A few days ago I received my first scareware phone call at my home. I get telemarketing calls all the time, robocallers that call and hang up but are really collecting the time when I answer so when the person calls back they have a higher chance to get me on the phone… people cost money. Anyway, when I picked up this one and he started his script I got a little excited. In hindsight I went for the kill too soon and didn’t keep him on the line long enough but lessons learned for next time. PC Speedy was the company he claimed he was from and here’s how this company and their tactics work.
The gentlemen, with a heavy Indian accent, started the call by asking for Mrs. Binary Blogger. I asked what this was in regards to and he jumped right in and said they had detected a problem with her PC. I immediately knew what scam this was and jumped in. I started out too strong, “OK, you detected a virus and you need me to download your software to fix it right? What virus do we have?” The guy was immediately thrown off script. I continued digging into him “Our PC has been acting slow, how can your software help us? You want me to download it, connect to a site so you can take over and check it out, I know your company’s software.” The guy continued to stumble then started to get strong with me. I told him to hold on and hit a few buttons on the phone. “What was that?” he asked. I said that I have a unique job and initiated a geo-trace since I know you are not calling from the 584 area code that the caller-id shows. “Don’t worry about it, this goes through all the trunks to the source, ID masking is cosmetic only.” I replied. (I really don’t have anything like that… yet).
For a few more minutes I carried on with him and at the end I said “The more time you waste with me the less time you have to scam someone more gullible.” He then hung up.
Too excited and wasted an opportunity.
Here’s how the full scam works –
1) They call you telling you they work for “The Internet” or your Internet company and they have detected that your PC is infected or running slow due to viruses, malware, problems, etc…
2) The person gets scared and just accepts this as truth and lets them carry on. The caller then points them to a website to download their cleaning software, in this case PC Speedy. Now this is where it gets scary and slimy.
3) They user installs the software and then is asked to connect it which enables the company to remotely get into the person’s PC and do whatever they want, like copy all your files off in the background. My Documents, custom folders, web cache files, etc… All while they are claiming that your PC is heavily infected, which in most cases it is not.
4) The scam goes on to buy the worthless software or not but your PC has just been owned.
Scareware – Scaring the gullible into doing something. 99.9% of the time it’s B.S.
Here’s some recordings with them –
Always question, ask and when it comes to your technology or accounts never believe anyone that calls you first.
End of line.
Binary Blogger has spent 20 years in the Information Security space currently providing security solutions and evangelism to clients. From early web application programming, system administration, senior management to enterprise consulting I provide practical security analysis and solutions to help companies and individuals figure out HOW to be secure every day.