Just got a phone call, asking for my wife by first name. I said, I am Christine, and then he proceeded to imply he was from microsoft and that they had indications that my computer was acting slow and crashing (He knew–he must be from Microsoft). Anyway he had me call up the command line, and type: www.goo.gl\399bx. Don’t know if it was back or forward slash. Anyway, we somehow lost the connection at that point, and I am afraid to even call that up on my iphone. What would I find if I did go there.
You have the slash the wrong way.
But, that’s a good thing.
I tried it on my Mac-it downloads an .exe payload - undoubtably some type of malware.
ETA: I looked up the file name, and this is what it is:
One of the many weird things about this call is that the caller seemed rather intelligent, and the murmur in the background indicated many calls were being made simultaneously. What kind of malware could be so profitable that they have a sweat shop running, populated by college students, or grads.
Rule #1 Microsoft does not call users like that.
Thats the launcher for ammy admin which is actually a legit program, just being used by scummy remote service providers to show you “evidence of problems” that are not really problems then want to charge you $300 for a “lifetime membership” to their service. Sometimes when you refuse the service, they break something on the way out making it so you need computer service anyway.
Even if you pay, good luck getting additional service.
Youtube clip of a software engineer at malwarebytes recieving one of these calls
Do not try this at home, he was working inside a virtual machine therefore not allowing his actual computer to be trashed.
The guy on the phone kept saying what does the screen say, what does the screen say. Now, following Beowulffs lead I got to here: http://ammyy-admin.en.softonic.com/. If I had read him an ID number from my screen, he would have been able to control my computer in about 20 seconds, something I would not have really appreciated.
this is the link to the actual ammy admin software provider page
This scam has been going on since at least 2008. The call centers are often based out of India.
Google Microsoft scam phone call and you can ready about it all day long.
They call here all the time. The ones that have been calling lately have american accents, they used to all have indian or middle-eastern accents.
I always ask them if their mothers’ know they steal from people. They hang up.
Places like India, China, and Nigeria literally have sweat shops full of people who do nothing but internet scam all day long. I don’t know about China and India, but in Nigeria the colleges are heavily infiltrated by criminal gangs. There are too many educated Computer Science majors graduating for not enough jobs, so internet crime is a natural fit.
What about setting a honeypot on an old machine and when they take control you infect their machines. Has anyone ever done that?
I also ask them if their parents know how they make a living. This usually upsets them.
I expect you’ll get another call before long from a ‘‘legitimate’’ company offering to remove the malware from ‘‘Microsoft’’ for a ‘‘small’’ fee.
I’ve gotten a couple of calls like this, and the odd thing is that they sounded like beginners at the scam. I hung up before they could say more than a few sentences, but even then, they kept getting confused and having to start over again.
I don’t think this is what he meant…if I understand correctly, he is talking about a way to send malware to the machines of the scammer. I personally would love to see a “scammer on the line” button that might allow the services they use to isolate and block the operations using them.
Exactly.
“Can we access your machine Mr. Cad?”
“Of course.” and have fun with FBImoneypak and I’m including free of charge the Jerusalem B virus because I’m old school motherfucker.
While they’re at it, I’m sure they plant remote access trojans so they can access your computer and look for things like credit card numbers.
For example, if I could control your PC remotely while you were out - could I order stuff from Amazon or Ebay, do they have your payment information already on file, etc.?
At the very least, they can use you as a relay to send spam or connect to other PC’s. This way, when they connect like the are with you, the origin is not their home base but some unsuspecting compromised PC - making them harder to track.
If you ever receive a call informing you have some sort of a problem and they are calling to help you, it’s a scam. It does not matter if they claim to be from your bank, the FBI, Microsoft, whomever, or whatever.