Scams

[NealebParticipant @nealeb]

On odd occasions in the past I have taken one of these spammers at their word, just to see where they would go. It used to be that they would take you into the registry to “prove” they were from where they said (“the Microsoft server”) and by finding some obscure field therein, and knowing its contents, they could “prove” that they had the licence id of your machine. Never really knew what that registry field was, but sure as eggs is eggs, it weren’t no licence id! I never took it to the point where there was any risk to my machine, but as a former IT security person I was interested to see the process. These days, it seems that they go for the system error log as mentioned above which always has some errors showing. “Those are where hackers are breaking into your system,” I was told. Well, maybe!

At one time I could stall them by asking which Windows machine – between my wife and I there are 9 or 10 around the house and workshop, all sitting behind the same firewall. Ask if they could give a system identifier, MAC address, local network IP address, or almost anything slightly technical and you are likely to be passed to their “manager”. These days, though, they just seem to ring off as soon as you show any sign of reluctance or hesitate about going along with them.

[Michael GilliganParticipant @michaelgilligan61133]

I have to admit my patience was tried this morning:

Caller: Good morning Sir … I’m from Microsoft, calling about your computer

Me: No you’re not … you lying, thieving b#####d: Now get off the line !

it was short, unnecessary, and very sweet.

MichaelG.

[Nigel Graham 2Participant @nigelgraham2]

Diogenes –

“Melvin” telephoned me. (Landline ‘phone – my portable ‘phone number is unlikely to be on any scammers’ directory as it is PAYG, not linked to the Internet and I use it quite infrequently.)

 

Mike –

Someone else told me he’s used Anydesk professionally, too; though I think it was a BT help-desk operator who had informed me it is a genuine site. I wonder if its manufacturers know the scammers are using it – or more likely pirate copies of it – and what they are doing about it. If they can do anything at all.

The computer repairer said he removed that but also “a couple of other things” the scammer had installed, so from your remarks I guess one of those might have been a “permit”.

The caller had taken charge of my computer abruptly and without warning – I do not know what it was he had asked me to do which gave him that access.

[martin haysomParticipant @martinhaysom48469]

should retitle this thread scammers training manual

[Nigel Graham 2]

On Nigel Graham 2 Said:

The caller had taken charge of my computer abruptly and without warning – I do not know what it was he had asked me to do which gave him that access.

As with any Microsoft O/S you do not know what software has actually been installed on your machine (eg by auto updates) so it is possible that there is already a ‘backdoor’ which has been discovered .

[Anonymous]

What’s the purpose of the phone call in that case, Frances?

[SillyOldDufferModerator @sillyoldduffer]

The usual way folk fall for Melvin and his criminal mates is that, by coincidence, the spam call arrives at just the right psychological moment.  If the victim happens already to be struggling with a computer problem, a call out of the blue on the subject seems to make sense, trust is established, and the scam activates.   Even smart people fall for it.

These calls are mostly made randomly by an auto-dialler, with no expectation that they will work.   They usually fail because the call doesn’t align with the potential victim’s circumstances:  easy for a Linux user to realise a call from “Microsoft” is fake!    But it’s extremely common for people to be stressed with some sort of computer problem, making them much likely to fall for ‘Microsoft’ if he rings at just the right moment.  Many variations on the theme involving Banks, Inland Revenue, Parcel Delivery, Pharmacies, etc.

More dangerous when criminals get hold of enough personal information to convince the victim that the caller really is their Bank.  Much easier for baddies if they know your name, address, account number, and interests.  For that reason, I don’t use my real name on the forum.  Not because I don’t trust you lot, it’s because the forum is open to the entire world, some of whom are smart enough to identify potential victims by scanning websites with a computer.   Much like Lions who scan the herd to find the careless weaklings who will provide an easy lunch.

Keeping a low profile is good, but not sufficient.   Nigel said ‘my portable ‘phone number is unlikely to be on any scammers’ directory as it is PAYG, not linked to the Internet and I use it quite infrequently.’  “No-one will notice little me” is seriously bad security:  scammers don’t need a directory.  PAYG is no protection, and neither is infrequent use.  The phone will be linked to the internet unless it’s used very carefully.  My advice: assume all incoming is fake until proven otherwise.

Dave

 

 

[Nigel Graham 2Participant @nigelgraham2]

A sequel to my trouble last week (see above)…..

 

This (Monday) morning’s call started with the familiar call-centre background sounds but no speech.

“Hello?” I said after perhaps 10 seconds. No reply for perhaps another 10 seconds. “Hello?” I asked again, more loudly.

There was a another pause, then as I was about to shout “Scam!” and hang up, a male voice spoke a garbled sentence of which I caught only the last few words, all obscenities.

I realised immediately it was our old friend calling himself Melvin Cooper. I was surprised he had telephoned me, but obviously he was vexed because I had managed to fight off his attack and he’d not stolen my money.

With some difficulty I kept calm. “Pardon, Sir?”

“You are an ……!” I reflected that every part of the anatomy has a definite purpose.

I resisted the temptation to enquire why, as he probably wanted; and simply commented politely, “Takes one to know one. Goodbye” , and hung up before he could respond.

 

I waited a few minutes in case the criminal was still on the line, then used 1471 to obtain his number. Next, I rang BT’s IT Trust & Security (I think it’s called) to report him, giving that number, the time of his call and confirming a few details tying it into last week’s escapade.

I mentioned too that in the follow-up call last Tuesday, “Cooper” had said he could unlock my PC if I paid some small, rather odd fee like £2.82 – I had refused point-blank, without telling him why.

Though I did tell him I had “made enquiries” without saying how, what and to whom; and I like to think, though probably wrongly, it had rattled him a bit.

Svetlana, as the BT lady introduced herself, told me the number, starting 0208… is a London one, so although the obvious conclusion is that it was spoofed the caller might actually be in London. Anyway she said she will pass on the report, and I think she said they can block the number.

‘

(It is not possible to block numbers from my ‘phone, nor to know who is calling until I answer.)

 

[Michael GilliganParticipant @michaelgilligan61133]

It looks like Svetlana may not have told you the whole story, Nigel:

https://www.smart-numbers.net/numbers/london-0207-0208-numbers/

MichaelG.

[Nigel Graham 2Participant @nigelgraham2]

Good Grief!

How the Hell has that been allowed to happen?

That is such an obvious hand-out to all sorts of crooks and spivs it should banned, and all such numbers closed, without notice and permanently. It’s not just the trade in numbers that is wrong, but what the text reveals – that organisations can operate by pretending to be in London while not being physically in the UK at all!

[Michael GilliganParticipant @michaelgilligan61133]

Further to Nigel’s recent experience:

I have received a warning eMail from the Co-operative Bank today, stating the following

.

Hello Michael,

Protecting you against fraudsters is extremely important to us. We want to make you aware of a dangerous new scam that is currently circulating.

Criminals may try to contact you posing as The Co-operative Bank or other well-known companies. This could include your internet service provider, Microsoft or even Amazon.

A persuasive fraudster will use tactics designed to make you worry. They might claim that they have spotted a security issue with your computer or internet connection, or that they’ve noticed suspicious activity. They will then offer to help you to fix this issue by:

Instructing you to download an app or click a link to download software onto your mobile or computer. This software is often called AnyDesk or TeamViewer.

Doing this will allow the criminals to gain access and take control of your device.

During this conversation the caller will have full control of your devices. They will ask you to log onto your emails and online banking. Without you even knowing, fraudsters could make payments from your accounts. They will also block genuine calls from us, so we can’t warn you of any suspicious activity we identify.

.

So this is evidently both widespread and serious !

The killer-line being the closing sentence 🙁

MichaelG.

 

[Nigel Graham 2Participant @nigelgraham2]

I think the scammer I had would have placed that permission in my computer. Fortunately I had interrupted proceeding well before he finished, and disconnected my modem and PC from the mains while I made the appropriate enquiries.

He rang again early this week to swear at me. I kept calm, treated him with appropriate but dignified disdain and terminated the call.

[Author]

Posts