back to article Scareware scammers adopt cold call tactics

Scareware scammers are phoning up prospective marks in an effort to frighten people into buying software that has little or no value or utility. Rogue security (AKA scareware) packages are a growing problem. The number of such bogus packages in circulation rose from 2,850 in July to 9,287 in December 2008, tripling in number …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Thumb Up

    Great Fun!

    I just wasted 5 minutes of their time by phoning them and enquiring how they'd install Windows XP over the Internet.

    After being told they install it over the phone??, I told them that I didn't need XP as I already have it - it's just coming up as not being genuine and can they fix it for me? After all, I've heard that a good computer guy can "crack" the software and I can have it for free.

    I'll be happy to pay their £23 XP Installation fee if they can just do this for me!

    In the end I got told to just call Microsoft - wasted some of their time though, and if everyone did that then they wouldn't make a peeny!

  2. Chronos
    Stop

    Why...

    ...is there no effort on the part of law enforcement to eradicate this crap? Here's the idea: Get a few credit cards (or one-time card numbers issued on a case-by-case basis through an automated system similar to that in use in the USA for one-time prepaid cards) specially issued in collaboration with the CC companies which flag up a merchant's account as soon as they're used, "honeypot cards" if you like. Issue these to a few good, trusted researchers and let them reply to these scams. Result: The scammer's financial resources flagged and monitored (and money frozen - one use of a honeypot card freezes the merchant's account without further ado) until a case can be brought or a mistaken use of the honeypot card rectified (there will be a couple, I have no doubt). You could probably do the same with PayPal, a honeypot account that immediately removes the scammer's ability to withdraw funds and freezes the account, although PP seem to give less than a rat's posterior about fraud these days.

    Sod technical countermeasures, hit 'em where it hurts. Once they can no longer make money in this manner, they'll lose interest in the malware. It's so simple I can't believe it hasn't been suggested. It's also sneaky, underhanded, almost undetectable until it's too late and so much fun to imagine the scammer suddenly without access to funds after rubbing his greasy hands at the thought of yet another sucker, so it appeals to my darker nature and my finely tuned "fight fire with fire" sense of justice.

    Yes, it verges on vigilantism, which is why I said trusted researchers. Anyone legit has recourse to the courts. Anyone scamming would be stupid to complain as it would immediately give away their identity, something no 'net scammer wants. Then, once the case is proven, simply get the transaction records, reverse the transactions and the 'net becomes a more trustworthy place, the CC companies aren't covering losses to scams and everyone is happy. Except the scammer, of course. If he fights it, he's identified. If he doesn't, he's gained nothing. Win-win.

  3. Andus McCoatover

    Is this the beginning of Downadup??

    Just read this, and followed Google.

    Couple of posters noted their computer wouldn't shut down 'till the power button was pressed, and - coincidentally - they got a call the same evening from supportonclick. (posts Feb/Mar 09)

    http://www.malwarebytes.org/forums/index.php?showtopic=11156 - search for "shut"

    Similarly, guy had slow web download, and again a call from "Mahatma "Max" Kote telling him he had a slow download problem...

    http://forums.whirlpool.net.au/forum-replies-archive.cfm/1057308.html - search for a post from cyrillic94 (altho' this is from oct. 2008. Was Downadup around then?)

    Very odd that.

    2+2=0101?

    Best post to get rid of them? Try this post: http://games.on.net/forums/viewtopic.php?f=7&t=162887&sid=271542302b9c76bf341b2a5d3622dd57&start=13

    (damn, I should buy shares in a keyboard company...)

  4. Henry Wertz Gold badge
    Joke

    Wouldn't work too well on me...

    This would work too well on me... (well, besides my knowing some random guy on the phone won't know the state of my computer...)

    Guy: Hey, man, your computer is pwned!! It's got the Conficker bad!

    Me: Umm, I run Linux.

    Guy: ...

    -----------

    Of course this would play out in the same amusing way for Mac users as well. And especially FreeBSD 8-). (Yes, Mac viruses exist, a few Linux viruses exist, but not at the level where either user is too likely to believe some random guy on the phone about it.)

  5. Anonymous Coward
    Paris Hilton

    Anonymonitiy (however you spell it)

    They usually peddle this stuff online because it is mostly Anonymous.

    But moving to phone sales is a new one. They must be desperate in these economic times.

    Paris because the only thing scareware about her has been seen on video

  6. Ron Haworth

    The truth about who really writes this stuff

    I live near Redmond WA, the land of the Vole. I've even worked for them. The main Vole campus is teaming with programmers from other countries working under Visa's, especially those from India. Now, what do you think all this expertly trained talent wants to do once they return home? Tend rice fields? Grow sugar cane? Herd goats? No, they want to program code. Any code. For anyone. As long as it pays well. So I hate to say it but the Vole has been training the enemy here. The big M has no one to blame but themselves for the suburb quality of the malware running around out there now. They taught them how to write it. It may be politically correct to be a multi-nationally diverse company these days but its not necessarily the best business model from a security standpoint. The writers of this crap are not just found lurking in the dark dungeons of eastern Europe, Russia, and Asia, they are also walking around in Redmond WA USA in broad daylight.

  7. Anonymous Coward
    Anonymous Coward

    These guys really understand commercial software

    1) Commercial software sells on advertising. Do not let anything distract from the advertising budget.

    2) If is far cheaper to add features to the advert than to the product. Users will not complain. They will assume the emperor's clothes are there, but that they are too dim to see them.

    3) Never Supply a product that works. That makes it hard to sell upgrades.

  8. Andus McCoatover
    Thumb Up

    They can be sued!!!

    ...at least from USA. They didn't put a ™ or © character on their website after "microsoft". (lower case "m" - Numpties)

    Go, Redmond lawyer-dogs, GO!!!! Kill!! Maim!!! Disfigure!!!

  9. Steven Burn
    Thumb Up

    Cheers John!

    Cheers for the article and ref John. The more people we can warn and subsequently prevent from being scammed, the better :o)

  10. James O'Shea Silver badge
    Pirate

    fun with scareware merchants

    Some time ago I got a call from the 347-289-3770 number, at home, and on my cell at that. Which means that there is a strictly limited number of ways they could have got that number, but we'll skip that.

    A gentleman identifying himself as 'Ron', who had a distinct South India accent (he sounded just like someone I know who was born in Bangalore...) tried to tell me that he was calling from Microsoft and that the 'central computer registry' had notified Microsoft that my PC had a problem. I decided to have some fun. I played ignorant, and pretended to be rushing over to my machine and turning it on. (In reality I launched VMWare and activated one of my emulated WinBoxes, so I could have the proper Windows start-up noises in the background.) All the while I asked the most nonsensical luser questions I could think of, the better to drive poor 'Ron' up the wall. I completely ignored his attempts to sell me anything, I just kept babbling on and on and on... Poor 'Ron' got quite frustrated.

    When I finally ran out of stuff to babble about, I asked Ron why it was that Microsoft was calling me when my main machine was a Mac and my main Winbox hadn't been connected to the Internet in over a week... I informed him that this call was being recorded, and that I had the office of the United States Attorney for the Southern District of Florida on the other line and that they wanted to have a little word with him, his supervisor, and the senior management of his company. I'd IMed a friend of mine while I was babbling, and had him on the landline. I put him on speaker, and he said that he was an attorney with the US Department of Justice, and that they had received many complaints about 347-289-3770, and were in the process of setting up a formal international complaint and would extradite and prosecute all participants in this heinous crime to the fullest extent of the law. About there 'Ron' hung up and I haven't heard from him since.

  11. Glenn Charles
    Paris Hilton

    Oh

    That's why I've been making all these comments. It's just malware disguised to look like me. Or is it the other way around? I get soooo confused sometimes. a la Hilton, natch.

    --Glenn

This topic is closed for new posts.

Other stories you might like