Microsoft Tech Support Scam Story

[byalexandr]

So my boss called me today, he said he had a problem. I asked him what was up, no idea it would be a computer issue (he knows I work on computers and stuff). He puts his wife on the phone to explain it better, and first she tells me she was helping her son do math homework, when she got this 'security pop up' on Google, telling her to call an 800 number. Well at this point I started to figure out where it was going, and then she said some Indian dude on the other end picked up and said he was a Microsoft Tech Specialist or some bs. At this point I started laughing as I knew exactly what was going on, and she proceeded to tell me that the dude remote accessed the PC and showed here '8 hackers' that were 'currently hacking the PC'. She felt that it was kind of fishy so luckily she didn't give them any credit card info, but the remote access software was still on the PC, and to make it worse they can't use it because they put a ransomware 'startup password' virus on it.

 

So now my boss is asking me to fix it, of course I'm just going to wipe the drive and reinstall Windows lol, no point in trying to get in and fix all of it. Funny story though, just got off the phone actually. Thought I would share

[Pcinacan]

wow, so that work sometimes. hu

[Guest]

Why would she call a random number at the first place?

[byalexandr]

Just now, dexxterlab97 said:

Why would she call a random number at the first place?

She didn't know what version of Windows she had when I asked here so I could easily see here calling that number.

[MrSheep110]

2 minutes ago, dexxterlab97 said:

Why would she call a random number at the first place?

Not everyone knows that the numbers are scams. but all we have to do is make the skammers known and this will happen less.

 

[Guest]

1 minute ago, byalexandr said:

She didn't know what version of Windows she had when I asked here so I could easily see here calling that number.

 

1 minute ago, MrSheep110 said:

Not everyone knows that the numbers are scams. but all we have to do is make the skammers known and this will happen less.

 

People who are not really into pc should know to never trust any phone on the internet. How card could that be?

[Enderman]

11 minutes ago, Pcinacan said:

wow, so that work sometimes. hu

You would be surprised at the huge amount of people this works on.

I think a while ago researchers did a test or something and like 60% of people fell for this type of scam.

[Networking Wolf]

I work for the DOD and we have been getting crypto a lot lately and we have been having a bunch of issues with the scams from Microsoft and other affiliated scammers

[Narigaur]

Did you already do it? Because there is a way to fix this issue without reinstalling. I know you don't want to fix it, but trust me, it'll be worth the time.

[byalexandr]

13 minutes ago, Narigaur said:

Did you already do it? Because there is a way to fix this issue without reinstalling. I know you don't want to fix it, but trust me, it'll be worth the time.

I haven't yet. But you can't get into the system without a password, there is ransomware installed.

[yamileon]

37 minutes ago, byalexandr said:

I haven't yet. But you can't get into the system without a password, there is ransomware installed.

you sure its not syskey ? 

just making sure

[byalexandr]

32 minutes ago, yamileon said:

you sure its not syskey ? 

just making sure

I don't know to be honest. I don't have the PC to work on yet. But she did mention something about a system password or something. I just assumed it was ransomware or something similar since the scammers got all mad and still want to scam them.

[Tech_Dreamer]

Why do people fall for this shit still??

[Canada EH]

3 hours ago, byalexandr said:

 

All they need is a 1% fish catch rate.

 

I had a similar call, east indian accent but Symatec. Havent used Norton in years. Bloated. Sometimes I play with them, other times I get angry.

Capitol One credit card is another scam, Nigerian accent wants me to send receipt to them.

I bought a call blocker, but they can put whatever number and name on there they want.

I've had 123-456-7890, 000-000-0000. I am looking for a device that needs a pin or extension for personal calls. All telemarketers get a long long long long long long ring followed by a click. Might be a problem with legit companies wanting to talk to you, like your bank, finance institution where on their list they cant add a 3 digit extension.

 

Its companies, like BestBuy that ask for your phone number when returning stuff. I use an old home line #. But older people always give their real phone number, real address, real emails. I have multiple emails I use. 1 personal, 2 generic personal and a 3rd hotmail email for draws, website sign ups, etc.

[Godlygamer23]

There was one thread where someone had an encounter with a Microsoft Tech scammer - I called the number and pretended to have computer problems at first, and then I revealed what I was really doing, with me also chewing that guy out for scamming people into bullshit. I think I called the dude pathetic for doing what he does.

[yamileon]

13 hours ago, byalexandr said:

I don't know to be honest. I don't have the PC to work on yet. But she did mention something about a system password or something. I just assumed it was ransomware or something similar since the scammers got all mad and still want to scam them.

i doubt these scammers know how to use ransomware, 

prob syskey which should be easy enough to remove (if they have important data they need)

[yamileon]

13 hours ago, byalexandr said:

I don't know to be honest. I don't have the PC to work on yet. But she did mention something about a system password or something. I just assumed it was ransomware or something similar since the scammers got all mad and still want to scam them.

i doubt these scammers know how to use ransomware, 

prob syskey which should be easy enough to remove (if they have important data they need)

[WkdPaul]

this thread fits perfectly with this;

 

 

It's sad but people in general don't want to learn about PCs ... I have had laptops given to me for free because they were "broken", turns out they were simply filled with viruses that a simple Windows refresh would fix!

[Bhav]

Not only this but also telemarketting scams.

 

I used to get a lot of phonecalls from my 'bank', trying to sell me insurance over the phone. They would blabber for ages about all the insurance package contents, and try and convince me to buy it ... except that then whey wanted my debit card and account / sort numbers over the phone?

 

Erm, no? If it was my bank why would they need my account numbers? They should be asking for my security details instead.

 

I ended up adding both my mobile and my family's house number to the UK's do not call list, and surprise surprise I stopped getting them.

[WkdPaul]

1 hour ago, Bhav said:

*snip*

Sadly enough, not many people are able to think logically, here in Canada, thousands of people got scammed by people saying they were the Canadian Revenue Agency (CRA).

 

You can look it up, I swear it's true! They were telling people to pay them with iTunes prepaid cards ... Seriously, since when did any government takes iTunes prepaid cards as payment??? There's even people who bought a dozen of $100 cards.

 

If they are gullible enough to "pay" the government with iTunes cards, then they deserved to be scammed.

[demonix00]

19 hours ago, byalexandr said:

I don't know to be honest. I don't have the PC to work on yet. But she did mention something about a system password or something. I just assumed it was ransomware or something similar since the scammers got all mad and still want to scam them.

I'm certain that the scammer used syskey to lock you out of the computer and files if you don't cough up any money (what it does is encrypt all files on the hard drive and doesn't allow access unless you type in the password, and unfortunately the process can't be reversed) since it's pretty much a part of the OS, and since I've already said the process can't be reversed you're pretty much SOL and will have to wipe the hard drive (I would suggest a DBAN nuke from orbit to make 100% sure) and reinstall the OS.

 

One thing I suggest you do (and I think everyone should do) is look up the youtube video from lewis's tech about how to set up a bait VM for tech support scammers and download the fake syskey file and follow the instructions on how to set it up so if another of these fuckers comes a calling and tries the old use syskey to lock you out of your computer until you cough up the money they want, you can laugh your ass off as they try to do it and only end up with a lovely prompt as to what they are.

[byalexandr]

58 minutes ago, demonix00 said:

I'm certain that the scammer used syskey to lock you out of the computer and files if you don't cough up any money (what it does is encrypt all files on the hard drive and doesn't allow access unless you type in the password, and unfortunately the process can't be reversed) since it's pretty much a part of the OS, and since I've already said the process can't be reversed you're pretty much SOL and will have to wipe the hard drive (I would suggest a DBAN nuke from orbit to make 100% sure) and reinstall the OS.

 

One thing I suggest you do (and I think everyone should do) is look up the youtube video from lewis's tech about how to set up a bait VM for tech support scammers and download the fake syskey file and follow the instructions on how to set it up so if another of these fuckers comes a calling and tries the old use syskey to lock you out of your computer until you cough up the money they want, you can laugh your ass off as they try to do it and only end up with a lovely prompt as to what they are.

I will, I'm actually going to upgrade them to Windows 10, just so they have Windows Defender and some other nice features. I'll also put Malware Bytes and stuff just in case.

[Narigaur]

21 hours ago, byalexandr said:

I will, I'm actually going to upgrade them to Windows 10, just so they have Windows Defender and some other nice features. I'll also put Malware Bytes and stuff just in case.

Nice!

[theandrewhead]

Similar experience here, Mums friend got a popup, called phone number, followed scam until they asked for money, she refused, so they just said something along the lines of "Call us back if you cant get it working yourself" before hanging up. They then, while still connected, changed her windows password remotely and logged her out of the machine so that she couldn't log in. I was tasked to fix it, so i ended up using the offline password changer tool on Hiren's Boot CD to remove the password entirely, before running over the OS several times with MBAM, and monitoring incoming/outgoing network connections with netstat to be absolutely sure the scammers didn't have a remote access backdoor that got installed along with their 'PC Repair' software

[theandrewhead]

Sorry For Doubleposting... School Internet is shit

 

Similar experience here, Mums friend got a popup, called phone number, followed scam until they asked for money, she refused, so they just said something along the lines of "Call us back if you cant get it working yourself" before hanging up. They then, while still connected, changed her windows password remotely and logged her out of the machine so that she couldn't log in. I was tasked to fix it, so i ended up using the offline password changer tool on Hiren's Boot CD to remove the password entirely, before running over the OS several times with MBAM, and monitoring incoming/outgoing network connections with netstat to be absolutely sure the scammers didn't have a remote access backdoor that got installed along with their 'PC Repair' software