Background information
Switching to Linux: not even that hard
by Kevin Hofer
How I drove phone scammers nuts
25.7.2018
Translation: Jessica Johnson-Ferguson
Pictures: Livia Gamper
Your phone rings and there’s a Microsoft employee with an Indian accent at the other end. Sound familiar? I was recently pestered by scammers myself, so I decided to try out different strategies to deter them. Although the last attempt led to an insult, it also put an end to the calls – at least for now.
I think it goes without saying that these calls are not made by genuine Microsoft employees. These callers are criminals. Criminals who are trying to make people install software that allows them to install Trojans and control computers by remote.
In the Darknet, there is a flourishing trade in hijacked computers – so-called «remote access trojans» or RATs. They are bought by other scammers who aim to build botnets or collect credit card data.
To mark the occasion – we’re talking five calls in a single day! – I would like to present my strategy for dealing with unsolicited calls.
1. Politely decline – Fail!
«Hello this is Bob from Microsoft. We found out that your computer is infected.»
«Please don’t call again. Bye!»
Didn’t work. Further calls ensue.
2. Forward call – Fail!
«Hello this is Alice from Microsoft. We found out that your computer is infected.»
«Hi Alice! That is horrible! But I’m not good with computers. Let me get my boss to handle this!» – I pass the speaker to my four-year old daughter (who doesn’t speak English).
Alice is not in the mood for chatting to my daughter. What a pity.
Tooot. Tooot. Tooot.
3. Join in and take them for a ride #1 – Fail!
«Hello this is Michael from Microsoft. We found out that your computer is infected.»
«Hi Michael! Whoa, really? Can you help me?»
«Yes of course, that’s why I’m calling. Are you sitting next to your computer?»
«Yes I am.»
«Now, open your browser. Are you ready?»
«Yes, I opened the browser.»
«Now, search for Teamviewer.»
Scammers want you to install a software called «Teamviewer». It’s the same software I've installed on my dad’s computer so I can remotely access it if need be. It allows me to stream his desktop so I can solve problems without having to go round. The scammers want to use «Teamviewer» to install Trojans. If they succeed in doing this, they’ve won: They will see every keystroke, fish for passwords and tap into your webcam and microphone. Or, as mentioned earlier, sell access to your computer in the Darknet.
From now on, I’m going to have a little joke with «Michael», who, judging by his accent, is probably called Sanjay. I pretend as if I’ve misheard him and start a Google search for «teen viewer».
«Michael! What are you doing to me? Now I can see naked girls on my computer!»
«Wait, what? Did you enter Teamviewer as I said?»
«Yes, I was looking for teen viewer and now there are naked girls on my screen! I will get into trouble with my wife! What have you done to me? That was not...»
Tooot. Tooot. Tooot.
4. Smother with friendliness – Fail!
«Hello this is Josh from Microsoft. We found out that your computer is infected.»
«Oh, hi Josh! Nice to hear from you. How do you do?»
«I’m doing fine and you?»
«I’m doing just great. Josh, where do you live?»
«I’m in Boston.»
«That’s an awesome city. How’s the weather in Boston?»
«The weather is nice. Now, regarding your computer: your Windows-PC is infected, you have to do something about it.»
«It’s nice that the sun is shining in Boston. It’s a rainy day here.»
«That’s sad. But about your PC...»
«I have a Macintosh.»
Tooot. Tooot. Tooot.
5. Join in and take them for a ride #2 – Win!
«Hello this is Jennifer from Microsoft. We found out that your computer is infected.»
«Hi! That is horrible! What can I do about this?»
«I can help you. Now, next to the CTRL-Key at the bottom of the keyboard, what key do you see there?»
Jennifer amazes me! She’s sneakily trying to find out if I’ve got a Mac or a PC. Although I have a Mac, I’m still aware of the fact that PCs have a Windows key in said place.
«A Windows logo!»
«Great. Now hit the Windows key. Are you ready?»
«I’ve hit the Windows key.»
«What do you see?»
«A menu.»
«Great! Now start typing E, V, E, N, T»
Aha! Jennifer wants me to open the event viewer. I know that this is where numerous harmless error notifications and warnings from the operating system are displayed. The notifications are supposed to convince me that my computer is in serious trouble.
«I’ve done that.»
«Now, click on eventviewer.»
«I've clicked on eventviewer.»
«What do you see?»
«Holy moly! I see a ton of error messages! What’s going on?»
«You see? Your computer has a virus!»
«Please, Jennifer, help me!»
«That’s why I’m calling you. Now hit the Windows button and the E key at the same time.»
This is a shortcut that opens Windows Explorer. I don’t know what Jennifer’s up to but I’ve got to improvise.
«I did.»
«What happened?»
«A window opened!»
«What’s the title of the window?»
«I can’t read it! It’s too small!»
«Make it bigger. Can you read the title of the window?»
«It says… S, C, A, M!»
«You little bastard!»
Tooot. Tooot. Tooot.
Her insult is like water off a duck’s back. After all, I’ve had no bothersome calls since. Did my plan actually work? Did I make it onto a blacklist?
I’m not fully convinced.
Should my phone ring again, my workmate Dominik Bärlocher is prepared and has come up with the following idea: A virtual machine that makes these scammers waste even more precious time. We’ll be working on the solution over the next few days. Stay tuned!
Update due 26.7.
Microsoft contacted us with a useful hint: Bogus calls and e-mails can be reported here.
Aurel Stevens
Chief Editor
aurel.stevens@digitecgalaxus.chI'm the master tamer at the flea circus that is the editorial team, a nine-to-five writer and 24/7 dad. Technology, computers and hi-fi make me tick. On top of that, I’m a rain-or-shine cyclist and generally in a good mood.
122 comments
later