fix if I had time. The man was definitely Indian. When I said that I was in front of my computer it sounded like he transferred my call to a technical person. The new guy, much more Indian accent, asked me to run cmd to get to the command prompt, then run assoc. I asked why to run that and he said that it would give him the CLID that he needed to confirm what he was seeing on his screen. I didn’t want to run it because I wasn’t sure what it would do and I didn’t want to confirm anything for him. Instead I asked what number he saw on his side. After some arguing he finally gave me the number, the one matching the number in the post above. I finally told him that I ran the assoc command and the number on my computer didn’t match and I hung up. Stupid Scammers. Bottom line is that they are still operating in the US.
The call came from New City, NY. 845-263-1230.
Dmendez
Just happened to me also. August 16, 2014. After I refused to give him any information, he got extremely upset. I told him not to call this number back and he hung up on me. He called me from a number out of Florida Jupiter. The phone number was 561 745 5427. He somehow knew my name but he screwed it all up. Please be very careful people!!!!
Dorothy
caught me today. Thought it was on the up and up as I did have someone hack my computer recently
George
I was called today – from 101-275-0501. Same story about Microsoft support calling to help me due to all the error codes my computer is generating. After showing me the number of “errors” on my computer I was connected to another operator (both with heavy Indian accents and supposedly from California) who tried to get me to connect to http://www.fastsupport.com. I figured it was a scam and went my way. I googled to see if I can find out how the scam plays out.
Thank you.
Bob Martin
those guys call me almost every day for a couple of years now. it’s pretty annoying but i have a lot of stress so i use the opportunity to have somebody to yell obscenities at to let off steam. they seem to enjoy it too and they never give up, they have no soul.
tony
they called me and it was a girl, so i went along with it for a while, and she thought she had a big fish on the line till i started asking her if she tells her mommy and daddy what she does, lol then i said your daddy would be so disappointed what a shame lol again then she was freakin out and finally hung up …….
Dynese
Received 1st call asking for my husband who was not available. Asked may I help you, Sir. He gave same error reporting issues from my computer. They were from Microsoft Support, providing anti-virus services to Windows owners. I asked what was the cost. Eric Martin (his name-Indian accent) stated it was a free service from Microsoft. I actually am a Mac User (3 in the home) which are my babies. I know very little about PCs, which there is a laptop and a desktop in my home, as well. He kept insisting that I get my PC in front of me and find the “ctrl button” and the button with the 4 window flags. Press both same time. I pretended there was no windows flag on my keyboard. He kept urging me to locate it. I said “Hold Up! I really don’t need this b’cuz there aren’t any viruses on my equipments.” Oh yes ma’am they are invisible.” Only our software can detect them. I asked for their company name & website info. He first said that they couldn’t give out their company’s info, but after me badgering him for something, He gave me SOUTH END PC SOLUTIONS. #210-888-9112, Web site as http://www.southenterprises.net. He asks now to locate the CTRL button and the 4 windows button. I said I wanted to check out their site. Eric asked could he call me back later tonight or tomorrow. RED FLAGS really started flying in my head. I said ‘How do I know that you’re not a HACKER. That’s when I asked several times for a number. Long story short, I told him I wasn’t interested, hung up, got 3 more harassing calls. Threatened we were recording the calls for the Police and they were not to call my number ever again. No calls after that. I did ask if they were so legal/legit, why call people with “Unknow Number” or “Name Unavailable” and if a number does show and you call it back you get this number is not in service. No answer to that. The last caller tried to appease me with charm and I really like your voice, etc. CRAP!!!!!! What a HOAX. People Please Spread The Word. Be Careful!1
Pam
I too was a victim of these scammers, almost anyway…Called me today stating that he “Tom” was from Microsoft support and had been receiving tons of error messages from my computer. Was initially suspicious given his accent and stated as much and he agreed, “yes, you can’t be too careful nowadays.” Asked again why he was calling me and about which computer and he sounded almost thrilled stating “oh, you have more than one computer?” Asked if he could tell me which computer it was which he couldn’t, so I went to my laptop (which was already having major issues in addition to fan running constantly so I was somewhat taken that this might be a legitimate call…) He asked me to go to a command prompt and type some command (don’t recall exactly what sorry) and verified my Class ID (?), reading it off to me and since it matched what was there, I felt a little more at ease. He also told me “never give this code out to anyone!” He then had me go into event viewer and uncheck several boxes which left only the warnings and major alerts. He then had me read the number of events listed out of “how many total” and was very upset with how many there were, stressing even more why I needed his help. I asked why he cared, further questioning was it “clogging up Microsofts servers or something” obut he didn’t respond, only insisted that I allow him remote access to my PC to fix these issues. I again asked the same question, but more so stated how confused I was since this was a Windows XP PC and that I thought MS no longer supported this? (I had also asked several times during the call what OS the PC with problems had was running, which is when he had me pull up the Class ID, stating that he was not able to see my OS, just that it kept sending all these error messages to Microsoft…)
I asked one last time why it was an issue that my laptop was sending these warnings, and also expressed that I frankly didn’t care much since I would shortly be decommissioning the laptop anyway as I felt it was going to die, which is why I got the replacement desktop. Once again, he could not answer my question so I tried a different tactic. I asked further about his employment with MS. He stated now that he did not actually work for MS, but rather was “contracted by them” to call Windows customers and fix their problems, then asked if I wanted to disconnect this call. I stated that no, I was not there yet but was still skeptical, and asked if he could provide me the name of the company he worked for and how much this was going to cost me to “fix” these problems. He stated that he worked for Sach Solutions out of “New York” and that it wouldn’t cost me anything for him to fix my problems. The only cost involved would be “if we can’t fix the problem on our own and need to use a tool to help repair it.” Gotcha, I was done… I asked him to call me back tomorrow (a Saturday) to give me time to research this potential scam (which I of course didn’t say to him) and he said “business hours please” so I said ok, since Monday is a holiday, how about Tuesday? He said ok and would call me then…I am now for sure going to have some fun with “Tom” , if he even calls back…!!!
My only question is, if anyone can answer if I gave him access to anything by agreeing with him that my Class ID was in fact correct by verifying it was what he said it was?.. Should I simply decommission my laptop TODAY or was this just harmless by verifying this???
Any advice would be appreciated, thanks!
Pam
Enrique
I just received a call from “David Billsen”, deep indian accent, talking bad spanish, I’m living in Madrid where he called. We started talking in English. When I asked where was he calling from, he told me that from the Microsoft Headquarters, in Florida. When I told him MS HQ are not in Florida, he told me that these are special technical support headquarters. Then I asked him to give me my computer’s details, brand, operating system, configuration… He was unable to anwser so he told me he could not give confidential information. When I told him I have a Macintosh computer he got nuts and then we ended the conversation.
Callers ID: 00300000000000 September 1st 2014
William Graham
Someone with a caller I/D of Robert Fuller called me yesterday, stating that he represented Microsoft Corporation and my machine was sending out malicious software. I have been working with PC’s and computers for over thirty years and know a scam when I hear one. This is the eighth time they have tried to scam me and it is very irritating. I thank you for your informative article disseminating information that people less knowledgeable really need to know. Putting them on a virtual machine was a good move(wish I would have thought of it), oh well. Just remember you can always just hang up; this is what I do as soon as they start flapping their lips. Healthy networking to all!!
William Graham
Pam
Just wanted to update let you all and let you know that “Tom” from “Microsoft” never called me back on Tuesday as we had previously discussed him doing (as I suspected he wouldn’t…) Perhaps that is the secret here, to act as if you are skeptical then ask them to call you back, rather than just hanging up on them and them hoping or “preying” (yes, pun intended) on someone less skeptical or knowledgable to answer the phone…?
Incidentally, anyone knowing the answer to my original question about if me verifying that my Class ID was in fact correct and in someway now makes me vulnerable to these cyber-bullies would be most appreciated. My guess is that unless I allowed him to actually access to my computer I am safe is what I am thinking but, would really like to be sure! Any techie- geeks out there who could answer my question or give me more information on the Class ID subject would be majorly appreciated !
In the meantime, and until I know for sure, my computer has been placed in standby mode until I get an answer and can safely transfer the rest of my files/folders to my new computer “just in case” …
Most appreciative…
Pam.
Ryan
Hey Pam
Don’t worry, that was just a tricky way of them to let your guard down. As long as you did not give them remote access to your computer, your files are safe to transfer!
Nilay
What if you let the person remotely control your pc for a short while? I am planning to back up my info and format my pc. But i do not know if that fixes the problem. Could anyone help me with that. I normally do not fall for these scams but it is matter of panic. The moment i realize that person kept just talking how bad the situation was and i needed to pay like $500 to fix it i realized it was a scam and I was the main actress.
Julii in England.
This is brilliant, I wish I had the patience to get so much info out of these jerks.
DB
Thank you David for this page. I was called this morning here in MN, and luckily I knew of the scam, so while he was going through the scare tactics and telling me what my “unique” license number was, I googled up this page on my MAC. I never started my PC, and used your page as a script. When he would ask, “what do you see on your screen?” I would randomly pick one of your screenshots and recite things from it. This had him going in circles, “please close all the windows and we will start over.” 45 minutes and two operators later, I had an incoming call and never went back.
Judith Mewllet
I was caught in this scam around 2 years ago. I live in Cape Town in South Africa. These people are really good and had me totally believing that Microsoft was being kind to me. So we did the whole thing with them “taking over” my computer. Lasted around 20 minutes!
It was only the following day when I mentioned this to a colleague that I got the rude shock that my computer was now infected.
Fortunately my bank picked this up and had blocked transactions from their side.
I had such a fright and actually ditched my computer and stayed without a compute for a few months until I could afford to buy a new one. A good lesson learned and at a cost, but I am not nearly as naive anymore. 🙂
Bunna
I had fun with them tonight (sept 2014 Australia) told them my computer screen was displaying different letters no numbers and read them out : f u c k o f f. I then heard heaps if background laughter so he must have had a team listening. To his credit he persisting at which point I gave him a serve. Next time they call I’ll really teach them, I’ll put them on the phone to my toddler !
Steven Graham
I have had three similar calls in the last few days. I keep them on the line for as long as possible, on the basis that whilst they are talking to me then they will not be scamming some unsuspecting individual. Normally when they ask me to type Win-R or assoc in the cmd window and ask me what I see, I normally tell them that I just see four characters displayed …. S C A M. They get very upset at this point and start swearing.
One claimed to be calling from Manchester, so I asked him the name of the local cricket ground. He got very upset at that point too. Then they tend to hang up.
Fred Parker
Every single day here in France we get a microsoft scammer, ive asked them to take me off there phone list, asked to speak to a supervisor, played along ,shouted and lost my temper , still they ring, id love to be able to get my own back.
Fred ,Dorgogne 11.09.14
Linda Podd
Had a call today at 8.15pm from an Indian sounding man who said his name was Brett Adams, that he worked for a company called DNA who are authorised to revoke computer licences. He said mine was at risk if I didnt go straight online and go through certain actions with him to save my licence. I told him I was a police officer and my son was a computer programmer and insisted he told me what i need to do but I wouldnt do it with him on the line but for him to hang up and ring me back later. He kept trying to get me to use my computer while he held on. In the end he gave me a 32 digit code and other commands to put into my computer and told me he would ring me back in ten minutes. The code he gave me is the same one you mention above starting888DCA60 etc. I have not attempted to do this at all and needless to say he hasnt rung back!!!Today is Saturday 12th September weird for a Saturday night!!
Basil Burgess
I get these calls from time to time. I teach IS development but am not a security expert. This time I strung them along to see how the scam goes. I got to the part where they wanted me to use remote access software (legit software). As I did not want remote access, and didn’t think to start up a virtual machine (I happen to have one), I stopped them there. I reported the remote access key they gave me to the software company, but it looks like all they did was de-activate the key. I had hoped they would go further and identify the hackers. I suppose they did what they could.
Thank you for your story. It explained something I had not known (the common CLSID). I know amateurs should not get tied up in such things, but I, too, would like to identify and bust these people. Another drop in a large bucket, but then a bucket can be filled, drop by drop.
Cheers
Basil Burgess
Paul
I received the same call, with Caller ID displaying “Unknown Name/Unknown Number,” so I was suspicious. But I wanted to have some fun and string the scammers along. I started with a woman with an accent, then was handed off to a man after she took me to the “Run” window. He took me to the point of typing “assoc” at a DOS prompt, but I had enough at that point. I told them I knew they were scammers from the very beginning and that they were idiots and scum, then he hung up the call. Less than 60 seconds later she called back, asking why I had hung up. I told her they were idiots and scum, and she started yelling at me “You are idiot, you are scum!” over and over again. I hung up this time and laughed at their pathetic ways. Next time I will tell him or her “Your voice is so sexy” and ask him/her a series of intimate questions in a low sexy voice (got the the idea from a “House of Cards” TV episode) and see how long they last before they hang up on me. Or maybe I will play the part of the drunk PC expert who slurs his words telling them where their descriptions of certain items, like CLSID are wrong. Anything that works to get them to stop calling my number.
Bob Kent
I received six calls today from these clowns. Most of the callers had such heavy accents I could not understand them. After hanging up repeatedly, I realized that the only way to stop the calls was to play along and cost them some time, so I did that with a caller whose English I finally could understand. I asked him to verify that he was receiving errors from my PC by telling me what my IP address is. Of course he could not do that but he tried — he read to me the 32-digit CLSID number mentioned in David Jacoby’s article. I then asked him who he worked for and he said “The Computer Maintenance Department.” For what company? “‘Fix My Computer’ in Nogales, Texas.” (Nonexistent, of course.)
David Jacoby’s excellent article revealing identifying information about these criminals was written over two years ago and this scam is still going strong! Why? Why aren’t these extortionists in jail?
VINCENT
I got tired of these nearly daily calls so purchased a very loud whistle. I let them talk for a few minutes then I blow as hard as possible directly into the phone. At least they won’t be bothering any one else until their ears stop ringing!
Helen Choy
I got the same call just now 6:30pm 23 Sept 2014 in Sydney! They are still at it. How can we stop them?
Patricia
I just hung up after getting a call from a Fastsupport tech from my home phone (which is unlisted). Yet they knew my name. Actually spoke with two techs as I could barely understand their heavily accented english. I suspected that it was a scam call as they wanted access to my computer. One even tried to convince me that they could lose their job if anything were to happen to my computer to cause it not to function. I asked for their name and phone number which they didn’t want to provide until they had fixed my computer first. Yeah right! They hung up on me after I kept asking them questions.
Patricia
I couldn’t believe they tried to call 3 more consecutive times after they hung up on the initial call. I hung up on their last 3 attempts.
debbie
Just had one of these phone calls. I let him explain everything then I said that I didn’t have a computer at home as my husband has it at work. He then asked when my husband would be in. I said that it would be early morning. I then said that it was strange that my husband’s IT department hadn’t picked up the problem as it is a company laptop ( total lie by me!). He then said have a good evening and I’m sure he said thanks for wasting my time. I asked him what he said and he repeated ‘have a good evening’
So glad he thought I had wasted his time cos it meant he couldn’t be conning someone else whilst I was wasting his time. At least I wasted 11 minutes for him!
MarV
Copy-pasted from Atma.es:
“In May-June 2014 several people in Spain was phoned from a fake Microsoft customer service. So far these are the numbers we got to know: 16077670057 and 15124511556. Beware also of 4935120443, 442033100000 and 18176499077.”
Elena
I have got a call today from a woman with a very strong Asian accent who insisted I went on my computer to perform some action with the pretest that my IP address was sending Microsoft some error message
I have let her talk for quite a while letting her believe that I was going to do what she asked me on my computer, at which point she said she was calling her manager and then hang up. She then called again but i did not answer any more, now thinking about it I should have said her to get a real job!
Robert Price
Here is me messing with some of these scammers.
http://youtu.be/vktSBwNQ72M
http://youtu.be/UZ-IJUsNic8
http://youtu.be/K65bG_5lnfI
Pam
Robert, that was awesome !!! I have to admit, I was kind of blushing on my end at some of the stuff being said but clearly, you a- wasted their time and b- ticked them off royally that they themselves were “scammed.”
The guy (both times, unsure if it was “Vicki” both times but “he” lol, sure sounded the same) was clearly not even listening to a single word you said until you cursed them both out in the end ! Sorry to anyone who might have been offended by these calls (as I’m sure you Richard, would yourself admit that some definitely had to have been) but it’s almost like nothing else will stop them so really, what do we have to lose to do something along these lines ??? Maybe if we all just start stringing them along (with or without some of the more graphic details that you went into, lol…) maybe they will eventually catch on and stop calling us all knowing that they themselves are now being scammed back.
What I found I think most hilarious about this whole thing was the yelling at each other – even the agent who called you – going on the whole time he’s talking to you ! Seriously, do they honestly think we are all that dumb as to remain on a call with this going on – even if we don’t have a clue what they’re saying?
I’d be even more curious to hear feedback from anyone who speaks whatever language they’re speaking, as to what they’re actually saying in the background ! (Any translators please feel free to step forward…)
Keep up the great work Robert !!!
BILLY
loved your conversation with that so caring Indian Michael ,I sort of did the same thing acting as if I was half deaf and had fun when he was asking for my credit card info ,I made a fictitious credit card number I could tell that he was getting excited ,then he would come back and say that I had give him the wrong number now this was going on for 45 minutes and I was in stitches,
he would ask me to repeat the number so I would say for the number 3 I would say freeee & 6 for sex and so on, and if I was getting a bit tired as I fancied a cup of tea I would crumple a piece of tin foil over the phone and say we had a bad connection ,
as you said Robert they have no soul
Cheryl
I LOVE this!!
They called me today (I live in a small town in western Canada) and I told them I did not have a computer, asked if it could be my iphone doing the errors. The guy said “Yes” and would send a tech to my house to fix my phone!!
Asked for a number to call in case the tech got lost, and the guy proceeded to give me my number!! Pointed it out and he gave me a number starting with the area code of the area I live in. I asked where they would come from, he said NY city. NY city! well that is no where near me!! Then he said Calgary, that still is not local, no tech is going to drive from Calgary to fix my phone! He wanted me to deposit $169 before the tech came.
I then said, how do you like me wasting your time? I know your a scammer. The guy said “Yes I am a scammer!” Then he threatened to send the Taliban to shoot me, then said he was going to F**K me.
And yes I get numerous calls from these people! Last time a few months ago they started yelling at me and swearing at me as well. A couple of years ago same thing, only he wouldn’t hang up and kept our line busy. I finally had to phone the phone company on my cell in order to have the call on my land line cut.
David
How and who do you report these phone numbers to? The scammer got so lazy to not even block his number in caller ID. He even gave me an 888 number that worked. So they are investing in the scam. They call I got was today (Sept 2014), so it must be working. They tried to do the same steps as listed.
Helen
Good Work Robert! I loved it.
We are in Sydney Australia. They called yesterday during lunch and my son (18 yrs) said “What computer? We don’t have a computer” and hang up.
Kim
I get these calls in cycles and always have a little fun (wasting their time)
“my keyboard is really old and I can’t see any of those keys they are asking for
“please help me – but I don’t speak English”
“Robert called last week and we fixed my computer”
and if I can’t have fun – “I don’t have a computer”
Anjum
I got a call from Peter Smith (v thick Indian accent) from Microsoft Technical support this afternoon. Got the BS about how the internet gate on my PC was not protected and so cybercriminals and hackers are using my machine for illegal activities and i could be a victim of identity theft. And as per UK federal law (really??!!) i could be held responsible. He wanted me to log on and check the CLS id. I told him i could not access the machine and i’ll call him back. The number he gave me was 02081332538. Kept insisting he would call me back when I had access to my computer. Kept asking me loads of questions about my name and who else uses the machine and what their names are. I refused to give him the details and said i was uncomfortable. Would check out what this is about and call him back when we are ready.
It was lucky i answered the call – usually my parents/grandparents would and they would not likely do all this checking. These people ought to be caught if they are indeed cheating innocent people out of a lot of money. Any idea who we can report such things to here in the UK? thanks a lot!
Sally Tunstill
My parents have just received a call also from 0208 133 2538. They said they were calling from Microsoft and someone was hacking into their pc.
My parents called me to double check everything for them. I rang the number and spoke to Harris Parker, who says he is available 8am to 3:30pm Mon to Fri. It was his colleague Mark Wilson who also had an Indian accent that had rung my parents.
I told them that I worked in IT and they should tell me what they want my parents to do, and he said type in NETSTAT and that i should call back with the IP addresses of the local address and any foreign addresses. I asked what they would do with this info, and they said that they would install some software.
That’s all very kind of them, but why on earth do they think they can do this??
How can we get these people reported?
BILLY
I just got a call this morning from an Asian operator with a Indian accent, saying that they were from Microsoft and that my computer was infected ,so I acted like I was a very old man aged about 96,after a bit fun saying that I was deaf he asked me to switch my computer on and say what was on the screen ,so I did I told him that I had a picture of a church, he said what ,I said I had a picture of a church a place of worship, well I do not no what upset him but he called me a f*$£!£g idiot and put the phone down, so I pressed the number for last number caller, this is the phone number 001003451 .plus I asked where he was from he said Sydney come off it tell me another one you idiot,
babrry
Just tell them you don’t have a computer End of !!!
ducky
Well i just got a call on 10-10-2014 from a windows company from sunnyvale california phone #408-757-0112. well i fell victim of them basically the same thing as described above. but they wanted to charge me $120.00 and i couldn’t afford that much. is there some way to get our money back. also i noticed on my online bank the money went to canada. i should check into my bank and file a grieveance. any suggestions
Michelle
I got a call from “Peter” this morning at 1-245-897-6589 and he asked about the Microsoft computers in my house. Having been an IT professional–system admin, system engineer, and systems and software security officer, I knew that this was not a legitimate call or request. So, after messing with him and asking him which Microsoft computer and how many I had, he began to get angry and impatient. At this point I made a made a friendly suggestion as to what he and his mother could do to themselves, at which point he angrily returned the sentiment and hung up. Oh well, you just can’t please some people.
Jay Pascarella
looks like this is still going on. I just received a call today 10/15/2014 the interesting thing is that I had placed a support request into Microsoft for Office 365 earlier today but had ended up resolving it myself.
The gentleman with a deep Indian accent called from an unknown number (I wish I was prepared as I would have asked for a number and then lit up their call center with inbound calls from a war dialer. Insisted that my machine was infected. I asked him several times if he was from Microsoft and also told him that Microsoft doesn’t ever call customers in this fashion he then changes his story to say he was from a company Microsoft had hired.
He asked me to bring up the run command using the windows hot key when I asked if he wanted me to run a program he asked me to type cmd. So playing along I did and he had me print out the clasid association. At which point I told him this is was a class ID and not my machines license number. He got angry and was insistent that it was I played along some more to see how far he would go and he asked me to run event viewer. He didn’t say what it was so I asked him you want me to run event viewer so I can look at events in my logs and he said yes. Then he told me that all of the red and yellow icons meant that my machine was infected (nice try if you don’t know this stuff) and that if I clicked on anyone of them they would multiple and make the problem worse.
I then told him that he was full of it as this is typical behavior and the warning message about a disc not being in my DVD drive was not a virus. I will give him credit he proceeded to argue with him at which point i laid in to him letting him know that I was an IT Professional with a security background and that if he called again I would contact the police (I also used a couple of choice words to describe what he was doing and his character). I really wish I could have gotten him to give me phone number and a real company name so I could turn it over to the authorities.
I could see my in laws who are older and both use a computer as getting caught on this one. Hopefully they will get caught and pay the price.
Gary Kemp
Happening in Africa, too.
Got a call today saying my PC had logged a critical virus with their “Microsoft Service
Centre”; the lady (of Indian accent) was very efficient and directed me via the MS-Start button, right-click Computer, Manage, Computer Management, to Events viewer where lo and behold to a log absolutely filled with critical
errors.
Coincidentally just an hour before, a website had prompted me to update my Java-version,
where I blithely clicked OK to all the User-permission and Terms-&Conditions prompts in
blind faith that the link provided was a bona fide Java mirror.
So -panic attack (I’m an old fart, and not prticulrly computer-literate).
Urging me that my PC was on the edge of self-destruct, the lady directed me to the
RUN-prompt, and patiently spelt out what I needed to type in there – “www.supremotecontrol.com”.
Alarm bells rang; the fact that she had asked whether it was a work- or personal PC, what
operating system I was running (surely my PC would have logged that information with
Microsoft?), that she had phoned me on my landline whilst I had bought the PC from a
store with Windows preloaded (never the two to meet).
When pushed, she said they were Help & Secure, a Cape Town-based contracted agent for
Microsoft.
I offered to call her back; she didn’t offer their telephone number…
Needless to say, I started researching the issue, and found your site.
E. Speike
Is this yet another scammer?
PCCZARS Support
Gandalf the Grey AND White
I had a fun conversation with one of these guys on Monday. After a while, it went something like this…
Me: Where did you say you were from?
Him: Australia, but I live in San Diego.
Me: You don’t sound Australian. You sound Indian.
Him: Well, I AM Australian and I have an Australian driver’s license and my name is on my Australian driver’s license!
Me: Uh-huh. So why do you sound Indian?
Him: I went to the University of India so maybe I picked up an accent!
Me: Interesting. I don’t know of anyone who goes off to college and leaves with an accent.
Him: I don’t like you insulting me!
Me: I don’t like you scamming me.
laura
They have been pestering the hell out of me…The last I heard from them <I told them that I would contact kaspersky and norton and give them their number so that they could resolve this issue. then I blocked their number.I could only tract their account as far as north florida.
Erna Bruwer
Hi I am from South Africa-had the same problem. I just told the guy that I know this is a scam. I have only recently moved into a rental home while we are building our house-so I only have the landline allocated to me 3 months ago-I have never registered any thing on the internet with this number. I asked the guy if he knows my landline number then surely he must know my name and surname…..he came up with a totally different surname…..just told him to bugger off
Milinda L. Potter
I am pretty sure that they did contact me and got control of my computer said they were from windows and now I have a problem with it and Kaspersky I had to call and reinstall it on my computer and now I don’t believe it is working correctly what can I do and what should I do to clean up my computer.
Hannah
Hey , I got a call tonight October 2014! When I told the lady on the phone that I couldn’t continue the conversation as I had to put my young children to bed she started getting agitated with me! and it ended up in me shouting at her and putting the phone down I wasn’t convinced she was from windows one bit! I googled the number before I came on to this site to find others have also had the call from the same women that I have!! I hope they manage to stop this sometime soon!!!
John
This company in India advertise on the internet. They have very little ability to fix simple things. They profess to be a computer repair company for Netgear, Avast, and yes you guessed it even for Kaspersky. If you Google for help their website comes up top of the list. They took remote control of 2 of my computers, told me I had 500 errors, and that system restore would not work, They corrupted my Wi-Fi totally, and were unable to fix the problem I had with home networking. They wanted $169.99 for each computer to fix my problem. I disconnected the phone and computers from them after almost 12 hours of wasted time. I suddenly remembered the fix is to set the Kaspersky/Firewall/Network/Private Network to Trusted or Local instead of Public in both computers. I also used a restore point in each computer to eliminate all their access to my computers.
Evelyn
When I had a land line I had several of those calls, in the United States, have been receiving them for the last few years, nothing new. I knew they were scams as who would call “out of the blue” like that. They are like so called psychics as most people probably have a computer and are on Windows. I was always trying to screw with them, so once I got psyched up, I would play along then tell them I knew it was a scam. The first guy acted like he was so hurt. I asked for a number, and that nothing had come through my email, so if I was such a risk why would someone call my home number and not send me a message like ON MY COMPUTER! He kept it professional, was actually really good in his calmness and having other numbers to check on him. That got boring so I told him to never call again. After that, I would listen for their name, or ask again, and then either pretend I was deaf or just crazy, like we were old friends. It lasted for a few minutes because I knew it through them. Then I would say a few choice words of trying to take advantage of people and that it was really funny for them to call because, I didn’t own a computer but if they were willing to send me one, then I would be more than happy to discuss the so called issues. I am not a smart individual, just understanding that the world is full of hacks and scams. If it sounds too awesome, good, kind or over the top for any corporation, then it is.
I love what you did. Thank you!
Basia Miller
I got a call at lunchtime today from a man with an Indian accent who identified himself as “Alec Stanley,” from Windows Registration Department in San Diego. At first I thought it was nice of Windows to be concerned about hackers that had gotten into my computer. I asked for a telephone number so that I could call him back when things were quieter and it upset him. I was suspicious but couldn’t figure out what his pitch would be so I stayed on the line and pulled up the CLSID that you describe. He had me pull up a certificate that expired on 12-12-99–he said the hacker had stolen the original and replaced it with this. Meanwhile I used my Mac to ask Are there computer scams? and found this page. Great info!! Then I hung up.
Posted by Bobbsey
Di
I am from Trinidad (in the Caribbean) the number they called me at was 442033180712 and they were from Windows Service Centre. I admit I fell for it especially as they had the code before I looked it up. I went as far as allowing the install of Team-something software and I gave them remote access (groan). They pulled up certain information (that was probably legitimate) to “prove” my system was hijacked.Then they told me that my windows licence had been hijacked and it would have to be disabled (fine by me) but then they said I would need to pay US$200+ for a new licence immediately. That’s when problems started. I said I couldn’t do that transaction, I had problems with credit card. They said they had to disable immediately (policy they had to follow) and I would not be able to use the system or call back later. I said fine, I would just replace the hard drive and install fresh stuff even if it meant to buy new stuff from microsoft.
Then they said that that would not work because the licence was tied to my IP address and once I was “flagged” that any windows-based computer would not be allowed to function from my IP address even if I got another product ID. This got me worried. I said I had to call someone (on pretext to get assistance to make the payment) they agreed after insisting that my system be left on (and connected to them remotely) and also they would call back in 15 mins. I immediately called computer friend, relayed the basics of what happened and asked if it was true that licence and product id are 2 different things and that windows function could be affected by my IP being “flagged”. My computer friend said that’s not true it sounds like a scam don’t talk to them anymore. I disable wifi connection. While still on phone they call back. I take the call, they know I “turned off my machine even though they said not to” I said I couldn’t make the payment so it didn’t matter.
They insist if I don’t get card info from someone and make payment, they will have to report me and security will show up in an hour (gee, all the way in Trinidad) and that will be a lot of trouble. I say fine, you do what you have to do. I hang up.
Now I’m in trouble. I’ve just been phished, my system is compromised. Call back friend ask what to do. Says to copy out personal files unto CD because the system will have to be wiped and everything re-installed. I do so, then shut the system down. Friend arrives later to see what’s up (is pissed he didn’t get the call, would have loved the opportunity to mess with them), tries to boot up to find windows locked by password. Friend does techy stuff to get in and now in process of wiping and reinstalling stuff.
Yana
Good day!
I’m from Trinidad as well. I fell into the same scam two days ago.
Thankfully I didn’t loose any money but my PC is locked with their password and I’m afraid to loose my data. Maybe your IT friend can help to crack it before wiping entire hard drive. Can you help with an advice?
Regards.
PJ Pollock
I never hang up, i play them for as long as i can, i take the view that if i’m playing with them like a fish on a line, they cant be scamming anyone else.
I basically play the daftie, keep making mistakes, pretending that i dont know what i’m doing. That invariably gets you transferred to a supervisor, and then i play the whole lot again. My record is 54 minutes, eventually they get cross and start to become abusive, but i always keep them going and force them to be the ones to hang up.
Dont get mad, get even, if we become a pest to them, they will eventually stop
Kevin Hann
Hi, some advice …
Had a call a few weeks ago, second time, so knew it was a scam. I told the bloke that I had to warn him that my phone has a special equipment attached and if at any time my phone device detects a fraud it gives off a high pitched noise which may be distressing to them. … so we carried on and when we got to the bit about verifying the CLSID I let off a personal attacker alarm in to the ear piece, which believe me is very loud. After a couple of seconds I stopped it and said to him, sorry about that but my phone device seems to be detecting something wrong, but would he like to carry on … so we did and again we got a bit further on and I let it off again … he hung up !! and I have not had a return call from them.
Mike
They called me today from NY NY 646-475-2216 phone number.
I went through with the Eventvwr and saw 55,000 errors in my logs. Then they asked me to connect to fastsupport.com so they could take control of my machine. At that point I told them it was a work PC and that it was against my company policy to let them connect and I would contact my support desk. He insisted on connecting to my machine because my machine was responsible for stealing 50 thousand dollars and it needed to be fixed right away. I then told him that “yes I am a hacker and I am stealing money” He said “You are??? I must connect you right away to the FBI and if I hung up I was a coward”. I stayed on and told him to connect me to the FBI. The phone went dead and disconnected. If I get another call back I will post again.
Dorothy
I tried to download a Norton antivirus for a free 30 day trial in June 2014 as the Microsoft Essentials had gone out of business and not wanting to get a virus I went to the Norton site to take advantage of their offer there. First I was connected to a dude in in a company called Plimus Sales . When he told me it had to pay $69 I asked he if this was a scam (stupid I know) He just laughed and said ” like a scammer would tell you that”) it was late at night by this time. I’ m disabled senior with little money. and some of my friends have paid around that to purchase year’s worth of Norton so thought “Ok might as well pay it so i have anti-virus protection gave him visa # then somehow I was connected to a person in India who said “Yes I had many viruses on my computer ” He had thick Indian accent and accessed my computer; told me not to touch anything that he would clean it up for me. He also wanted me to sign up for a 4 year program for $499 USA I declined that as can’t afford. but he was very insistent and so I settled For a year’s protection at a cost of $199 so over $200 Canadian.By now it wa 4 a.m here so foolishly gave him Visa card # and told him I had to go to bed. and yes my computer went black with the white letters like posted earlier above by David. much movement .Told him I couldn’t stay up any longer and that he could call later the next day I felt sick inside but not sure why. He said don’t turn off computer so I didn’t just fell into bed. I was up 3 hours later computer was off. strange I thought and there was a message on my phone from Visa security asking me to call them asap .Turned out I that I had been scammed 🙁 but they had blocked the payment as they figured I didn’t go to India to shop .After talking with the woman we canceled my card and Master Card as well just to be safe and she said a new would be sent.within the week. I felt so foolish and vulnerable but I called the cops to report it.. the Detective was quite understanding and said not need to feel ashamed , they did it to her when she went shopping in the states so after much hassle as being disabled with terrible arthritis in my hands and body. I don’t use cash as I have to wear splints on hands and wrsts so can’t fel if money alls. I just use credit cards and pay them each moth over the phone. A week later new cards arrived and I was able to go get some food, I was/am so thankful that Visa was on the alert ,I got my all money refunded but had to call geek squad ( Detective said this was the way to go as several other seniors had experienced the same problem) Geek squad came and took computer to clean it all out. was bale to save my pictures to come and take computer to be throughly cleaned up. after 5 days I got computer back My life line to the world as I need a walker and don’t get out much. So did have to pay geek squad to fix the problem.. I am not computer savvy , too trusting but now wiser for this experience ., agent said his name was Anant Kummar. the name of scammer company is Avangate Systweak .thanks for this posting David I think you did a terrific job talking to ‘Michael’ .
Gerry
Still happening in Ontario, Canada. 2x this month November. After telling this one fellow that I knew he was a scammer he got quite vulgar.
Henrik Pedersen
My mother got one of these calls today in Denmark, at least she was smart enough to give me the phone so i could talk to them. Even though i wasent aware of this issiue, it took me no longer than 30-90 seconds for me to realise that it was a scam, the english-indian woman claimed to be from the microsoft department in Scottland, and started asking questions about who was the owner of the 2 computers she called about, i then asked her which computers it was since we have 3 or 4 working computers in the household, whereafter she asked to talk to my mother. I refused since i know very well that there would be no reason for her to talk to my mother rather than me, if she was indeed an microsoft employee. after i refused she started talking nonsens, and i asked her what the issiue was. She then told me that there had been downloaded malicious software on 2 of our computers. Then when i replied “if there is malicious software on those computers i will remove it myself.” aparently that made her angry, and she replied in a rather unpleasant way, and i quote: “You are not an educated computer technician, so that will not be possible.” then i just laughed and told her to shut up, at that poing i knew very well that she was no microsoft employee, and interistingly enough she pretty much yelled, no, you shut up!. When she finally realised that i wasen’t going ot let her talk to my mother agian, she said “Idiot” in a rather high tone and hung up.
Aoife
Hi, this happened to my friends this morning and they did get access to her computer. She didn’t give them any back details or anything like that and hung up as soon as she realized that it was a scam, but I was wondering if anyone could let me know if she is still at risk at all? And help appreciated.
Thanks for letting people know about this.
Bill Murphy
Still happening in the USA on Dec. 19. Their technician “Adam,” with an almost insurmountable Indian accent, had me follow the same steps as you described above. I’d googled this site and was able to recognize it as a scam. When he told me to enter the info to give him remote control of my PC I just read something from an image of yours and told him that my PC was behind a proxy server and that I’d have to call him back when my manager returned from lunch. The number he gave me was (347) 788-0081, apparently a cell phone in New York City.
Amit
I had a call yesterday at 10:30pm. Caller said me he is calling from Telstra(Major Australian Telecom company) and same as like above scenario. He use team viewer and said my Microsoft version is old and pay $5 for life time renew. I did not enter any details and we fight over the phone and he spoke Bangladeshi language. Be care fully for any call like this.
Kellie
2 1/2 years since this article was published and they are still going strong. I love to screw with those jerks. I hope someday they will be caught and stopped. It saddens me that there are people who are gullible and buy into this scam.
Caroline
I received a telephone call (english speaking guy with an indian accent) telling me he was calling from London office of Microsoft. He told me that me computer would have serious problems within the next 2 hours. I therefore should start the computer to allow him to help me. I asked for some specification. He mentioned the same ID number as written about in the artikel. When I asked for some identification like email address and phone number to call back he hang up.
Thanks for your very useful information about how they work. Unfortunately they are still going on with the actual target Switzerland.
Catherine Albanese
They got me too. But I never went all the way with giving them my credit card. They had my computer locked up and I had to restore it to an older date. They called me back and I just hung up on them.
My computer went to black…. and I could not unlock it. Shutting it off was my savior… when it came back on it was in safe mode. I posted information on a web site I monitor…a yahoo groups. Telling everyone who is a member to be aware of this scam. We are mostly seniors, and we do not have a lot of knowledge about computers. Every thing we can get to help us is welcome…. and something like this information helps.. Thanks for posting about this scam..
chris ekin
i had some fun with these guys last night, was contacted by a woman with a strong indian accent. She told me my computer had an infection (not a virus as I said I have virus protection) and she said it was a different thing. Played along for 1/2 hr or more just being really slow and misunderstanding her directions, i had no intention of following them. I discussed what would happen with my i pad which she said would eventually fail even though it has no windows on it as the ‘infection’ was on the internet. Eventually after pretending to type in the instructions she asked me what was showing on the screen. I said there was a collection of letters which said, S O D O F F Y O U S C A M M E R S A N D G E T A P R O P E R J O B. she eventually got it and hung up. Beware people !!!
Jon
There is a variant of the scam going on in the U.S. They call periodically. I once got them to give me the name and address of a company in Texas that they claimed to be, but it wasn’t worth my time to try and follow up. In addition to the money they scam, you have the huge waste of time. It would be great to see them spend a few years in a jail cell.
Tim
Thank you for posting this information. Upon recieving this call I was able to quickly google the commands they were giving me just to give me my CLSID aka my “Computer ID” and learn that they were a scam. He said he would give me the phone number, address, and name my computer was registered under but when pressed he would only give me the CLSID. I mentioned that they called me on my mobile and I would never register this pc with my mobile number as opposed to my home number. They called from the number 55221144 Which isn’t an American number and initially keyed me off to it being a scam as a company would not be likely to call in the first place much less to call using some international number.
M. Carson
They called me this morning. I told him that since I was not the one who made the call that he was not getting any info from me. He gave me the ID number of ‘my computer’ and also gave me a number to call him back at once I verified that my computer matched the number that he gave to me. YES, it is the same number ending in 7D062 that is posted all over the Internet, lol. The phone number is an International number. I even asked him how he got my phone number because it is a brand new landline number that I just recently had installed and I have not given the number out to anyone because we only use the landline for emergency use in case cell phone signal is not good. He came up with some ‘reason’ as to how he had my number. With his foreign accent, I am not sure exactly what he said BUT….. SCAM sure came through loud and clear to me. I guess he may still be waiting for me to call him back, lol.
Kim
I’ve had several of these phone calls and thankfully have never been scammed. I find the best way to deal with them (unless you like tormenting them) is to say “fine can I please have your name and I will get back to you by calling the Microsoft (bank, charity etc.) general enquiries number”. At this point they do one of the following, hang up, be rude and hang up, make excuses and possibly give you another number to contact them (if they do this post it here and pass it on to the authorities), or give you their name and have no objections. The one time the person gave me their name and had no objections, I called the bank’s general number and after a few transfers got back to the person who had no objections to my vigilance.
Jan Krohn
Fellow victims and near-victims!
Today I had the dubious pleasure of receiving a similar call from ‘Harry’ at the west coast of The United States.
Seattle, to be precise.
Harry informed me of this deluge of Windows Error Messages which had, during the past months, stranded on his distant shore. I was moved – My wife wasn’t.
“Just hang up, they’re probably some cheating third world beggars,” was her reply yesterday.
Now, my technical background in electronics, with 33 years in the Air Force, should have provided me with more skepticism, but sad to say I bought the idea, of him being able to see what my Windows 7 machine was relaying to this imaginary “Sixth Technical Division”, and I am indeed not very proud of what followed.
For one solid hour I was informed about their problems: “This is a vehry long list, sir. And it grows longer … az vee speak.” During this hour I was guided through the exact same scam as most posters here avoided – And I didn’t.
It went as far as installing TeamViewer. Examined the Logbook of my machine, which clearly indicated something malicious had been going on since the summer of 2013. I witnessed the content of C:\Windows\Prefetch with 25 instances of RunDll32, after which I was instructed to ‘Google’ the security issues of this particular Dynamic Link Library – Obviously a threatening backdoor to any system.
At this time something weird struck me: RunDll’s has been with us since Bill Gates wore diapers, so why is this suddenly a problem? Another thing: I could see everything, neatly ordered chronologically, when the first error messages appeared in my logbook, but he refused to tell me the first date of their alleged problems, saying “Ooh, there are so many problems.”
Call me an idiot – I still kept going.
Got some DOS-Prompts up and running, including what might have been a directory dump from the root of my Hard Disk. It went past real quick, leaving only a bunch of ‘problems’ at the end, vividly marked.
This was, by the way the first time I ever saw a directory command resulting in red lettering, very convincing.
At the end of the dump it said something to the effect: August 8 2014, Software Security Terminated.
I was devastated, what to do next?
“Well, we cahn fix zis for three Euros.”
At that particular point, the prospect of actually paying for security reminded me of tales from Italy, people sleeping with fish and other unpleasant things. Besides, Windows Security (MSE) ought to take care of this mess – or shouldn’t it?
For the past half hour I had been directed to Harry´s superior, a certain Mr. Alex Watson, who pointed out that this was definitely cheap indeed. I had already paid for my operating system, which of course included some basic security, but this payment wouldn’t last forever, had to be renewed.
“Don’t confuse Software Security with Microsoft Security,” he pointed out in his usual commanding voice.
When I tried to clarify the difference, he was strangely aided by his Indian accent.
“This has to do with the World Wide Web … You know ‘www’.”
Which apparently was constructed along with some intercontinental, super construction – as far as security was concerned.
Well, to me, with all its seemingly universal deity, it began to resemble some ancient cult, and perhaps the Indian accent helped a bit as well, but something in his persistence gave him away.
I think it was his raised, impatient voice, and at this point he was in fact addressing the wrong guy.
As a retired military man, and one thing I really hate is civilians ordering me about. As stated above, you may call me an idiot, but at this point a small red indicator, about the size of a Christmas light bulb, started to flash.
“Excuse me … I have a few phone calls to make.”
“Venn will you be back?”
“Less than an hour … just call me.” Writing this, I haven’t heard neither from Harry nor Alex.
I did instead consult Microsoft.dk (Denmark), our Scandinavian bank ‘Nordea’ and the local police constabulary.
And just a few hours later I felt a certain relief, and some embarrassment – they all knew about this fairground pickpocket.
On the bright side, TeamViewer is uninstalled and all references in my registry has been erased, Malware Bytes was up and running with 3 finds quarantined, CCleaner has been employed and MSE is, as I write, still running a scan.
And yet I feel pretty stupid, however lucky as I may be. For surely nothing was stolen, because this machine has never been used for bank transactions and no permission ever let my little Indian adversaries misuse a credit card.
But I do pity those less fortunate. The weak and truly ignorant who get plundered by this new-age, cyberspace Vikings.
Karl
On 18 February 2015 I was contacted by a “MS Help Desk” in a similar way as described. Unfortunately I fell into the trap and lost control over the system. Most of the elements to convince me and to take over control were similar as described including event viewer. One different part was the CLSI maneuver were they made me typing and entering a “replacement CLSI” : 5G6H ADFO NAWR SE64 DECN 9GAO 991A RAN5 8.
Finally, when I objected to enter login data for my internet banking, they put a password request at system start up which made me unable to reuse the computer.
The computer is now in repair!
The phone number was 00999990.
Following the scam I received an email from Western Union that the intend money transfer was cancelled (I checekd my accounts in the bank and informed my bank about the fake. So far no hrm.
Further I got an Email or fake email from Amazon to verify my SEPA transfer certificate by clicking on a hyperlink (I discarded it immediately).
Dan Shanahan
I received a phone call on 2/24/2015. The man sounded Indian or Pakistani. I could hear many other people in the background on phone calls indicating that this was a boiler room. He told me that my computer had a back door which was compromised and my computer was filling the internet with junk. He gave me the number 00c04fd7d062 as a replacement number. I never understood him completely due to his accent and the background noise.
I was suspicious from the start and asked him why I wasn’t contacted via email. I received an answer regarding to the importance of the situation, but became more suspicious at this point. My question for which Windows system I was running went unanswered. The only reason I bothered listening was that I recently upgraded my Windows AND I’ve been using a system cleaner, System Mechanic, so I wondered if this was just a coincidence.
He told me the reason my computer is running slow was due to clutter in my computer. Actually, my computer has never been faster. Once I wrote down the number, I figured I could look into this and I hung up. I Googled the number and saw all the scam articles.
Philip Duncan
It is now March 2015 and still they try. same old stuff. I simply told them it was a company computer and the line went dead.
the scam call came to me from 0018182391450
beware
Mike Webb
4th March 2015. I’m in St. Lucia in the West Indies and I just received a call like all the ones above. Pushy guy with Indian/Pakistani accent who claimed to be from “Windows Security”.
Roxanne
Hi, I recently went through a similar experience, the guy had an indian accent, and he called himself Brad Smith, I allowed him to join my computer to his but during the whole “hoax” which I thought was real. I did not see him instal anything. But everything you wrote was highly similar. He directed me to a website called fastsupport, then he used gotoassist and he reacted just as similarly as this indian woman you mention. He suddenly screamed. Oh my God.. and everything… he did ask for money. from $100 to 200 dollars. I began to get suspicious about everything, and told him I would call back later, I still didn’t know what to believe. He disconnected, and he also closed the gotoassist app, but not before telling me I would need network security, and firewall.. I hung up and began to investigate.. I checked my firewall, i uninstalled two programs I did not recognize and deleted cookies, and temporary files, and ran 3 different scans on my computer. To be honest I am still a little frightened. But it seems like there is no spyware in my computer, and the man did not get to install anything because I did not have any credit card information with me… i do have a few questions could there be malware that my antivirus may not detect.. will it be necessary to reformat my hard drive?
Lex
Hi,
They called me this morning at 7:30 am in Ontario, Canada, and I was caught. I had never heard about this telephone scam before, and I’m sure I’m not the only one. We’re used to email scams and get messages from our banks about phishing attacks, but I never have seen news reports on the Internet about phone scams.
After getting caught by this, I’ve now googled it and found this site. So obviously the scammers are still doing this because there are many people, like me, who haven’t heard about this.
I pride myself on being fairly tech savvy (although I’m not a computer expert) and there are several reasons why, despite my misgivings, I fell for this. I recently added more security features for my Internet email, which meant a lot of confirmation emails stating that I had changed my security settings. So it seemed possible that Microsoft might be calling me because they noticed a lot of confirmation emails being generated.
Second, if you are looking for music or movies on the Internet, a lot of those sites are filled with malware. I was looking for a particular movie the other day and visited some sites like that. So I thought it was possible that just by virtue of having visited those sites, something might have happened to my computer and that’s why they were calling me.
It’s the coincidence of those recent events that made me more susceptible to this call. So people, beware, don’t try and link this Microsoft scam with any of your browsing habits. There’s no link!
Rachel Brantley
I live in a small town Kite in Georgia I had my new laptop freeze up with a pop up that said I had a Trojan virus and had to call this tech support and gave a 1—877 number so I called and he said and done same crap everyone is describin. I’m so thankful for this page for letting me know what the deal was God bless
candy
i did fall for this scam. i havent used my computer since. the lead me to teamviewer etc. they put programs on my computer. after realizing a scam disputed charges from credit card co.started getting calls again to refund my money for their co. license was no longer valid and they were told they had to refund everyones money. they said it didnt matter who’s computer i used but a had to go to teamviewer give them the i.d. and password from that site and then their company refund dept. would generate a form so i could get a refund. the starting company was p c speedy and tech 24/7. they have used multiple phone numbers,skipe numbers, restricted and unavailable. they have used microsoft maintenance, better business bureau, windows support and more. i told them to keep my money. the man told me his mgr. was going to lock my computer down and it would never work again. i was told in the beginning that my gateway was infected as well as my computer. what i need to know is what to do now. is the software they installed infected, can a gateway be hijacked, how to be able to use my lap top again. all had indian accents and american names.i have a full log with dates, times, and phone numbers used, but havent found a law enforcement agency who cares. What are these guys trying to get from us? Personal information for identity theft or what? I figured when they wanted access to give a refund there must be something on there they dont want others to see something criminal. There are always multiple voices in the background like a call center. I need advice and Help… PLEASE.. Started Sept. 2014, I am in California.
Rob
Greetings from germany.
Apparently, they still try (April 2nd 2015). This time, they said they wanted to tell me my ip-adress so I can be sure they are from microsoft. They led me to the window with the CLSID and tried to trick me into believing that this CLSID is my ip-adress, then tried to gain my trust by citing it.
What’s more, they still spoke in english, despite calling someone in germany. Because microsoft can’t afford german speaking employees…
Gary B
I also got scammed by these guys last week. Was told about Virus and that I could not use Windows 8.1 anymore until Windows 10 came out. Being not PC savey I agreed and now know I was screwed over by reading all the emails on these jerks.
What do I do now?
candy nachel
What do these scammers want? Money,(I got a refund from them) identity theft, to spred malware, or use a computer’s I.P for other illegal stuff.
What do you do with your computer after you let them remotely fake fix it?
S
Greetings,
I read all the comments above, to be true, and honest with you all, I was hired for one such company, where they call up people telling them they are from Microsoft Team or Technical department and call is in regards to their computer maintenance.
They will show you all such kind of error reports(which in reality is not an error) and will tell you to sign up for a year, 3 year of 5 year or life time plan and ask you for some xyz dollars, informing you that they will install few applications that will protect your computer, speed up your computer etc..
I have genuinely worked with Microsoft in Past (I do have my Id and certificate from Microsoft, if anyone wants to authenticate me), i was looking for job (since my Ms project got ramped down and shifted to entire different city), Having the Technical Skills and working all these long in customer service, they hired me telling me its customer Service+Technical Sales Work and you will do best since you worked with Ms for long years..
I got totally convinced by Hr and Director of Company and joined them, I worked with them for 4 days, saw their work and found that this was complete cheating that was done by them, rather fooling innocent people.
I wasn’t aware of this scam going on in company, until i met a caller unlike one of you on line, with her husband being cop, and she also got her Attorney on line. I wasn’t aware of this scam going inside, so giving my best service, I spoke to her Attorney, her husband and her, giving her my real name, identity, company name everything honestly, cause i believe in providing good customer service. while she and her attorney were asking me details which i gave away honestly, i found they couldn’t reach the toll free number given to them by us(Toll free number by company).
I explained entire situation to my manager and Director, that they were trying to reach us, and so forth, only thing i was asked to hung up call and not to entertain any such thing..
On my way back home, the only thing that pricked me off was how can they deal with customer’s in such way, cause in all my 8 years of Customer service, I have never ever behaved so rude with anyone, In fact I have been appreciated by level 2 Technical team of Bill Gates(can share same, as well as names of Technical PTL working in Microsoft headquarters currently), I had my Manager along with me traveling back home.
He explained to me how does company gets number of customers their details, and all this done is fake and scam and nothing else, just to earn money.
I went back home, and resigned immediately after explaining scene to my parents, I also argued over an hour with R from company saying them its fraud, also should her toll free number is also not registered on company’s name, how is it possible? Made her read all true comments posted by customer’s and informed her that work done is fake, in evening director calls me, manger’s call me asking me to join back and ready to give me double raise(just within 4 days of working, double raise :P)
I couldn’t take back that job, but by reading these comments and reason to write you this was, what you all have been going through is totally true, Its fake and scam..
All i would request you, please do not fall for such scams, and subscribe to their packages, as said earlier, Microsoft will truly never call any of their customer back for support, until and unless, customer files a complain about Windows or any Microsoft Software
Also please remember, a genuine MS Technical will have id beginning with either v-2 for Ms windows support, and v-9 for Ms office support, also they will have email id given to them by Microsoft. (my id was v-9dsap, I no longer with Microsoft, so my id wont work, but i do have customer’s whom I have given Technical support despite based in India, and working honestly for Microsoft, I have all of my customer’s added up in My Facebook, and Im Honest about it.)
My reason to write this up was, cause of few people doing scam and hoax call, my country’s(India) name is at stake(which i cant really take it). Also where People in other part of world are being fooled for money.
I need to write this that not all of us are same, so please kindly refrain blaming my country, cause not all of us are like them.
And also I wouldn’t ever do this, but I would give away name of companies that are doing such business as awareness purpose, names are Lester Info services and Global Support Solutions.
Please do note down name of this company carefully and pass it on to as many people as you can, not to entertain them.
Humble request, Please do not blame my country.
I would be glad to help and answer if any query..
Regards.
Madi
I was on chrome looking for help with my homework. This little box popped up on my screen saying to call this number and to not turn off my computer or private information will be deleted.. So I took the number and called it.. I was on hold for a half hour then I was transfered to another number with a women who had an indian accent. She told me to hold down the the widows and r button and a box will appear. She said to typehttp://www.fastsupport.com. so I did but the little box from earlier was blocking the page so she told me to hold down the windows button and r again but instead of the website from earlier she told me to type in “hh 1″ once I did that another little box popped up and she said at the top left corner there is a question mark she said to click it. After clicking it she said to go to the bottom and click “jump to IRL” she said to type inhttp://www.fastsupport.com so I did. Then she said to download citrix online launcher and it took me to a website that allowed her to connect to my computer. I gave no personal information. She showed me things that where “supposably” harming my computer then said it will cost this much for this amount of years for all devices and I said I don’t have the money and ended the session and the call.. Have they hacked into all my stuff on my computer? I’m really scared right now.
can not believe it
It is April 2016 and still going on. But no phone. They went right in and frozen my computer. I stupidly called the number on screen. Yup I did. I even let them in. Paying for it now. And I just purchased computer. It was 2wks old.
Lightning Chaser
They seem to have spread to South Africa as well… Got a call from them today, but it sounded like a Microsoft text to speech voice so I just hung up.
Savvy Granny
this scam once again doing the rounds in north east Victoria, Australia; have found the best way to be left alone (for a while at least) is just to leave them hanging on the phone while I “search” for my computer, a feat that can take up to 30 mins before they twig that I’m not coming back.
jOHNO
just hit me in South Australia, I twiged it was a scam, the Chat window came up and someone asked me ‘how can I help you?’ well I said you contacted me Mate!
went on to tell me I have a fake ‘AV’ ans ask if my computer was old! I said the only fake was YOU.
just scum. I had to ask how much? it said $Au 200.00 be getting F A from myself!
Brian T
Looks like this scam is back again… They just called my mother down in Alabama, U.S.A. I laughed when she told me about it, apparently the guy calling her must have spilled something on his call script, because he didn’t even know the keyboard shortcut for the run dialog, she said she kept pressing the keys he told her and nothing was happening… I told her it’s ‘START + R’, not ‘CTRL + R’, and it’s a scam… LOL 😛
Sergei Perreault
Just a call from these morons. As a systems admin, I was curious to see what they were trying to do. As soon as he gave me the website, told him I’m an SA (among other various profanities) and that I’m going to be sending them a DOS package to their website. Please be careful people. Microsoft will NEVER call you. They don’t have this information and 2. they don’t want to call you, they’d rather have your OS crash and burn so you can re-image.
These Events are normal, in case you’re curious.
Systems Administrator
StartUp Software Company
J w
I’m in Western Australia, they’ve just pulled the same scam with me, only they said they are from Telstra. I sniffed a scam, but actually have been having ongoing issues with speed and connection for over a month, which he said I was having. He said it was because my internet connection had been hacked and was being used to boost the connection of a highly technical internet crime ring. Very strange, I almost wasn’t sure, and even went as far as having him confirm the long 888D number to prove to me that I was actually on their system. It was when I insisted he tell me what he wanted me to do from start to finish BEFORE I went any further that I really grasped that my initial feelings were right. He was very pushy, and very angry when I called him on it.
Love your style Savvy Granny, searching for your computer. Hahaha.
I’ll have to start answering my phone the same way I did to get rid of them last time it was happening (they show as OVERSEAS CALLER on my caller ID).
“Hello, Blahdyblah Police Station here, how can I help you?” They hang up pretty quickly and don’t call back.
Bruce
8/5/2015 got a call from texas with a robotic voice (computer reading a typed message) that pretty much claims my computer is throwing errors at the interwebz im not retarded mmk i know my computer is only gonna throw 2 errors at the interwebz (hey server i cant reach you or dumbshit server you arent responding ) 25 years in the computer repair field im a bit annoyed this time i got a human and said “Thanks for contacting Microsoft Technical Support how may i assist your call” dont think ill be hearing from them again
Proud Male
Another way of discouraging these people is to give them a very distasteful phone call. They are taking my time, and are violating my do not call instructions so I do not even owe them any common courtesy. I am usually able to let them know that I doubt their species, they are of dubious geneology should perform the anatomically impossible, and that they can go to the theological place of eternal punishment. Nobody likes to be yelled at, and I have found that this type of action suppresses the phone calls I receive from these cretins.
Excellent article by the way.
Ann
I just got a call today from a Richard Cooper – very heavy accent. He said he was from Microsoft Tech Support and my computer was in trouble! LOTS of people talking in the back ground. Told me he was going to shut down my computer! I did not give him any info. I told him I was not near my computer and he asked me to call him back. I knew it was a scam, but I always look it up.
Looks like it will not stop anytime soon. I did report it to the real Microsoft.
John
Scam still going. Received call from “Dell Technical Support”, quoting the real Service Tag and Express Service Code. Claimed they had received reports from the PC indicating it was infected. Directed me to fastsupport.com. I found this article when I checked up on fastsupport – thanks for the advice. The Indian accented man became annoyed when I asked questions about him and his organization. He told me he might not help me any further because I clearly wasn’t going to follow his instructions. I don’t think he liked it when I laughed at him. He called from 281 394-4349 (showing as Katy, TX).
Korey
9/4/15 I just got my first call from “Tom Edwards” from Microsoft today. Number on my Cell 443-268-0349 (from Maryland) or his call back number he gave me is 844-764-1772 12-9pm. I just told him I would call him later to take care of it. I knew it was a scam from the get go and then I looked it up and found this blog to confirm it. Thanks
Tim
My mom got one of these calls this morning from the “Windows Support Office”. She hung up on them because she already knew about the scam, but we were able to get the number they supposedly called from: 648-123-4572. Problem is that 648 is not a legit area code that i could find, and I’ve never seen a phone number in 7-digit format that started with a 1.
Eva
Hi, I got the phone call today and sadly didn’t realise those was a scam.. The Indian lady said she was phoning from windows and told me that my pc was flagging up errors every time I was using it, she then got me to read ctrl and r and showed me all these false errors etc then before I realised what u was doing I had given them remote access to my pc.. She then told me she would install the proper download and call me back, which she did 15 mins later, I’m which time I had checked on Google and finally realised this was a scam, when she phoned back I told her I wasn’t going to pay And she quickly took whatever they had downloaded off my pc and hung up on me… I’ve since taken my pic into currys for a full system restore and changed all my passwords .. I shall never again deal with cold callers again, lesson learnt..
Gort
Got one of these calls today. My phone display said “+7 (186) 299-19-77 Russia”. I get bullshit spam calls all the time from random locations so I knew this was one. I answered the call in a Russian accent… hell, the call was from Russia, why not play along? I use an external cell phone recorder that plugs into the microphone jack (I have to for work – it’s an Esonic U2 recorder) so it was recording. This is the transcript:
Me: *in Russian accent* Hallo.
Indian Dude: *Thick Indian accent* Hello, my name is John and I am with Microsoft Support. We have received error messages from your computer that *unintelligble* message indicate you may have a virus. We are calling to help you resolve the issue. Are you near your computer where we can help you with this problem?
Me: Hallo.
Indian Dude: *repeats previous message*
Me: No, this. This is not good. I cannot have virus.
Indian Dude: Sir, we can help you. Are you near your computer?
Me: Yees. I am at computer. I am… web surfing. The Americans say web surfing. I look at how to make vodka at my kitchen.
Indian Dude: *slight laugh* Yes sir, good. Which browser are you using? Are you using Internet Explorer?
Me: Yees. I am explore internet. I look at how to make vodka at my kitchen.
Indian Dude: No sir, I mean are you using Internet Explorer or Firefox or…
Me: Yees. I am explore internet.
Indian Dude: *slight pause* Um, sir do you see a search bar at the top of your screen by the…?
Me: Yees. I see at top of screen.
Indian Dude: The search bar?
Me: Yees.
Indian Dude: Sir can you type these letters into the search bar?
Me: Yees.
Indian Dude: Sir I will tell you letters. Type the letters as I say them. W…
Me: Dable you
Indian Dude: W…
Me: Dable you
Indian Dude: W…
Me: Dable you
Indian Dude: Yes sir, three w’s.
Me: Dable you
Indian Dude: No sir, no more w’s. Just three w’s.
Me: I type dable you when you say.
Indian Dude: How many w’s have you typed? Three or four?
Me: Dable you
Indian Dude: No sir, delete what you have typed. Let’s start over. Just type three w’s. w… w… w…
Me: 3 dable you
Indian Dude: Yes sir, how many w’s?
Me: Dable you
Indian Dude: *muffled voice* *slight pause* Sir, I am going to put you on the line with another who will help you now.
Me: Yees.
Other Indian Dude: *in slightly more intelligible accent* Hello, sir?
Me: Yees.
Other Indian Dude: Yes, can you type as exactly how I say the letters?
Me: Yees.
Other Indian Dude: Okay, w…
Me: Dable you
Other Indian Dude: w…
Me: Dable you
Other Indian Dude: w…
Me: Dable you
Other Indian Dude: dot
Me: dee oh tee
Other Indian Dude: *slight pause* Sir, you do not need to type D-O-T.
Me: I type dot.
Other Indian Dude: Did you type the letters D-O-T or did you type the dot key? There should be a key that has a –
Me: *interrupting* I type dot.
Other Indian Dude: You typed the dot? Not D-O-T?
Me: I type dot. You say dee oh tee.
Other Indian Dude: *laughter heard in background* *muffled voice* Okay. T as in tango
Me: tee
Other Indian Dude: E as in elephant
Me: eeh
Other Indian Dude: A as in apple
Me: ayee
Other Indian Dude: M as in mother
Me: ehm
Other Indian Dude: V as in Victor
Me: *slightly excited voice* That is my name! I am Victor.
Other Indian Dude: *slight pause* Yes sir, did you type V?
Me: Yees. Vee.
Other Indian Dude: V as in Victor.
Me: Yees.
Other Indian Dude: I
Me: eye
Other Indian Dude: E as in elephant
Me: eeh
Other Indian Dude: W as in whiskey
Me: Yees, I like whiskey.
Other Indian Dude: *short laughter in background* *laughs* Okay sir. W…
Me: Dable you
Other Indian Dude: E as in elephant
Me: eeh
Other Indian Dude: R as in red.
Me: ar
Other Indian Dude: dot com.
Me: dot come
Other Indian Dude: dot C-O-M. Did you type-
Me: *interrupts* Yees. I know dot come. I do the internet.
Other Indian Dude: It should say http://www.teamviewer.com. Is that what it says?
Me: Yees.
Other Indian Dude: Okay now press the enter key. Or the return key.
Me: Enter.
Other Indian Dude: Did you press enter?
Me: Yees.
Other Indian Dude: *slight pause* *muffled voice* Sir?
Me: Yees.
Other Indian Dude: Did you press enter or return?
Me: Yees:
Other Indian Dude: What is on your screen?
Me: I see naathing.
Other Indian Dude: Nothing?
Me: I have… very slow internet. I live in old part of Russia.
Other Indian Dude: *waits* So is there anything on your screen?
Me: Yees.
Other Indian Dude: What do you see?
Me: I see woman.
Other Indian Dude: Excuse me?
Me: I see woman. She is not have the clothes.
Other Indian Dude: *muffled* *pause* Sir are you at the teamviewer site?
Me: Thees woman has very beeg teets.
Other Indian Dude: *rustling in background* Sir?
Me: Yees.
Other Indian Dude: What do you see?
Me: I see a naked woman.
Other Indian Dude: *pause* *in VERY Indian-y voice* How is this possible?
Me: You ask me what I see on screen, I tell you what I see on screen. I see teets.
Other Indian Dude: Sir this language… it is abuse. This call is being recorded and you are abusive sir.
Me: Yees.
Other Indian Dude: *definite laughter in background* *angry voice* Sir this is not… this is abuse. This is, this is not what you see. This language is not acceptable and this call is being recorded and will be given to the… to the FBI.
Me: Yees, I see thees woman. She has very beeg teets.
Other Indian Dude: Sir we are with Microsoft and we work with the FBI, and you, this call will be given to the FBI. You will get a call from the FBI in five minutes. *noises in background*
Me: Yees. My name is Victor Bolishnikov. Tell FBI to call my cell phone.
Other Indian Dude: This call, it’s given over to the FBI and you will get a call from the FBI in five minutes. *hangs up*
Every time I listen to this thing, I laugh my ass off. I wish there was a way to upload the audio file to this site. I might put it on YouTube. I love prank calls and screwing with scammer jackasses.
Needless to say, I didn’t get a call from the FBI five minutes after he hung up. It was pretty obvious what they were trying to do. Pretty damn evil in my opinion. TeamViewer lets anyone remote into your computer, if you give them a Partner ID. No telling what these shitheads are doing to people.
Deborah
Hi! I really enjoyed your post. I am currently trying to get my money back. I know this company won’t return it, but I have asked the bank to investigate these thieves and to make a real impact on this evil scam.
Simon
Got a phone call in Germany today with the same scam. Number was 0080162031
TJ
Go a call today from 212-777-3456. its fun to annoy em 😀
Richard N
I have been doing computer service calls for over 20 years. It surprises me how easily people can be fooled. I have had customers who have fallen for the same scam. The scammers actually have the guts to create a windows security password (different then a log in password) which the scammers will change every so often to cause the computer owners to call into them for service. Entering the incorrect password will result in a message telling the user to call a specific number. I called this number using my own phone. This resulted in a voice message stating that “this number will only accept calls from known phone numbers” meaning you have to use the computer owners home phone (which they have on file as a result of the initial scam communication / setup).
Once I used the computer owners home phone to call the number from the incorrect pop, the call went through and was answered. After giving them the account number they had assigned the computer owner they went so far as to say that my voice sounded different from how the computer owners voice sounded during the scam call two weeks prior. So, they must be keeping notes and such to know whom they have scammed, voice type, etc.
During the call they asked me to run specific programs which would allow them to correct the problem with the password. I did as they wished while noting which processes were created in the task manager. Once I had that information, I disconnected the computer from the internet and uninstalled all programs they asked me to start and programs associated with the newly created processes during their login.
After the uninstalls and double checking the MSConfig of suspicious startups, I restarted the computer and everything was back to normal with no more password issues or missing desktop icons.
What clue does this message give to investigators? They are now using VOIP or some other means that only allows a known phone number (scammed computer users phone) to call into their support phone line.
jeff
david, this was excellent — same too for those of you who did similar tracking. here it is, 28 november 2015 and i was just called by them, so its been going on for years. however, i couldn’t pull off getting more info because she hung up on me after 10 minutes. their tel. number came up as 417.833.8296. what really concerns me is that certain people who are trustworthy and not puter savvy can easily be scammed.
Colin Gray
On Satuday morning I got a phone call from an Asian ‘Microsoft Engineer’ telling me my pc had viruses which were critical I immediately told him he was a scammer and hung up.
2 minutes later he came back on asking why I had hung up, I decided to string him along for a while, he went through all the normal things that are reported on the web as a scam i.e. showing me the error report on my pc, carried on till he tried to get me to go to a website to download a programme to take control of my pc where again I told him he was a scammer and rung off.
2 minutes later the phone went again and I let it go to answerphone where he was recorded saying a number 16347970 which I think he was relaying to someone else beside him. I have done a search online for numbers relating to this number and found a site http://numbers-book.com/16347970 where one of the ip addresses relates to Gugal Pimpari in India, I don’t know if this has any relevance but it may be.
At 5 to 8 this morning got another call from another Asian voice ‘Michael a Microsoft Engineer’ I told him to him to get lost and hung up, hopefully this will stop them as they know I am wise to them.
Colin Gray
Just had a female try again got two words off me “P!$$ Off” and I hung up
brendan pocock
do these guys actually hack the computer?
Phil Cooper
I’ve had 2 calls this week who wouldn’t go away even when I told them I’d been in IT for over 50 years (I wrote my first programming in 1965!).
After around 15 minutes of my telling them they scammers, both threatened to block my computer so that no one could access it, even me.
The second one called me back 3 times when I put the phone down on him
Mike
Have had fun with these idiots over the last couple of days. Pretended to be offsite and told them my secretary was having problems with computer with a popup that froze screen with their 800 number on it. Had them call the main Homeland Security number asking for Yaza A Bitchz and even the main FBI number asking for Agent Mulder. They were using a web domain with .tk but it’s since disappeared. Guess making them change their 800 number a number of times on it got them pissed. For those who do get them on the line, have some fun especially when an Indian guy tells you his name is Ron.
Hirano Azusa
I’m so happy to find this. I just got hit all the way in Singapore. It was quite hilarious on hindsight but at that moment it wasn’t so funny. We basically started yelling at each other over the phone (how dare he say I was asking illogical questions) and he hung up and wished a Merry Christmas. Within the hour, I was at the police.
Does anyone have any ideas how to trap this guys and what I can do to really annoy them? I’m not a programmer and I don’t have any knowledge on how to dig out their IP addresses or whatever. I really want to pay them back for ruining my Saturday afternoon.
Joe Ramsay
Just helped a customer in a music store this afternoon in a panic because his DJ laptop had been totally messed via this same scam. Not sure why he came to the music store with the computer problem. The scammers used citrix launcher to access his computer and disable virtually all of the services in Windows 7 — so it made it appear as though his laptop was messed up. They wanted $499 to fix it (i.e. problem that they created), dropped it to $299, then $215. Thankfully, they didn’t drop any malware in the system so going into the config app and re-enabling all the Windows 7 services fixed the problem He was one happy guy. Good thing I happened to stop at the store.
Valéria
Scam running using South African telephone numbers. Just got the call but CLSID trick gave me all the info on the internet about the scam. They have a good technique. Amazing.
Stefan
That Scam called me today in northern Germany. His name was “Alex from Microsoft”. I let him go as far as i typed the assoc and pressed enter. Googling while that i found this website and took it as a reason to yell at that poor fool that he was not from microsoft and that he was a scamer. The i bung up. Only seconds later he called me again and said, that he was a “f*cking terrorist and will f*ck up my life”… I was a little scared took my wife and baby boy and went to the police. Not funny at all!
Arne Vegard Sveen
They called me today from “Microsoft headquarter”. I live Norway and in the Norwegian press (mainstream papers) many articles have been published about these scammers. I just said – I don’t want do talk to you, and shut up the call. Very interesting and funny to read about the computer experts in this forum who go into a “dialogue” with them. They deserve it.
Tommy D
I live in Chicago. Recently received a new landline phone number. Part of their verification process was to confirm my address, I’m guessing the address they used was from whomever had my landline number before me.
The first time I pushed back, I asked them how they could possibly know that I was having issues. I gave them no information and just kept asking him questions I knew he could not answer (they were somewhat technical). The caller finally became frustrated and started telling me things along the lines of “you are an a$$hole, your wife is having an affair with a n****, F*** you, etc”. I did not think they would call again, but to be safe, I blocked the number.
I received a call today on a different number, before they could say anything other than they worked for windows, I told them the call was being recorded and they were calling a business line…they hung up immediately. I blocked this number as well.
I’m hoping the method of telling them the call is being recorded and is a business line will get them to stop calling.
Ish Kabibble
Best way to stop these ?@!$#*%&s is to do what I did, I purchased an air horn which you can buy most places that sell emergency supplies, out-door sports stores, etc. At some point during your conversation with the scammer, ask them if they need your banking info or credit card info. They will immediately say “Yes!” This is when you get your air horn and when you ask them if they are ready to receive the info and they say s yes, you blast the air horn into the phone handset where you speak into and after about 4 seconds, check to see if they are still on the line? I guarantee they will not be as they are trying to pick themselves up off the floor and wonder what the H*ll just hit them!!!??? Trust me, they won’t phone you back. Only once did they call back and it was a different person telling me that I injured his fellow employee. I told him that I didn’t know what he meant but only that I have been having trouble with my phone line making weird sounds. I told him that I would contact my phone company and place and complaint right away. As he was telling me that I had better, I gave him a blast too. Never heard back from them since. We all need to do this so that they will never be sure who is going to do it to them. Spread the word Brother!!! Go Canucks, Go!!!!
Scott
In addition to the air horn,
Say the numbers in a slightly decreasing volume, so that they listen more carefully and maybe turn up their volume,
then blast them. LOL
Mary Lippy
I have noticed recently they no longer are making phone calls to scam vulnerable people , they are now using legit microsoft programs to locate any IP’s they can connect to and establish connections through common ports like port 80 and port 443 , 6280 and the IPv4 on the wireless adapter, office word 2016, dropbox, and onedrive. I turned off all remote access points, I disabled my webcam , and paring devices and so on, and they still find a way to establish themselves that I am finding in my cmd on a daily basis around the clock. I had taken my brand new laptop directly to the computer repair shop and had it all flushed out and completely updated with most current microsoft security and other software and it wasn’t but two days later at home connected to my private network- I got an automatic update from microsoft replacing all of my most recent updates. Those vicious stalkers are thinking I will turn to their online tech support if they are patient enough. Thing is they haven’t gotten a dime out of me and because of that , they get furious thinking I am responsible for wasting their time and they have in the past destroyed many of my devices and other laptops.
can not believe it
Very disheartening to hear they don’t give up. I too didn’t pay the money they asked. Honestly I hope they 200 dollars is all they wanted. I’m having sleepless nights worrying they may have gotten account number etc..
Paul Mitchell
When I received the latest call here in southern Oregon from these scammers, I just answered everything they said with “No, you’re not” or something similar.
Female voice: “Sir, we are calling from IT support for Windows.”
Me: “No, you’re not. What state are you calling from?”
Her: “Missouri”
Me: “No, you’re not, your caller ID says Illinois.”
Her: “Your computer is infected.”
Me: “No, it’s not. I have three computers running in front of me and none of them are infected with anything.”
Her: “We received notifications for the past week your computer is infected with malware.”
Me: “No they’re not. I scan all three of them every morning when I turn them on and they are clean every morning.”
Male voice: “Yes, they are infected.”
Me (excited): “Oh, boy, a new person. What is your name?”
Him: “Mark Wilson.”
Me: “No, it’s not. Your name is not Mark Wilson.”
Her: “Sir, please press the Windows key on your keyboard and press the R key.”
Me (bored and ready to end the call by getting them to hang up): “Oh, you want me to use the Windows Run dialog box to start the CMD command processor so you can tell me how to find the CLSID that you will tell me is proof that my computer is infected, when that CLSID is the same on every Windows computer. You’re not really from Windows IT support and neither are your buddies who have called me before running the same scam!”
Her:
Best two minutes of fun I have had all day!
can not believe it
April 2016. They got me. I’m freaked out. Who knows what the got while they were fake showing virus.
While I was online a black computer screen with grand letter flashing emergency you’re computer is in danger please call number on bottom. Nothing I did got rude of screen. I was basically frozen. I tried logging out and still couldn’t rid of screen. So I called the number. An Indian guy answered. He said he was with Microsoft. He said I was hacked and he needed to get it. I let him. First he told me to press control r. After he had me punch in a this iexplorewww.support.me after that he was in my computer. While he was showing me all my unprotected file he was asking personal questions like my email address, my home address and finally he asked my age and told me he could fix it for 200 dollars. That’s when it did finally hit me that he’s scamming me. To little to late for me. I hope it’s not to late for everyone reading this post. I m freaking out and extremely upset at myself. .
David Gol
April 2016. I got a call two days in a row. First day I was suspicious and hung up. Second day I was in front of my computer. They told me to type ASSOC, so I did, then looked up this scam. Thanks very much for publishing this. I asked him what religion he was. Then I asked him if he was worried about his eternal soul, calling people up an stealing money from them. He started telling me how he was trying to balance out the world, and that there were poor people in India and Afghanistan. Then he put on his “supervisor” who cursed at me a little. I started laughing, then he got on again and started telling me about poor people again. I got bored and bid him goodbye.
Sarah Lind
Thank you for this post. Confirmed my suspicion of this scam and scolded the caller prior to hanging up. Desperate times called for their desperate measures, sadly.
Thanks again and rock on.
Harriett
Beware:ReImage it took all of my personalization off my computer. The want to charge me after I had purchased the
ERROR REMOVER $15 PER CALL TO REMOVE PROBLEMS. I realized that ReImage was the origin of all the
problems.
DL.
They (meaning Wavene Infotech…yep, I will say right now who it was, and the tech guy was named Alex D’Costa…who despite his name sounded Indian of course) got me on April 26 at about 10:30 am and I bit the cheese, for $199.00. they put a whole bunch of stuff on my laptop which I have removed (esp. the AMMYY) and now have paid for some other nati-malware software. Same BS as what happened in the article without all the command prompt stuff–I guess they have gotten more advanced…but the thing is there really were two bad files in my Event Viewer with red-circle-Xs in them, one was a trojan and the other was malware, which I think they themselves managed to upload to get me to pay the $199.00. Wavene is an Indian company that also has an office in the USA, California somewhere. I let the Federal Trade Commission know about what they did, but don’t know if they will ever do anything about it.
A Moore
Yep, just received phone call pertaining to be from a company working for Microsoft, computer in critical danger. I asked for verification and he said to check a web address via Google. Asked me to press the Windows key and ‘R’. Did it but played the idiot, he lost his patience with me and passed me to his ‘supervisor’ who tried to lead me through it. I kept him hanging around on the phone while phoning on my mobile for ‘advice’. He hung up.
Very noisy background to sound like a call centre, Sounded like they were African.
Mary Wilkening
I had someone call me last week and told me that I had a severe virus that several people had been affected by. They said they were working for Microsoft company and his job was to help find and fix all of the pc’s that were infected. He wanted my serial number from my pc and when he got that he was all over my pc. So after around 20 min. he said that my p.c. was shot and it was very full of viruses and malware. It had to be cleaned immediately. So they took the around 20+ min to remote into my pc and said he was able to rid all of the bad stuff out of my pc. THEN is when he asked for $159 for one year and $249 for 2 years and could I give him my charge card number. I said nothing was said about any form of payment being due for this service. I said I don’t have any charge cards. He kept saying I could use a Visa, Again I told him I had no credit cards. He went to his boss after putting me on hold for 10 min. and said he could give me a discount and charge me $139. I told him it didn’t matter that I didn’t have any money. He had the price down to $129. and that was the best he could do. I told him I had it figured out. He was trying to scam me and I’m calling his bluff. He was very upset and said he would call me the next day to get everything done for me. I was laughing by then and said not to worry about me, I have Kaspersky and a very good lawyer. He then said thank you for your time madam. Then hung up. Haven’t heard from them yet. Lol! This sounded a lot like the person above me. Very noisy background it sounded like a call center, Also like they had African accents.
Haylie
I fell for this just yesterday. At first it seemed legitimate, so I gave him remote access. When he asked for money I took his number and told him I would ask my parents. Now after figuring out what had happened I have to completely wipe my drive and reinstall windows. Luckily I only had the computer for a short while and didn’t have any info on it
dale lemley
Today is the 19th of June 2016, scammers just tried scamming me using similar tactics, luckily i had no money for them to scam me out of..this is the phone number they used, & said they were in India…888-457-0940.
alex
i got the phone call for “fastsupport.com” same scam. “have you seen any pop ups?” “how is your computer running?” “go to this website” i kept telling them i was getting errors and made up error codes. kept this girl on the phone for over 3 hours before i chastised her for trying to bs me.
Lc
These guys are my favorite. Bait away, but note the following: 1) they can’t go off-script. I’ve gotten prolonged calls from them twice now and both times a supervisor noticed they were offscript and took the phone from them. No official “transfer”, just walked up and took the phone. 2) their company does not allow them to disconnect a call on their end. EVER. Turn it into a game of seeing how long you can keep them on the line and they will never be the ones to disconnect! 3) do NOT use the word “hack” or “scam” or any accusatory language. It triggers something in the script that gives them reason to disengage (they’ll make a statement in a foreign language into the recorder and leave), and then there’s no fun! Instead, I recommend marriage proposals, conversations about cats, and how Apple users around the world are so so grateful for Microsoft’s investigative team’s assistance in these important matters.
This is what happens when you call me uninvited in the middle of the night, idiots.
BC
I receive these calls every few weeks on my works phone, they use exactly the same process as described.
One of the first times they called, I challenged the caller to prove he was from Microsoft or knew which computer I was using. He told me that microsoft don’t just call anybody. I pointed out that is exactly what a liar would say and I couldn’t take his word for it. He eventually got frustrated and asked “are you dumb sir? f**k off! f**k off!”.
On another occasion I played along for a while before exposing their tricks, I asked the girl how she felt scamming innocent people. She said “do you know who the scammer is? you are! It is people in England who show us how to do this so it is your own people who are scamming you, not me”.
Whenever they call now, I try to keep them on the line to waste their time. I pretend to be really concerned as I know nothing about computers, this gives me an excuse to take forever to find the keys they ask me to press. My favourite trick is to play a door bell sound effect on youtube a few times during the call, so I can pretend to answer the door and leave them waiting for minutes at a time.
Norm W Griffin
i received a call from peter matthew claiming from Microsoft number was 1800 2701295 at the end of conversation he asked me to pay through western union in the name of prashant goel some indian name earlier same guy has robbed me of 380$
Alex
I just got the scam about an hour ago.
What an annoying hassle now that i know the whole thing was a ploy.
Was on the phone for an hour and as soon as she wanted me to pay over the phone i said hell no. But unfortunatly was gullible enough to let her into my comp. It seemed as though i could see everything she was doing but is that true?
I have some very personal info on my comp that could be a very big problem if she were to get ahold of it. I know she has my IP and a ssn, i just got ‘lifelock’ and im watching my accounts closely so far. Is there anything else i should be doing in the meantime?
Do we know if they are able to do things on our comp without us seeing it happen?
AYAAZ
Posted on November 7, 2014. 1:20 pm
I never hang up, i play them for as long as i can, i take the view that if i’m playing with them like a fish on a line, they cant be scamming anyone else.
I basically play the daftie, keep making mistakes, pretending that i dont know what i’m doing. That invariably gets you transferred to a supervisor, and then i play the whole lot again. My record is 54 minutes, eventually they get cross and start to become abusive, but i always keep them going and force them to be the ones to hang up.
Dont get mad, get even, if we become a pest to them, they will eventually stop
Moe
November 20th 2016.
Right after cancellation of subscription to nurtum, for one of my friends, and more specifically after removal of Nurtum security this friend started first having screen flickering badly and inability to use explorer since hard drive is kept very busy for some reason, then after fixing this issue with windows restore keeping Nurtum files untouched, scam pop ups appeared and my friend got syskeyed later by Fastsupport website guys.
Any way I was able to revert system32\config back (booting with Active disk recovery live CD) and again access to system on which I installed comodo security free and finished the clean up, again I decided to get rid of all traces of Nurtum and I had the busy hard drive and the flickering which I was able to get rid off for good with the Nurtum uninstal tool (unable to determine what this tool does exactly 😉
Anyway it is too of a coincidence that my friend got scammed and syskeyed right after she decided to cancel and get refunded for nurtum 🙂 subscription, it’s looks like a reluctant customer punishment !.
I noticed also that these guys have legit verified websites with local united states numbers with pro fully featured remote assistance tools and have experience dealing with customers and have very decent knowledge about computers : for all the above reasons they appear to be legit remote computer support technicians and customer support subcontractors that could be for hire occasionally for intimidation punctual jobs against reluctant customers of some famous antimalware products !
joe
there are increased signs that these scammers are actual tech support sub contractors with phone relays based in the states, that do scam people as a side job and at times but it’s funny coincidence how some people get their computers infected or worse syskeyed by these guys right after they cancel their anti malware subscription !
weirdo
They did it in Canada to me
SHeila doyle
How do you unblock a startup password which a guy named Barney Edwards from Microsoft put on my computer because l wouldn’t fill in my details personal and banking. I haven’t access to my computer for over a week.
Not a Computer Expert
I have a question. Are scareware websites illegal in the US? If a website is mimicking, for example, a Microsoft website and uses the logos in the website, can they be sued for copyright infringement? I’m sorry if these are stupid questions.
JPhillips
I don’t think that is a stupid question at all!! I was looking into why I am unable to log into the website for changing the password on my wifi network. I was Googling different sites for “how to change wifi password 10.0.0.1” I don’t remember which site I connected to, but as soon as I did my browser froze and another separate window ontop of the browser appeared. There was a repeating audio loop that said in a very, ominous load tone that Microsoft had detected a virus and that my computer was under attack, warning me not to shut my computer down, and that I need to call the ‘Microsoft’ number before it affected their system. I almost started laughing except that it was indeed impossible to shut down my browser, so that started to freak me out a little. Trying to stay cool, I jotted down the number and hit Ctrl+Alt+Del to get the task manager up. There I was able to shut down the program that was freezing my machine. At that moment I did what I had been planning on doing all week and called Kaspersky to, finally for the first time, purchase AV software. I was finished shopping around and dealing with free AV software that almost acts like malware itself. I’m extraordinarily happy I made that wise move.
I cannot locate the website in m history for some reason, but here is the number I wrote down if anyone wants to call and find out what the deal is with this malevolent website. I don’t want to deal with it. I have enough probs. lol! People who do this stuff are just pure evil and deserve whatever Karmic repercussion they get. It’s US based >>> 1844-850-6811 Block your own number and have fun!! 😉
Josh
My neighbor just had the same scam happen to him. In Canada. He called me to tell me that he paid 290$ US to Microsoft because something expired and he had to pay for a lifetime licence. The number was 1-844-811-8783. I ran over and shut off the computer while they had remote access before they had a chance to do any damage. Had him call up his credit card company to dispute the charge and have his credit card cancelled.
Shirley
844 is Russia. They almost got my Dad. They are calling him 2x per day to try to get him to pay $350. They use teamware , citrix and install their own firewall.
Carol
I have been getting these calls for several years – will it never end? How can I stop them from calling me?
saira
How can I kill the porn pop ups? They are disgusting.
Robert Eiusenhardt
Just got the call – last night – Indian accent from “my IT department” advising me that ….. and that is as far as he got. I am a professional consultant and employee of a malware forensics unit to boot, so I chewed him out for 15 seconds and hung up.
Lee Roth
These scam scum called me… they must have had a rookie that only could read the script… I told them stuff like:
– I’m a computer security professional (true that.)
– I have Linux, not Windows
– I have to let my sergeant know about this
– I told them (after they gave me steps to do) about a popup “This is a scam!”
– I played audio of a police siren
But they just kept going! Finally, they hung up on me after hearing two minutes of this in the background while I was pretending to be a fumbling computer user
– I played recorded audio of an active police dispatch frequency
– I played polic
Will
I had one of these calls today, they are still at it. The name used Peter Wilson, same as at the start of these posts.
The CLSID exactly as in earlier posts. I let them go on and on, me doing nothing, at some stage they asked what I could see on the screen and I told them it was exactly what they had asked me to type. They then asked what I was typing in, I told them, word on my iPad, they hung up.
Jimmy
Thanks for the post. Still getting calls like these today on June 5th, 2018
Michaelgiovani
After about 25 minutes I exclaimed oh my GOD you fixed it, thank you thank you thank you, you guys are amazing etc, the scammer stuttering now said well you must pay, I interrupted him and said oh I didn’t know there was a charge, not interested and he freaked, LOL
Rob
Since retiring I get at least one of these calls a week. Sounds like their calling from an Indian restaurant.
Depending on my state of mind, I like to play along and see where they go with these scams.
The main issue with these scams is the failure of Governments/Telcos to nail these dudes, prosecute them and put them out of business permanently. This could be done with a bit of inter-Government co-operation. If they posed a security risk, terrorist threat or accessed a Government Defence network, the security agencies would be all over them – but, hey us common punters have to continually endure these scams as Governments are just too lazy and don’t care about about the average punter.
Melinda McCoy
I just got one this morning from a female claiming to be from Microsoft. She went through her entire speech about my computer being hacked and malware had been installed. I asked her, how do you know this because my computer has been in the shop for a week. She hung up immediately. My computer is not in the shop, but she didn’t know that. I’ve had these calls before and I was ready. I got rid of her and kept my money.
Mike
I am retired now, so when not busy, I play along with such callers knowing that while they waste their time with me, they aren’t stealing someone else’s money. Since my first college computer class was in 1971, I have been programming, and building computers longer than most of these scammers, as well as their parents, have been alive. I used Kaspersky for many years. Great product & great price. ;>)
Stan
Just ask the caller what operating system your computer is using. If the caller says Microsoft or Windows, reply it’s an Apple … or vice versa.
Iben Sihm
Hi all
They called me today Peter Wilson from Microsoft number +33 6727249935 (France) and he said he was calling from London – NOT and a women 10 min. later regarding the same from number +45 21322221.
After a long sales talk from “Peter” I informer him that I didn`t have my mac (he was unsure if it was a Windows or mac) with me he will call me back on Saturday 9 am.
Pep
I have received today, march,2019 the same phone call In Barcelona (Catalonia). They had Indian accent and they said to call from the States. I was following the call until i have stopped in the enter CMD step, then I I said that I wanted to check in my cell phone if was a scam and the girl began to become nervous theating to choose between continue or block my windows license. Then I hung the call.
I am really surprised that your blog is 2014, 5 years ago! and still doing this scam.
Thanks for post it. It really helped me to be cheted.
Amanda Perrault
This is still happening. My uncle got hit with this Friday. Thank you for your post. I was able to get to the command line and type msconfig and end the safe mode restart.
Andre van M
Just received a call from “Samual Watson” from “Microsoft”, here in the Netherlands. When I started asking them some questions, Samual became upset and started swearing I questioned him why employees of Microsoft are showing this kind of behaviour while I was only checking his credentials…
maud
Today they called me several times, I hang up. Said he was Viktor William from microsoft. He asked my IP nummer, he had it and I had to check is, there were problems with my computer. That cant be, sow I hang up. They called 4 times, from the numbers 00495409195179 00495217728589 00495152973915.
Maria
This still happening . Madrid, December 20,2019 got the call and I got scam. Same people , same story but easy to get into their story if you are not familiar with computers. thank you
Sue
I just wish there was a way to stop them ringing me! They started in 2014, and they are still trying it on! Spurts of several phone calls a day for a week or two, then a few months respite. Yesterday it was three times, and this morning it started at 7.30am, and again at 8am! I’ve tried everything – loud piercing whistle, playing them along, leaving them hanging on the phone, saying I have a Mac, saying I don’t have a computer, and telling them to fuck off! This is harassment! I tell them that if I haven’t fallen for their scam in 6 years, do they really think I would eventually give in??
Heather
We need help my friend is name Kelly he is a retired veturn his mother passed away and he is in the middle of a scam of windows now they said that he was getting a 600.00 refund but some how got scammed out of 20,000. Its frozen right now in the middle of fighting for it back is there anyway we can prove this is a scam to the bank and the police to get that money back to the right owner.
jocecazalot
Not only in UK, and US, these bloody scammers scam good people in India too. These scammers are are not humans, they do not care for others, they just want to become rich.
Peter Dempsey
I get these calls a few times a week. I never hang up – instead my aim is to make them hang up in frustration. You just have to insult them (“Why do you smell of curry?”) or say ridiculous things to them (“I want you to install a Trojan Horse”). My record is 20 seconds. If you get the scammer to hang up then you have won.
Johntengo
It is a scam after all why my computer go slow first place and second or third I dont have to say
Phyllis
I believe this same thing has happened to me. However, I’m still looking into the matter. So very appreciative of your Article.
Chris Turner
<they are still active targeting UK now 01 Feb 2024. Just received the full scam from a phone call.. The got me to look at the system event list, then run the "assoc" command. I stopped them there and said i did not know what the assoc command did and I would have to research it before continuing. He said he would call back. Searching the scammer and assoc command lead me here! so thankyou for confirming the scam!.
They knew my name and have called many times in the past. I usually just swear at them but this time I thought to waste more of their time.
Mitchalene Rutherford
Received an email stating I will be charged $599. for microsoft defender for endpoint. I never ordered. They included phone # 855-623-0015 which never connects.