Binary Blogger Messes With Another Telephone Scammer (NSFW)
4 min read
I will begin this post that the last minute is Not Safe For Work (NSFW) language, not from me but from the caller.
I received another telemarketing, masked call this afternoon and recently I have been answering them all and messing with them. No matter who they are I waste their time. I have also been getting the far too common scam phone calls as well. It’s these that I have begun recording and posting out because these scams need to stop and they can stop as long as the people know that it’s all crap. Now as a side note I only started getting the rash of telemarketing calls once I cancelled my DirecTV service. Searching around I have found multiple articles that DirecTV has been knows and heavily accused of selling your information to anyone on the street when you cancel as pay back. Well, I have the time and dates of when my phone started ringing off the hook and when my DirecTV service ended. Six years before that I got maybe 2 a year. I have almost one a day and been working to block all those to get it down.
This call is based on fear and on trusting that the person being called has limited or no knowledge around their computer and how things work. The call starts off by throwing out the Microsoft name, IP addresses (that aren’t real), infection, registrations all trying to sound legitimate. They aren’t. It’s 100% lies and falsehoods. Everything they claim is not possible and never would be to a regular user. If you have a computer, there are some people who get scared into thinking that if they don’t pay they will lose their computer, photos, files. But in reality they are losing their money and if they hook up TeamView or LogMeIn they will be losing personal information and all their files too. Bad stuff and so easy to tell people to avoid.
Here the recording of my latest call. The quality is so-so because when I get them I throw my phone on speaker and place my portable HD recorder next to it. I fire up a VirtualBox Windows image that is isolated and a bare installation, nothing on it. That if I do allow them to connect, they are connecting into a sandbox of nothingness. In all honesty I started to look around the Darknet to find a copy of CryptoWall to place as bait to get them to download. But finding the actual distribution code for that is very, very difficult and risky. But that’s the level I’m willing to go to hit these thieves where they deserve it. I’ll find something they can download. Phase 3.
Here are the highlights to educate the less-than-knowledgeable people in your lives that could fall for this:
- Big clue, the scammers never use your name. Not once did they call to validate anything about me. Big red flag. The only red flag you need. NEVER provide any information about yourself unless they ask for it. One big trick of a scammer is to get you to volunteer information and they feed off of that. Same way psychics work when they ‘talk to the dead’.
- No company name was provided. They went right into the scam.
- Microsoft will NEVER call you about any infections, hacks or breaches on your personal computer. Microsoft may be the maker of your Windows operating system but the way the world works you are responsible for keeping your computer clean. If they sound really convincing, hang up and call Microsoft yourself and they will tell you it’s a scam anyway.
- IP addresses aren’t assigned to you specifically. They are dynamic, they change, and if anything comes back to you through an IP address it will be your Internet Service Provider (ISP) that will call you about it. Not anyone else. You can go out yourself and use any IP address you want through a proxy. Don’t be fooled.
- There is no master registration system, no one can kill your computer except you. Think about it logically, if you are hacked, who cares? Why do they need to shut your computer off? Fear tactic.
Of all the scams on the phone there is one rule that everyone should follow regardless, without exception – NEVER CONNECT YOUR COMPUTER TO ANYONE ELSE FOR ANY REASON!!!
TeamViewer, that this scam had me goto, is a remote control software package. Had I connected the scammers on the other side of the world would have had full, unrestricted access to my entire system. Before I would know it they could have downloaded anything they wanted or even planted a virus to get me to see that I am infected. We didn’t get that far with this scam because I appeared I was going to pay. That is the worst part of it all, how easy it is to open a door to having all your photos, music, tax forms, documents, private information, backups all sucked away. Poof.
Spread the word, spread the posts, get the non-techies to hear these to know what to look out for. All you need to do it hang up.
Listen to the first scam call I received.
End of line.
Binary Blogger has spent 20 years in the Information Security space currently providing security solutions and evangelism to clients. From early web application programming, system administration, senior management to enterprise consulting I provide practical security analysis and solutions to help companies and individuals figure out HOW to be secure every day.
Subscribe
Facebook Page
Follow Me On Twitter
contactme@binaryblogger.com
