I would hope that most of my friends and family would be savvy enough not to fall for something like this but, just in case, here’s a brief overview of an attempted scam some Indian bloke just tried. He wasn’t alone either, as I could clearly hear at least two other people in the background.
My landline phone rang and it just said ‘CALL’ as opposed to ‘UNKNOWN’ (which is what it usually says when someone withholds their number). As such I deduced, before I even answered it, that it was a VOIP or foreign (or both!) call. I answered and was greeted with a “Hello, is that Mr Morley?”. The chap had a very strong Indian accent and claimed to be from Microsoft. At this point I figured I had 2 options: 1) hang up or 2) go along for the ride. The guy knew my name, and he was from Microsoft after all – so I went with option 2.
His tale went something like this. He received an alert through the Windows update system that my computer was running slowly and if I had more than one window open it was running too slow. He asked me what anti-virus I used and I made up the most random name I could think of, something like “Kablooey Anti Virus” – if I ever make any antivirus software I will make sure I call it Kablooey! He told me he had not heard of that one but he knew that AVG, Norton and McAfee were unable to detect or repair this virus (pronounced ‘why-russ’) and it was very dangerous. He never explained why it was so dangerous, maybe next time I will ask. He then asked how long my computer took to load up so I told him about 2 minutes. After a sudden, sharp intake of breath he told me that was far too slow and it should be quicker. I wonder if I’d have said ’12 seconds’ I would have had the same response?
So, anyway, after agreeing that my computer ran too slowly and I clearly had a virus he said that Microsoft had a special offer at the moment. He asked if I had a pencil and some paper ready, and I said ‘yes’. But the joke was on him because, in reality, I actually had a pen! He told me to write down the following software names: ‘Advanced System Protector’, ‘Advanced Email Backup’ and ‘Advanced System Optimiser’. ‘Advanced System Protector’, he told me, is based on artificial intelligence – ‘wow’, I exclaimed, ‘really?’. He didn’t seem to share my enthusiasm. If I download and install these then I will never have any problems again, my computer will be hazard-free (his words, not mine).
I then started getting a stronger whiff of the upcoming scam…: “If these softwares were bought in the market they would cost £300 but we can offer you them for free. Do you know what a license key is? All software is free, you never have to pay for software, you just pay for the license to use it. When you bought Windows it was actually free but you pay for the license key to use it. The license key for these softwares is £26.33 each so £79 for all three. Because we are Microsoft, we don’t want you to pay for these so we refund you in the form of a one year support agreement. If you have any problems then you call our Microsoft Certified Engineer who will fix all of your problems free of charge because you paid for the software licences”.
I was waiting for him to say ‘we just need your card details’ when, instead, he asked if I’d like to see the information log that had alerted Microsoft to the problem. Intrigued, and knowing what information I shouldn’t give him, I said ‘ooh, yes please’. He then asked me to turn on my computer – I made him wait exactly 2 minutes while it ‘loaded’ – and then he asked me to open Internet Explorer. I made him wait again while I carried on writing some notes about the whole conversation, you know, cos my computer is running really slow because of this dangerous why-russ. He told me to type into the address bar (“that’s where you type your website addresses, the long bar at the top” he informed me) ‘www.teamviewer.com’. Now, I have used this site before (for rather more legitimate purposes, I hasten to add) and I knew what it was capable of – that is, complete remote control of your system. I could imagine where this was heading and I knew for a fact I wasn’t going to go along with it that far!
After I confirmed that the site had loaded he said ‘Do you see a blue bar with a lady pointing at a box?’. I told him I could and then asked “is that you?”. He replied, slightly bemused, “no, I am a man”. “Oh, I said, I thought your voice was a bit deep for a ladyboy”. It garnered no response. Shame.
I was taken through the motions of installing the software and then he told me to give him the ID and password. I made a quick note of the legitimate ID and password so I knew what format they were in and then gave him two completely fictional values. I could actually hear his eyes light up for a fleeting moment before telling me there was an error. I got him to read back to me what he had entered to make sure he had heard me correctly; “the line to India”, I explained, “sounded a bit crackly”. I made him read it slower in case he had heard it wrong! I read it to him ridiculously slowly to make sure he got it. Of course, it would never work – the numbers I gave him were completely fictional. I tried to blame his firewall, even suggested that he, himself, may have a why-russ. He wasn’t biting though, he just insisted that I must be reading the numbers wrong.
Without me giving him my card details or access to my computer I couldn’t see how this could go any further. So I confronted him – the following is paraphrased and prefixed by ‘M:’ for MaFt and ‘S:’ for Scammer.
M: If you’re really from Microsoft, which you’re not, how come you are using 3rd party software for remote access to my computer?
S: TeamViewer isn’t 3rd party software. It is good software that is compatible with Windows.
M: But it’s not Microsoft software, therefore it is 3rd party.
S: It is software that is compatible with Windows.
M: But Microsoft have their own software for remote accessing desktops, it’s called ‘Remote Desktop’, why don’t you use that?
S: Only tech support can use that, we need to use other software because we deal with why-russ.
M: But why can’t you use your own software?
S: We are, we use TeamViewer because it is compatible. I could explain but it will be too difficult for you.
M: Try me.
M: Try me – explain the reasons and I will tell you if it is too difficult for me.
S: Listen, I don’t have time for things like this. Please can you give me the ID and password.
S: I’m sorry?
M: You’re a dirty little scammer.
S: Don’t be rude to me.
M: Stop trying to steal my money and take over my computer and then I will stop calling you a dirty, thieving, scummy, little shit-bag. Because that’s what you are.
S: OK, I’m going to end this call and block your Windows license key.
[and now my favourite part]
M: Good luck with that, I use a Mac!
Since ending the call I was shown Ryan Cullen‘s blog post from May this year (read it yourself here). While I didn’t get as far as downloading the suggested software it is probably safe to assume that it would be the same company/website involved (Itezy.net).
I have also contacted TeamViewer.com who are already aware that their service is being abused by conmen/scammers. They also informed me that it is being dealt with by Scotland Yard although when I suggested they post an announcement on their home page about the scam they didn’t seem to respond…
So, there you go, be careful out there! Looking at the replies to the above blog post it looks like a lot of people are falling for it. Tell your parents! Tell your children! Tell your cats! NO ONE IS SAFE!!!!