I got a call from (212) 877-1620, which is a Verizon New York number on Friday, February 24 2017. This number had been trying to reach me almost daily since February 14. Must have been an important call if they are doing that, so I answered. The guy on the other line was from a "Microsoft Certified support provider" (Right ) who wanted to let me know that they had detected my Windows computer putting out malware. Really? Which computer? I have four computers up and running. Oh, the one you are on now. That's pretty interesting, I told him, the computer was powered down. Oh, we have logs of it he said. He had one of those Mumbai British accents that lets the cat jump right out of the bag, if you know what I mean…
The truth of the matter is that I have ZERO computers that have Windows on them, I only run versions of Linux. So I started feeding him line and slowly reeling him in. I was able to troll him for about 17 minutes (You want to keep them on the line as long as possible, as it cuts down their effectiveness). We get started right away, as he tells me it's a critical problem, and it has to be fixed right away. Sure, right! Lets try to open the command prompt running Windows-Key+R. Doesn't work. No command prompt shows up. Should I be doing a capital "R", no just Windows-Key+R. So we go through a few permutations of the opening of the command prompt in Windows. Doesn't work.
OK, could you open Internet Explorer. How? Spend a few minutes on that. No can't do that either. How about some other browser? Sure I have Firefox. Ok, that works (because I'm looking for a website address, LOL). OK, so he sends me to http://www.support.me, which immediately redirects me to https://secure.logmeinrescue.com/Customer/Code.aspx. Then he gives me a code, something like "888BCA6000C04FD7062". He was very specific about the 888, though, and I messed around with the numbers to verify that the first three digits were the important ones. Well the support code doesn't download anything, because I have a locked down browser that wouldn't run scripts and neither will the system run anything .exe because the system isn't Windows. We're at about 15 minutes into the gig now, and he's getting frustrated. He gets his supervisor on the phone, with an authoritative no-nonsense Mumbai British accent. And he's getting pissed almost immediately. After a couple more minutes, he asks me: What do you use your computer for? I use it for back-hacking. Back-hacking? Yes, I run an IT business and I hack in reverse, i.e. I go after scammers and spammers and try to penetrate and disable their systems... Oh, you're an IT guy like us, so why did I waste their time... Hangup. Because I'M NOT AN IT GUY LIKE THEM!
The gist of this is never, ever allow somebody remote access to your computer off of a cold call. The legitimate outfits will not be calling up to offer you malware removal. Especially not Microsoft. LogMeIn is a legitimate outfit, but there are individuals abusing the system, just like they do with everything else. LogMeIn gives a page: Avoiding scammers who abuse LogMeIn Rescue trial accounts as a guide to how to address the issue. Be safe, and pay attention to how the interaction begins, what is being asked, and why you need to cooperate with the caller. A request to call back is very important on your part, because usually the number that they called from is not real. They are doing a VOIP call from a sweatshop overseas, and spoofing the calling number. When I called back the number was not in service!
Safe and secure computing folks!