Helping people with computers... one answer at a time.
In a brazen scam attempt you may get a phone call from someone claiming to be your ISP to "help" you with your Windows problems. Don't fall for it.
Perhaps you might be interested in this little anecdote.
Yesterday about noon, the telephone rang.
It was an Indian woman - the conversation is as I recall it ...
•
What follows is one of the most brazen scam attempts I've seen in a while. Fortunately, the person reporting it had the right instincts and was able to avoid getting taken.
Let's look at the transcript provided, and I'll identify all of the warning signs with [notes] as we go.
•
The conversation (with names changed) went like this:
"Given the amount of information that's likely publicly available about each of us, it's not that hard to put together a convincing sounding story - but that story will have holes."Caller: "Mr. Smith? We have your address as [correct address given], and we have your telephone number, otherwise we'd not be able to call you. For security purposes, would you give me your first name, please?"
Smith: "You should have that on your records" [1]
Caller: "Yes, but this is to check that you are Mr. Smith."
Smith: "I don't think that is necessary - I answered the telephone. What is this all about?"
Caller: "This is your ISP. [2] We seem to be having some problems with your account. Have you been having trouble with programs crashing recently?" [3]
Smith: "Yes, of course !"
Caller: "Well, when that happens, it sends a message to us [4], and we are getting a lot of these from you, and they are causing us some problems. Also, it is a sign that you may have serious problems with your computer very shortly. We want to help you to solve this problem, which will prevent you having your computer die on you - and it will solve the problems we are having with your messages. We have a team of Microsoft experts here to deal with it."
Smith: "Are you trying to sell me something ?"
Caller: "Oh, NO, Mr Smith! We just want to help you to sort out the problems; it's part of our service."
Smith: "O......K."
Caller: "Is your computer turned on?"
Smith: "Yes"
Caller: "Will you go to Start > Run, type in "Eventvwr" and press Enter."
Smith: "O.K."
Caller: "Click on "Application, and you will see lots of Events [5], either Information, Warning or Error. What is the total shown at the top?"
Smith: "over 1,700 since 6th Jan"
Caller: "Wow ! Roughly how many of these are Warnings?"
Smith: "I guess about a third?"
Caller: "O.K., now click on System, and tell me the total?"
Smith: "Over 2,800 - again, about a third are Warnings."
Caller: "You see Mr. Smith, how serious this is ?"
Smith: "Is it ?"
Caller: "Oh, YES, Mr Smith! [6] But we can do something about this ! I'll hand you over to a colleague who is an expert who can fix it for you."
Expert: "Hello, Mr Smith ! I'm going to help you fix the problems on your computer. I want you to go to Run > Start, type in www.logmein.com [7] and press Enter. Then tell me what you see."
Smith: "It's asking for a six-figure entry code." [8]
Expert: "Ah. Do you have that ?"
Smith: "No."
Expert: "Well, that's because your computer is over a year old. You get a year's free support, and this has now lapsed. You will need this 6-figure code before we can proceed. Renewal costs £50. May I have your Credit Card Number, please?" [9]
Smith: "Just a moment ! Your colleague told me at the start of this call that this was not a sales pitch. Do you want money off me ?"
Expert: "Oh, NO, Mr Smith ! We just want to sort out the problems on your computer ! But to do that you must have that 6-figure code....etc., etc., etc..."
Smith: "Just a minute ! I asked, do you want money from me, Yes or No?"
Expert: "It's not about money, Mr Smith, it's about fixing your computer !
Smith: "Is that a Yes or a No?"
Expert: "It's a Yes."
Smith: "Fine. Good day." CLICK [10]
The biggest take-away from this conversation may not be obvious, and that's this: always (and I do mean always) be extra cautious when they call you. Ultimately, you have no way to verify that they are who they say they are. You could be talking to a total stranger - or scam artist.
With that in mind, on to the specific notes:
[1] Exactly. Though they will often ask for something even more personal - like mother's maiden name or a part of your social security number - with all the obvious risks therein. Hence the warning I started with: recognize that they called you, and don't respond with this information. [back]
[2] Your ISP will never say "this is your ISP" - they'll identify themselves by name, both the name of the individual calling (which may be meaningless for security purposes) and the actual name of your ISP. Stating the correct information doesn't mean they're legit (it's not that difficult to find someone's ISP), but not telling you at all is a big red flag. [back]
[3] Really, now ... who hasn't?
[back]
[4] No, it doesn't. If a message is sent at all, it's sent to Microsoft or to the vendor of the software that's having a problem. [back]
[5] Yes you will. In fact we all will. The event viewer is kind of a mess, and having lots of events is not an indication that things are about to go bad. [back]
[6] Oh, NO, Mr. Scammer! [back]
[7] Important: logmein.com is a legitimate company/site and they have nothing to do with this scam. They provide a "remote access" service - the ability to login to someone else's computer across the internet. I think you can see where this might be headed. [back]
[8] It's unclear, but this is one of two possible targets of the scam. It's possible that once the appropriate code is entered (provided by the scammer, of course) that they would then be able to access our victim's computer remotely. [back]
[9] Bingo. This is more likely the real target of the scam: to get you to divulge your credit card information. [back]
[10] Handled excellently. This is exactly the correct response. [back]
I think of it as phone phishing.
As you can see, there were many red flags in this conversation. Given the amount of information that's likely publicly available about each of us, it's not that hard to put together a convincing sounding story - but that story will have holes. You must watch for them.
Here are my important take-aways from this example:
-
Insist on full and correct identification of the company that they claim to represent.
-
Always be extra suspicious when they call you. One solution: ask for a number at which you can call them, and then either research that number (Google's been fairly useful for this), or call your ISP yourself using only phone numbers you find yourself in your ISP's provided information and ask if this number, person or scenario is something they actually know about.
-
Never, ever give your credit card or other personal information to someone who called you. At least not unless you're absolutely positively certain you know who they are. If needed, get a call back number - that way even if it still turns out to be a scam, you'll have that to give to the police.
-
Be particularly suspicious of instructions to visit web sites. They may be legitimate - if you call your ISP's tech support line, for example, they're likely to have you do things like that. However, until you're certain you know who you're talking to, don't.
If you get called, and you're the least bit uncertain the solution is simple: hang up, and call the company that they claimed to represent. If it's legitimate they'll understand (and perhaps even appreciate) your caution. If it's not, they'll definitely appreciate your caution, and you'll have just saved yourself a lot of grief.
Article C4164 - February 19, 2010 « »
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
March 17, 2012 1:05 AM
I received a similar call yesterday and went along not thinking straight. I was eventually asked to go to {URL removed} not realising it was logmein allowing remote access. I did go as far as keying in the 6 digit pin but as soon as a connection was established I closed the chat box and hung up.
Now my question is whether my information has been compromised since I did not allow them to take control? I have disabled anything doing with lmi.exe on my firewall an disabled remote access.
Please help! Appreciate it..
March 17, 2012 4:17 PM
@Shea
To be on the safe side, I would run an antispyware scan or two on my computer.
Spyware: How do I remove and avoid spyware?
I would also change my PIN.
August 29, 2012 2:03 PM
I had a similar call this morning from an Indian/Asian woman claiming to from a company called 'International Brouter' (at least I think that's what she said) who work for my ISP????. She gave me the 'warning messages coming from my computer' speel and that it needs fixing straight away or my computer will crash! I said my computer was running ok and that it has full Norton security but she said Norton do not cover these problems!!!! She instisted quite forcefully to turn my computer on straight away so that she could talk me through a 'fix'. I'm not a computer expert but I eventually twigged she was talking absolute rubbish. After a few more attempts at trying to convince me I told her 'how do I know you're not trying to get into my system yourself...goodbye'
and promptly hung up. And surprise surprise...the caller's number was unavailable on 1471. Thanks for publicising this scam.
December 17, 2012 2:03 PM
Hi Leo, I too, have had heaps of these calls and the callers are very persistent. I just hang up and tell my friends to do the same.
However, I now want to access my Aunt's computer in England to help set it up - would you please recommend software that I could use for this purpose?
Gratefully
Marian Cooper
December 18, 2012 1:16 AM
@Marian
You can use a utility like TeamViewer for that. It allows you to control a computer remotely. TeamViewer is free for noncommercial use.