scams

Gary123 · ‎09-04-2010

HELP!

I am using Norton internet security at the moment, I have just recieved a phone call from a company called Techisonline ,telling me that my computer had been infected, they sounded very professional and like an idiot I believed them.First they asked me to find the run box and type in eventvwr , which showed a screen with a list of items she then said can I see any red or yellow error warnings there were so I said yes, she then said return to the run box and type in prefetch the screen then showed " you do not have permission to open this programme" she then told me to type in their web address and a screen appeared saying type in your 6 digit code, it was at this stage I became suspicious , then she said that she would pass me on to her supervisor who told me that they would send me the code by email and after entering them they could fix my errors this is when I hung up ( I now know that this is a scam.)

To cut a long story short AM I NOW AT RISK ? by entering their website Gary 123

hansenkb · ‎04-08-2008

What was the web address?

Gary123 · ‎09-04-2010

the web addreess was techisonline.com

[edit: Please do not direct link to potentially dangerous websites per the Participation Guidelines and Terms of Service.]

SendOfJive · ‎02-07-2009

Hi Gary123,

This is indeed a known scam (Google "Techisonline scam" for a browser-full of articles and forum threads). The goals of the scam are to convince you to install remote access software on your PC, bill your credit card for the bogus malware cleanup "service," and possibly to install malicious software on your computer. As long as you did not download anything you should be alright, as this seems to be more of a phishing scam that relies on social engineering to fleece its victims. Installing the remote access software would certainly put you at enormous risk, but just visiting the website presents much less of a threat. The lesson to be learned here is to never trust anything that magically appears out of nowhere to tell you that your PC is infected. The rule is: Never install anything that you did not go looking for yourself. If it comes to you uninvited, it is evil.

http://www.staysmartonline.gov.au/alerts/alerts?sq_content_src=%2BdXJsPWh0dHAlM0ElMkYlMkZ3d3cuc3NvYW...

Gary123 · ‎09-04-2010

Hello SendOfJive

Thanks for the reply very helpful

redrose · ‎09-05-2010

Thanks for sharing this important information.

SendOfJive · ‎02-07-2009

You're welcome.

Andy · ‎04-09-2008

One of the girls at work here had a telephone call supposedly from "Microsoft" - asked her to do bits and pieces, then said that she has an unlicenced version of windows.

If she then paid over the telephone by credit card there and then, they would activate it !

Fortunately she smelt a rat

Testing on two systems ...
Windows 7 64bit 8 8gb Ram
Windows XP 32 bit SP3 4 GB Ram

Gary123 · ‎09-04-2010

Thanks for the information

Alphecca-Titian · ‎06-10-2011

I just received an unsolicited phone call from a team (actually I talked to 2 different men with Indian accents) claiming to be from some "Tech support" company in New York. They knew my real name... but I have a listed number, so that would not be difficult to get.

They claimed that they knew my computer had "Junk files" that were causing it to run slowly. and infect other computers on the Internet.

I talked with them 20 minutes, and smelled a rat when they were so vague and evasive. They claimed that my computer was sending infectious emails, and had tojans and viruses, etc. They claimed that they could help me to delete the JUNK files. (Not Temp files, not cookies,....) I kept asking how they knew my computer was running this malware, and got evasive answers.

I asked him for evidence of this infection and he asked me to run the Windows Event Viewer, Application log. He told me that all the information in the application log was proof that my computer was infected. I asked them what my IP address was, and of course, they did not know that. Also, when I asked if their systems were being targeted by my computer, he kind of laughed and said no.

But he claimed to know my computer ID = 888DCA60. I asked them where I could see that ID on my system. So he asked me to run "ASSOC" in a CMD screen and look at the last line: which was: ..ZFSendToTarget=CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}. He then announced that 888DCA60 was my computer ID.

When I told him that that was on every WIndows system, he hung up.

I googled some of the salient key words, and found that this is a known scam in the UK and NZ. Apparently these fraudsters have moved into the US.... THey will attempt to get a credit card number and sell remote support - which can lead to all sorts of mischief.

Since it is social engineering attack, there is no software preventative. I am just spreading the word, hoping that it will make the news in a major way so vulnerable non-technical people do not fall for this scam!

I am going to report the incident to people on my email list.

Question - do any of you have an idea on how to spread the word faster?