back to article Beware of cold call scammers pushing rogue antivirus

Malware-pushing scammers appear to be stepping up their use of telephone-based pitches, resulting in an increase in reports from the UK of high-pressure cold calls designed to trick people into installing rogue antivirus products and other nasties. Over the past few weeks, at least two people close to The Reg — including …


This topic is closed for new posts.
  1. Anonymous Coward

    Oddly enough...

    I had someone phone me the other day asking me if my Sky Box was working correctly. When I asked him why he thought it wasn't he got evasive (I don't actually have a Sky box) and when I asked if he was a scammer he hung up.

    1. Destroy All Monsters Silver badge

      Yes, but...

      ...IS your SkyBox working correctly?

  2. Gilgamesh

    Had one of these calls yesterday

    I played along, caller asked me to do start - run - then type "prefetch" and press enter. Apparently this displays "a list of corrupted files downloaded from the internet". So not the Windows prefetch cache then. I kept them on the phone about 15 minutes by playing dumb, just wanted to run up their phone bill. Eventually I just said I knew they were scamming me and they hung up. Good fun trolling them for a while though.

  3. Owen Sweeney

    Happening in Ireland for over a month.

    Numerous tales, but the article here sums it up pretty much

    Luckily, most seem to smell a rodent when they're asked for credit card details.

  4. Eden

    Double whammy

    So they Charge you for the privelage of installing malware on your PC? Nice!

    1. The BigYin

      They'd best be careful

      I think MS has patented that business method.


  5. Steven Raith


    I was asked about this last week, and assumed that someone had been getting the wind up on them from a mate. I told them to ignore with prejudice, obviously.

    Didn't think it would actually be a professional malware touting outfit however.

    Times they are a-changin' and all that.

    Steven R

  6. John Edwards

    Go stick your head in a pig... what I tell cold callers. If they become indignant, I go on to say that lacking any vetinary qualification I am unable to give advice on which end of the pig they should use. If that doesn't get rid of them I become really offensive. Because of the notoriously delicate constitution of the average Reg hack I cannot possibly go into details. Even the BOFH would be impressed.

  7. Anonymous Coward
    Anonymous Coward

    I'll be worried

    ... when one day I get a call and when informed that I don't have a Windows Event Viewer, the caller asks me to view /var/log/messages.

    Then they tell me to emerge some random rubbish!

  8. Mr_Pitiful
    Paris Hilton

    I do not work for Sophos

    This happened to me a while back, the caller said my computer had been infected and I needed their help to rectify the problem, I kept them talking for ages and went through all the motions, out of curiosity. After about 20 minutes of them trying to log into my PC, I mentioned that that I didn't have an internet connection and they hung up, hehehe

    It still cost them a few quid for the wasted call.

    Paris, because she can login to my pc anytime

    1. Gilgamesh

      it's even more fun ...

      ... when you keep them talking for 20 minutes then tell them you're running Linux

    2. Mr_Pitiful

      This IS a title

      I never give out my real landline number in any online form

      if the company need to contact me, then the email address should be good enough

      just reverse your phone number (last 4 digits) or 5 if your paranoid

      I've given up smoking today, NOBODY, and I mean NOBODY needs to question my logic, or i'll SQL you into infinity.

  9. karl 15


    Who in their right mind would fall for this?

    I don't even trust the best Antivirus to look after my PC's, never mind a chimp on a phone.

    1. Graham Marsden


      ...not everyone is as clever as you.

    2. VinceH

      Letters, Digits.

      Obviously not you, nor I, nor any of the other posters here. Unfortunately, though, readers of El Reg are not representative of computer users at large. Which is why I often lament the change from PCs being expensive, geeky toys to a cheap commodity.

      *sighs and goes all nastalgic about a time when I was the only person I knew with a computer of any kind, and I was far too geeky to attract women. It was the wrong thing that changed, damn it! ;)

  10. alain williams Silver badge

    Tell them you run Linux

    After stringing them along for a few minues ''how do you know that I am infected'', ''stuff about anti virus'', I told them that I knew that they were lying since my PCs run Linux (which they do), they just hung up.

  11. Anonymous Coward
    Anonymous Coward

    Add to the list of scammers.

    Not that their callers even sound remotely professional.

  12. Anonymous Coward
    Anonymous Coward

    oh lord

    I suppose the trick is to play really dumb; "I don't have a mouse, I have a rabbit", "I pressed the on button, now do I want delicate linens or extra rinse?", "this cheese won't fit in my floppy drive unless I cut it up first, don't make me tell you a third time", "A virus? The doctor already gave me piss for that", "Why would I put the pills into my computer?" etc

    1. paulf


      >>"A virus? The doctor already gave me piss for that"

      What kind of kinky-arse witch-doctor do you see :p

      [I agree with your annoy the cold callers intention though]

  13. william henderson 1

    the scum

    did that to a freind of mine.

    they didn't sort it out untill, they were promised a "visit" by their victim.*

    he got his money back :)

    *he managed to trace the company, london based.

    1. The BigYin

      They installed malware?

      They committed a fraud?

      Your "friend" reported them to the police?

      He, after all, did trace them. So, did he report them? Care to name 'n shame?

      Or is it all a fabrication, hmm?

      1. william henderson 1

        still there?

        f1 compstep, london.


  14. Code Monkey


    Lots of tales about stringing them along for larks - which is exactly what I'd do. Bless you Reg readers, bless you all!

  15. Stu

    Would I be right in suspecting...

    ...people who frivolously post their telephone numbers online are most affected by this? If so, it kind of serves people right imo, even those who allow their phone numbers to be published on online directories or corporate websites, you're kind of asking for it!

    Kinda reminds me of those morons who post their full address details on Facebook because their parents are out of town and they're having a house party, then wonder why their house is trashed, along with fights and street riots ... does this actually happen or am I reading too much of the Daily Fail? :-)

    Suffice it to say its not happned to me or anybody I know. I will gladly eat my words though if it does happen! ;-) But I think I'd probably just have a bit of fun with them and ensure they're kept on the line for as long as is possible too!

  16. Ghiest

    I had this a while ago

    I had this a while ago and thought it quite dodgy at the time. I was phoned and they said they were Microsoft support personnel and that they had been given reports that my machine was infected and sending viruses to other machines and they could help me fix it. I strung them along for fifteen minutes trying to act like a moron and getting web addresses wrong just to piss them off, then acted like my system was win95. The guy got so frustrated on the other end he ended up just putting the phone down on me. I've had about 3-4 of these calls in the last year or so.

  17. Anonymous Coward
    Anonymous Coward

    Been called twice - at different locations

    First time - I was sitting in my friends office, so it was plausible that he might have a remote monitoring service. When they couldn't tell me which computer of 3 desktops and 3 servers had supposedly informed them about the virus, I got suspicious and then the line went dead.

    Second time - at home. I again asked which computer (though I have only one), again dead line within moments.

    Both cases sounded like Indian subcontinent call centres.

    [I believe the Skybox scam is to get you to buy a warranty you don't need.]

    1. Anonymous Coward
      Anonymous Coward

      Yes, when I w... asked about my Sky box a month or two ago it sounded like Indian subcontinent. When I said I haven't had Sky for several years, sure enough line went dead.

  18. My Alter Ego

    Why do they never call me?

    It's always nice to have a bit of a laugh at some scammer's expense. Same with phishing emails, I always follow the link and fill in as much information as possible. I recommend friends (who are savy enough) to do the same. The lower the SNR the better.

  19. Simon Harris


    Got a call from them on Saturday morning asking to speak to me. So I ask who wants to know and an Indian man says he is from 'Windows Operating System' . At this point I ask how they got my number (always my first line since I signed up to the telephone preference service, and they shouldn't be cold calling me anyway!) and he says he got it through 'the international routing system' and that he is calling because my computer has been reporting a large number of errors.

    Anyway, having failed to get him to explain satisfactorily how they managed to convert any IP address information into a telephone number, and being somewhat partial to Saturday morning cookery programmes, I'd had enough and told him 'This is a hoax call, and I don't want to continue with it' to which he replied 'Neither do I' and put the phone down.

  20. Mike Roantree 1

    Whether to string them along or not

    Would be entirely dependent on how tired/bored/pissed off I was

  21. Gav

    Retrogressive Luddites

    I'm amazed scammers find this worth their while. This is like olde-worlde scamming, involving real con-artist time and actual con-artist skill. This is a major step backwards from scam websites and phishing, where you could attempt to scam thousands with no additional effort on your part.

    Is the interweb no longer delivering the promised increased productivity to scammers? What's next? Hustlers approaching you in the street, offering to "fix" your iPhone?

  22. ph0b0s

    Should be on TV

    This should really be reported by the news or watchdog as even though great for theregister for reporting it, I think the readership already would not entertain these calls. The really vunerable are those who do not visit here....

    And yes I had a call from these guys and kept them on the phone for ages. Was interested to see what they were doing. I just did what I was told and answered honestly. We went through my event log, but since I had just cleaned it, it had nothing wrong.

    Then I was told to check task manager to find out how much my proccesor was being used. 1% I replied and that all 8 of my bar graphs showed hardy any activity.

    So your computer is running slow I was asked?! No I responed, there is hardy any activity so it is fine. I was then asked how long it took to boot my PC. I responed about 30 seconds.

    I was told that I was just stringing them along as PC's don't boot that fast and don't have that many cores and they hung up. I was tell the truth, I have an I7 CPU and a fast SDD to boot from. You just can't help some people.....

    1. Anonymous Coward
      Anonymous Coward

      @The really vunerable are those who do not visit here....

      Exactly! All the while I'm reading this I'm wondering how to stop my mum from falling for this stuff when the only way she'd remember not to is if it was reported by 'the Government', the Police or the mass media. Or some other equally clueless old dear. i.e. one of the sources she can't conceive of telling anything but The Truth, The Whole Truth, and Nothing But The Truth (while she won't think I'm lying to her, she will think I'm exaggerating wildly).

    2. Anonymous Coward


      PCs only don't boot in 30 seconds when any of these are true:

      - It's an old install, especially one of Windows

      - You've got a terrible BIOS (at least, it takes an age to even get to the OS loading screen)

      - Your RAM/etc is fucked up, or you've just got an utterly awful spec

      - You've not formatted a PC when it comes from HP/Dell/any-other-manufacturer with all their tonnes of OS-buried crapware (my HP laptop XP wouldn't notice the Wifi when I uninstalled HP's crapware)

      - You're a gullible technophobe teenager (making up about 99% of us teens, I'd expect) who installs everything that has blinking lights and cute animated bunny gifs ... and a ton of malware

      My years-old HP laptop but now more on the order of netbook, which even with XP lags sometimes, boots Ubuntu very quickly even with you navigating menus for dualbooting (MBR, grub2).

  23. Anonymous Coward

    Potential lulz for the extra savvy?

    play dumb, let them connect to "your" pc, while they are uploading their incredible edible "anti" virus, surely someone can return the favour?

    1. Lionel Baden
      Thumb Up

      quite possible

      If they use teamviewer.

      You can reverse the connection :D

      and then the second youve done that you disable remote input

      disabling remote input is very usefull for user who keep on trying to use the mouse whilst you are or Nicking your mates dekstop and proclaiming to the worl that he has a small willy to all his MSN contacts and listen to them fume untill they hit the reset button LOL !!!!

      ahhh that was a funny evening !!!

  24. Pete Wood

    Not new

    Not new. Here's something I wrote on our company's internal newsgroups back in Nov 2009:

    Got home on Tuesday to hear my wife tell me that she'd been phoned during the day by someone from Tech On support who are a UK supplier of support for Microsoft XP, that they'd received a report from Microsoft (via the error reporting system) that we'd been having trouble and that they were going to help her.

    Being far from stupid, and very suspicious, she took down their (01865, Oxford, UK!!!) phone number and said that her husband might call them back.

    I duly did, for a laugh, having googled first. 'twould appear to be a known scam, they'll charge you upwards of £100 to remotely "fix" your computer for you, and will talk you through the process of opening your firewall, etc, to let them in. Marvellous. The even have a website to tell you how great they are.

    The "Oxford" phone number appeared to redirect to a (judging by what I heard) VoIP link to somewhere in India.

    After hearing the spiel I asked, somewhat forcefully, exactly how they had come by my phone number. I was put through to a "supervisor" who explained to me that they had an R&D department who received these fault reports and supplied them with details of the users so that they could phone up and help them.

  25. Andy 102

    waste their time.

    Had this for the 2nd time in as many months. So this time I played dumb and went along with them for a while. He started to get a bit annoyed when I said I couldn't find the 'start' button on my screen.

    After 5 mins I then mentioned that I had a 'penguin' in the bottom left. He then hung up.

    1. Winkypop Silver badge

      Couldn't find the Start Button...

      ...I've had genuine cases of that at work. Grown men and women, unable to use the most basic PC interfaces. How do people get these jobs?

      As for scammers, they tried this on my elderly Dad a few weeks back here in Oz. He was plucky enough to get a working phone number out of them. He even called back, sure enough the same scammer, errr person, answered (kids screaming in the background mind).

      Duly reported to the authorities and no harm done at his end.


  26. Sureo

    Actually this is good news

    What this tells me is that Windows security has finally been beefed up to the point where they can't just quietly bust in to your system anymore, and need your cooperation to do it. This really is good news. They are expending manpower resources to call people now. Perhaps their costs will go up enough to make the malware business uneconomic.

  27. Anonymous Coward
    Anonymous Coward


    I had a customer who was stung by this last week. Quite convincing to a computer illiterate . An Indian gentleman named "Scott" phoned her up claiming to be from Microsoft claiming her PC has a virus. They got her to go through a number of things on her PC to 'prove' it's faulty or virus ridden. Then they instigate a remote access session on the PC via Finally getting her to part with £180 for a 3 year 'support contract' or something like that. They even send an email to themselves from Outlook Express claiming that she has read their terms and conditions and has accepted the £180 fee. Email was sent to Her credit card has now been cancelled - hopefully before any more funds were taken. A Malwarebytes scan and AVG virus scan didn't pick up on any dropped spyware, so it looks like this is a ruse to get cash/credit card info. Perhaps.

    It also interesting that they knew her name and telephone number (which is ex-directory). This information must be leaking to these scammers somehow. Coincidentally she has recently bought a new Dell laptop - knowing the latter's penchant for Indian call centres, could this be a vector?

    Seems like there's a lot of it about - though it's the first time I've personally come across this particular scam. cf:

    Is there any chance of getting the Bangalore / West Bengal police involved in making life difficult for these fraudsters?

    1. Simon Haynes


      My partner also had one of these calls a couple of weeks back, phone is ex-directory but also recenlty purchased a new Dell laptop. Maybe they have a leak of some sort...

    2. Ascylto
      Big Brother

      A clue ...

      One clue to being a scam is they use a Mac to illustrate a computer but offer 'help' only for Windows PCs!

  28. The BigYin

    Remember that wind-up...

    ...where the recipient pretended to be a police officer investigating a homicide detective and just about made the cold-caller crap themselves?

    Imagine the fun:

    (Phone rings) "Uh, hello?"

    "Yes Sir/Madam. This is Bob from MS Security, your PC has a virus. We need to install anti-virus."

    "Really. Wow. How do you know?"

    "We monitored your PC and saw virus activity."

    "OK. Please don't hang up, I just need to go into the other room."

    "Sure." (Now find something that makes a clicking noise. Click it)

    "Can you just repeat, you monitored my PC?"

    "Oh yes, it's all part of the service and for a mere £75 we can cure you of virus!"

    "Thank you for confirming on record that you monitored our systems."


    "You have called and just confessed to hacking and monitoring a Royal Signals Networking Bunker" (or something)


    "No point in hanging up, we have already traced this call and your location. Your co-operation may mitigate any action taken against you, which could include life in prison. You've got no defence, I have your confession on tape. So, tell me your real name and who you work for and I'll do my best to help you." (and just carry on making crap up for as long as they stay on the line or you can be bothered for)

    You probably won't get anything from them...but it would at least provide some amusement.

  29. Ian Ferguson

    All the smug people here...

    All the smug people here stating 'I strung them along, they hung up, fnah fnah fnah' - yeah, we get it, you're computer literate.

    You are NOT the target of the scams. The elderly and computer illiterate are (this doesn't mean people are stupid - surprisingly enough, there are perfectly intelligent people around who just don't want to spend all their time on computers).

    If my parents were called by one of these scammers, they'd totally fall for it. I'll add it to the list of things to warn them against. In the meantime, I hope the scammers will give up when they find out I set my parents up with a Mac; most targets won't be so lucky.

    1. Anonymous Coward
      Anonymous Coward

      I think

      the point is to waste their time so that they can't spend it tricking vulnerable people - not to prove some kinda point about how smart we are. Most people don't need validation from anyone in a call centre.

    2. The BigYin

      It's another take on...

      ...the door-to-door scammers who say they're from the leccy/gas people. They prey on the weak.

      1. Anonymous Coward
        Anonymous Coward


        Though in my case, I can walk a door-to-door caller a few yards down the road and point out the large "No Cold Calling Zone" sign on the lamppost with Trading Standards number.

        Not that I remember it either - most of the time I say something to the effect of "keep walking" . Perhaps I should photograph/document their ID badges first then report at leisure.

        1. Anonymous Coward
          Anonymous Coward

          "No Cold Calling Zone"

          What would it take to see that extended to cover the entire British isles?

          A law that might actually benefit people? Heaven forbid!

  30. Robert Carnegie Silver badge

    How about,

    The criminal phones up a Register reader and tries to sell them antivirus software for twenty minutes. Meanwhile an accomplice breaks in through the bathroom window and steals all the Register reader's stuff from upstairs. Sheets, towels and the wonky old DVD player mainly, but if it's worth collecting old clothes from gullible householders and selling them in eastern Europe, it's got to be also worth nicking them.

    Will happen now that India is making electric vehicles so that you don't hear the getaway car running outside.

  31. Anonymous Coward
    Anonymous Coward

    Called me

    Had an Indian sounding chap ring the other day, my wife took the call. When she said she was going to pass it over to me he hung up. Gave some sort of crap about my PC was sending errors... yeah, and somehow miraculously manged to also send you my phone number.

    Would have loved to have had a conversation with him... Trouble is, even as rediculous as this scam is, some people will still log in and do as told.

  32. peter 5 Silver badge

    +1 more

    They called my mum a couple of weeks back. Fortunately I was there. Again they claimed to be a Microsoft partner, and gave her a phone number to call back on when asked. Alas, I was too paranoid to have her string them along for more than a couple of minutes. :(

  33. Barry Lane 1

    Hadn't had a call

    from these buggers for a few weeks, until last Friday. Usual, Indian or Pakistani-sounding accent, told me he was calling about my computer. I checked later on the TOPS site that I was still listed as not wanting cretinous cold-calling dingbats on my telephone line, trying to sell me malware, stone cladding or double glazing, so I can only imagine that these scammers are not registered as a legitimate business in the UK. Not registered anywhere, I suppose, unless Ankh Morpork has a Scammers Guild.

    The first time I had a call from anyone telling me that my computer was emitting bad vibes - not quite what he said but it'll have to do - I asked the guy what evidence he had. He told me that my PC was badly infected and that his company could trace this through the miracles of the Vorld Vide Veb. He then went on to prove that not only was he a terribly bad liar, but that he knew nothing whatsoever about computing. I'm rarely rude to anyone over the phone, excepting my wife, of course, but I did tell him that I thought he ought to go out and find a proper job when I told him that I use a Mac and he asked me which version of Vindows I was running.

    Anyway, it's all very well Reg readers being all smug and clever with these shysters, what happens when they call your mum or your granny and tell them that their PCs are rich in malware? I've warned my wife's parents about these callers but if they got a call from someone sounding even vaguely professional who told them that their Dell had a dose of something whiffy, they'd probably listen and go through the motions as requested by these crooks.

  34. adamski

    23 minutes

    woo hoo!

    Even after asking him how long his longest wasted time call had been, he didn't get the message. After a few minutes of explaining that I'm an expert with 20 years experience, he still tried to get me to log in to teamviewer!

This topic is closed for new posts.