An event log always contains errors
Phone rings, an asian accent with quite broken English, barely make out something hurriedly muttered about “not genuine Microsoft software” and errors on my machine, my “licence” expired. Hmm, my curiosity aroused, I said to go on. He asked me to type the Windows key and R – in other words to start a “run” box in which to type in programme commands. He then says to type eventvwr (very clearly and spelt phonetically, much clearer than when the call started and I asked him which company he worked for) So I type this in (to open event viewer) – he then asked me to click on various event logs, which showed several errors and information events. He then asked me to do Windows- R and again and type in a web address. Of course, I first googled the web address and it was the site of a remote access software company. As far as my rapid research went, a legit company. So, with my Firefox running “no script” – to block any potential malicious scripts, I went to the site, still acting like an humble “non-techie” – the next step involved starting a “session” – which involved downloading some software to install on my pc. This would then have allowed him to take over my pc and install whatever he liked on it, trojans, spyware, viruses, key stroke loggers to record passwords etc. I was curious to see what he wanted to do next, but couldn’t run the risk of compromising my pc. So I told him I was a Microsoft Certified Desktop Support Technician, and asked him for his phone number, company name and website address. He gave me fake ones.
Moral of the story.. if an unidentified person phones you and tries to scare you into handing control of your pc over to them, just hang up, unless you know what you’re doing and want to waste their time (like I did.) I don’t consider it a waste of my time, because I need to know these things to protect my clients, family and friends.
Don’t let them baffle you with IT, every pc will have errors in its event log, so if you have doubts, say no, and ask a technical person. If you think it might be genuine, ask for their phone number and get someone technical to call them back. Chances are the number will be fake.
Advertisement
June 17, 2010 at 8:34 am
You didn’t tell me about this, Adam.
June 27, 2010 at 3:23 pm
You describe 100% what has just happened to me. I fell for it hook line and sinker and am now having to spend days and days to rectify the total harm they did to my computer. It was when they knew my name that I somehow, stupidly, switched off my cynicism and — went for it! Am I upset????
June 30, 2010 at 3:50 pm
I had the same, kept him on for ages about 25 mins had a bit of a laugh at his expense.
August 14, 2010 at 10:16 am
Had phone calls from this mob today- PC Rescue, in California.
They said there was no point in giving me their phone number as they were phoning on Wi-Fi and I would not be able to get back to them.
I refused to confirm any details with them of my computer or address, etc. And would not sit down at my computer to look for the malicious files!! Told them to email me their details – naturally did not give them my email address – if they knew I had downloaded malicious files they should have my email address too!
Luckily I had received an email about this scam a couple of months ago.
August 18, 2010 at 6:45 pm
This is now happening in Ireland Dublin.
October 31, 2010 at 1:30 pm
[...] frauds when ordinarily they would not be taken in for a moment? Not strictly spam but there is a telephone based fraud doing the rounds at the moment. A caller informs you that there your computer is severely infected [...]
December 1, 2010 at 4:02 am
Just got this call from “PC Help Centre”, from a bloke with and Indian accent. Played dumb and got them to call me back, though just before he hung up a woman’s voice in the background yelled out “don’t do it! you’ll give him control of your computer!”. He rang back and I then strung him along and pretended to follow all the steps he asked me to do then asked for their phone number to call them back (was given a fake). Told him there was a special spot in hell for computer thieves, and to enjoy it.
December 22, 2010 at 10:20 am
We also got a call from”pc Help Centre” also an Indian. We’ve
been getting a few of these lately.It was almost 10pm and I was asleep so when I answered I was quite drowsy,he rattled off all this rubbish about how my pc was in danger of serious damage etc etc, my reply to him was”I’m half asleep”, he said wake up,you must fix your pc,wake up, wake up!. I was about to get angry and tell him to bugger off, but I decided to string him along. I pretended to go to my pc as he demanded(still in bed) and pretended to follow his instructions, when he asked me what I saw on the screen, I would say I’m tired,he was really aggressive and keep telling me to wake up! wake up! I was trying hard not to let him hear me laughing. Anyway after about 10-15 minutes of this rubbish I said to him I wasn’t feeling well and I need help, with that he, HUNG UP!. LOL I hope I ruined his night,like he ruined my sleep. Cheers
January 15, 2011 at 10:15 am
the sad thing is, I reckon these guys are probably severely bullied by their overseers. If they lose their jobs, it can be life or death in some countries. I don’t think there is any welfare benefit in India yet.
January 15, 2011 at 9:44 am
Had this tonight (New Zealand). Told them my computer was perfectly fine, bye. Wish I’d thought to ask them to phone back after I’d talked to family members who are in IT and the police.
March 3, 2011 at 1:04 pm
Got this type of call a couple of weeks ago in Alberta, Canada. She asked if I was using windows and that they were calling to repair something, insisting over and over that they were reputable and I could check online to see who they were. She was incredibly persistent, despite my refusal to touch my computer or even look at their website. I basically told her that no one does anything for free and if I have some problem, I’ll contact my computer rep. I had to tell her that I was getting angry with her and was going to hang up beccause she would not stop pushing. She said she would call back, and of course, never did. And she was Asian, but her english was fine. I guess some people have nothing better to do with their time than create trouble!
March 3, 2011 at 1:27 pm
I would love to hear from anyone who went further with one of these calls and investigated what exactly happened. My suspicion is they will remotely install one of these ransomware type of programmes, that give you fake virus alerts etc, and lock your machine down until you pay for the “premium” version. I certainly believe it is more than just wanting to annoy!
March 8, 2011 at 10:22 pm
I received this call yesterday and followed their directions for awhile. He transferred me to some lady I couldn’t understand and she really rubbed me the wrong way. After showing me all the “errors”, I was then in a site to download a program. As it was downloading I read what it was for and immediately canceled cause it was for accessing computers from ANYWHERE. I let her keep talking until we were then at another site but this one was gonna cost. I told her I had no money and she got snotty and said nothing is done for free and that I needed to fix the problem. I told her to go screw herself that I would get REAL computer person to see if it is broken (I have warrenty) and she started laughing at me so I hung up and brought my computer to a computer specialist to get them to look at it to see if she corrupted it. He said it was fine but a scam. He was concerned why she had me go into the command prompt cause this can let people access everything on the computer. I wrote down everything she made me do EXCEPT what she made me type into the command prompt. We r hoping it was nothing severe and so far so good. But does anyone remember what they made u type into the command prompt??? Also, they tried calling again today and I laughed so hard cause how stupid can u be. I thought about it after though, I should have let them get to the command prompt part to see what I was typing in so I can tell my computer guy:(
March 12, 2011 at 7:41 pm
My aged father (86) fell for this scam, and unfortunately allowed them to have access and download stuff onto his desktop. Luckily he felt uneasy about this afterwards and rang me (I’m 4 hours away in N Yorkshire). I told him to switch off the router, to cut internet access. The following night the PC switched itself on, and started to do so several nights. I told him to unplug the PC.
When eventually I came to see him, I saw nothing unusual on the PC in downloads, program files etc. However Kaspersky showed expired licence (should have 119 days left, if I not mistaken), the firewall were off and there appeared to be internet connection problems, but though it seemed not be connected I found evidence that bytes were being sent. At which point I shut down the desktop. I am unsure what to do next.
I will try and contact Kaspersky. Any other suggestions? Thanks
March 12, 2011 at 8:51 pm
Julian,
Its quite possible that they have opened a backdoor on the machine, to use for malicious purposes. It might be a legitimate program or even something like VNC or remote desktop, which allows remote control. Unfortunately, as these are all genuine programmes used by support professionals, they may not show up as malware, therefore Kaspersky (or any other antimalware wouldn’t reveal anything) This is why they get the user to configure things, so their “backdoor” doesnt show up as malware.
Your best bet is to get professional help on this, however, if you want to try yourself, firstly I would download Malware Bytes and run that in “safe mode with networking” – just in case they have installed a known trojan, then I would look in the windows firewall settings to see what “legitimate” programmes have been allowed as exceptions then check those programmes out (google them) to look for remote control type software, eg “log me in” or “vnc” – or simply disable them all and then just allow them individually when you find they are needed (eg mine is showing Firefox, Windows Live Messenger and a few others)
March 13, 2011 at 11:00 am
Julian what you need to do is cancel your credit cards/change all your passwords and restore the computer to factory settings.This way if they have left a trojan on your pc it will be wiped of
March 13, 2011 at 11:34 am
I agree with Gary that this is the only 100% safe route, which is why you should get professional help, as this procedure is quite complicated for the average user. It does depend on the scenario though. Perhaps your father has never carried out financial transactions on the pc, in which case, there is no need to cancel the bank cards. However, he might use it for this in the future, so still best to wipe the drive.
March 28, 2011 at 1:18 pm
One of these snakes called me up today, exact same thing.. I was curious because my computer has been crashing but he didn’t sound like he knew PC’s at all, he was called the desktop my ‘homepage’. I cut him off at the part where he said type in eventlog, I said I’ll take my chances. He said I wasted his time and I said ‘I’m busy as well
March 28, 2011 at 10:53 pm
I, at 70, also fell for a similar call from those P-I-b******s. I could hardly make out what they blabbered about but was told they work for Microsoft and that I need to have those threats on my computer fixed. My PC was slow at that time. Like a fool I trusted them and followed their instructions. After that they suggested I subscribe for a year and only have to contact them to have them clean my PC and make it faster. A day or so after signing up I realized that I did sign up with another company for their service a month ago. I phoned them back (718-717-2648) and after explaining what happened, they agreed and promised me the refund ($289 CAN) within 2-3 days. After no refunds appear on my card statement for a week or more I phoned them various times they keep on promising a refund. It is now well over a month and still no refund. The phone are now permanantly in recording mode. They all have “English” names ie. Darren,Kevin Nelson….and still have that strong accent???? Give me a break. So, they took off with my money. So please, don’t like me, be fooled and sucked in by those rats, scumbags (to put it mildly)……
May 5, 2011 at 2:19 pm
Same here in the UK; using the name “Steven Lee” – I kept him on hold whilst googling – then told him he will burn in hell …
September 20, 2011 at 10:30 pm
This has been happening to almost everyone I know, those with and without computers. I had them ring me 3 nights in a row, even after I told them “I’m not falling for your shit, go scam someone else and get F*****d!. (I really enjoyed that). I had a relative ring the phone number that they gave and it was answered in the name of the scam (Microsoft/Windows) Luckily my relative was just playing along and had no intention of allowing them access to his pc.
October 18, 2011 at 12:33 pm
I had the call in Northern Ontario, Canada last night. Sounded a bit off from the start and as the said press the windows and r button I realized they were trying to get me to run a command. I politely asked them to call back tomorrow and that I would talk to my friends in the RCMP in the morning. I was proud of myself, I was in polite terms told to F OFF and then they hung up for a change. Quite an interesting scam though and unfortunately they probably catch a lot of people.
November 12, 2011 at 10:53 am
I’m sick of these calls too. I’ve told them to remove all my details from their database as I know it’s a scam, but they hang up or keep calling. Next time though I’ll be ready for them! I’m going to ask them to just ‘wait a minute’ – then won’t come back so that they run up a huge bill waiting! If everyone did this they’d soon get tired and make a memo not to call your number again.
December 15, 2011 at 6:59 am
Yes this just happened to me but i couldn’t get past the window/r wouldn’t start for me so the guy got really angry and told me to go and “**** myself you bloody Australian”….hahahahaha…but i had to get him to keep repeating it as his accent was too strong for me to understand him ……….very funny moment really.
January 16, 2012 at 5:21 pm
Here it is January 2012 and they are still at it. I got the same phone scam call. After being a “bit difficult”, not doing what they asked, starting with hit Control R, and taking up 15 enjoyable minutes of their time I got passed on to a “Supervisor”. They had a fair amount of correct information about me, sourced from the internet no doubt, but balked when I asked for a call-back number. The call ended when the more fluent “Supervisor” in clear second-language English said “you Mother F**ker” and hung up. Oh well! Coffee break over and back to work.
January 23, 2012 at 4:51 pm
[...] am hearing more and more cases of the cold callers claiming to be from Microsoft and claiming that “you have errors on your Windows computer.” I blogged about these [...]
February 20, 2012 at 12:53 pm
Just had one of these calls in Northern Ireland. Thay knew my operating system number – how? Became slowly aware not all right andhung up, but not before telling them a 7 digit number from my PC accessed via windows key and ‘r’. Can they make use of this number in the future? They are supposed to call me back tomorrow so thanks to you lot i’ll be ready for them. Ray C
February 20, 2012 at 1:00 pm
It sounds like the pin number used by them to start a remote session. Did you go to a website and install something like “log me in”, “Teamviewer”, “VNC” or “Go To Assist?” If so, you should uninstall that software, and then go to your windows firewall, via control panel, security centre, and make sure any such programmes are removed from the exceptions list.