Adventures with Indian scammers on the phone and computer

Shoe Box

We've all heard about these Indian scammers who claim to be from Microsoft and charge huge amounts of money to fix computers that don't have problems. I just encountered one and their victim.

Last week, I rebuilt a Dell desktop for someone. It needed a new hard drive, which it got, then I did a full fresh install of 7 HP 64 bit on it, and included AVG Free, Malwarebytes, and CCleaner. The owners were a couple in their 50s, and didn't know much about computers. I spent a good half hour at their house answering questions when I returned their computer last Thursday.

This morning, at 7:30 am, she calls me, all excited about a call she just had. Some Indian scammer had called, claiming to be from Microsoft, had her disable the AVG, and then he had her type in msconfig and was doing some things. When he got to the point of asking for $177.78 to "fix" the computer, which was already as fixed as it is possible to get, the computer owners shut off the computer and hung up.

They tried to call back 4 times before they quit trying.

But while he was in the computer, he put a login password on it. And now that we don't know the password, I have to rebuild it again. I will do a full reformat to erase anything they might have done.

I have to wonder how the Indian scammers got her information to call her in the first place. Maybe someone at Comcast is collecting customer data and selling it to them?

Tongy

Not sure you do, I've removed accounts from PCs for people without having to rebuild the OS. Lots of free tools out there that can help, you just need to know where to look!

danny069

I'd full format it again, they cold call people or people call them from a number that pops up on the screen (such as a fake notice). Unless there is data they need, you could use the Hiren's boot cd to remove passwords, but seems to me there may be malware on that pc already.

Shoe Box

The lady told me she had downloaded some sort of free games package on the computer, and after that, the fun began. I will just full format it, that way I know what is and isn't there. It's easier to do that than to try and save a couple hours and risk having problems pop up again.

paul78

Can I suggest that you ask your client to read this - Avoid Phone Scams | Cybercriminal Tech Support Scam | Security Threats

And the FTC has been actively tracking this latest string of scams after the last shutdown - you may want you encourage your client to report it here - https://www.ftccomplaintassistant.gov

scaredoftests

Some people are such idiots. After all that work you have done on their computer, you should make them sign an agreement not to talk with anyone but you. (I am being sarcastic..but they give people in their 50s a bad rap...)

MTciscoguy

I am in my 50's and have learned over the years a few very choice words that I tell them on the phone when they call. Then I really start to have fun!

Mike7

MTciscoguy wrote: »

I am in my 50's and have learned over the years a few very choice words that I tell them on the phone when they call. Then I really start to have fun!

You are a IT guy. Most people have no idea how IT works; they believe every word that the "expert" tells them.

I always tell people to check the weather whenever they have computer problems.
See 51% Of People Think Stormy Weather Affects 'Cloud Computing' - Business Insider

srabiee

Indian scammers are notorious for running SysKey.exe to lock users out of their own computers and hold the system for "ransom" until the user pays them money.

https://en.wikipedia.org/wiki/Syskey

kohr-ah

My coworker at my last company got these calls a lot.

He always had a snapshot of a windows 7 vm. Would load the VM up and give them access and watch them go to down doing nothing to his system then politely inform them that they just took over a useless VM and just rollback the snapshot and wait for the next one.

MrAgent

I also have a vm waiting should they ever call me. I plan on recording the whole thing for a nice youtube video.
I was seriously considering having files on the desktop which say accounts.doc and have it laden with malware, as well as logins.pdf file which would would have a payload with a netcat connection back to me of course.

paul78

Scammers are everywhere - it's not specific to India.

@MrAgent - why wait for them to call you? Be proactive and strike first - if you google around - you should be able to find some of the sites that host the numbers of the call-centers.

One of the more amusing recordings - https://www.youtube.com/watch?v=c4HKOWG2oEA

MTciscoguy

MrAgent wrote: »

I also have a vm waiting should they ever call me. I plan on recording the whole thing for a nice youtube video.
I was seriously considering having files on the desktop which say accounts.doc and have it laden with malware, as well as logins.pdf file which would would have a payload with a netcat connection back to me of course.

As I said, then I really start having fun!

Hondabuff

Download PC Log In Now and burn it to a disc. Take it over to their PC and boot to it. Follow the wizard and remove the Admin password and reboot the machine. Easy peasy!

v1ral

kohr-ah wrote: »

My coworker at my last company got these calls a lot.

He always had a snapshot of a windows 7 vm. Would load the VM up and give them access and watch them go to down doing nothing to his system then politely inform them that they just took over a useless VM and just rollback the snapshot and wait for the next one.

I should have done this but instead of Windows put a non-popular distro of Linux.