back to article 'Your computer has a virus' cold call con artists on the rise – Microsoft

Microsoft has released stats showing that tech support scams are on the increase, with 153,000 complaints received and 15 per cent of complainants losing cold, hard cash. For those who have been fortunate enough not to be subject to one, a tech support scam is typically where a ne'er-do-well will call up a user, usually …

Page:

  1. }{amis}{
    Stop

    Ugh!

    So sad that the Brown not is not a thing, if it was i would keep it on hand for just this kind of a@$£&%e.

  2. Aristotles slow and dimwitted horse

    Re "putting the phone down is almost always the right thing to do."

    Oh no it's not. Leading them down a long alley for 20 minutes while pretending to be a dimwit is the right thing to so. Especially at the end of a call when you ask if the fact that you run Linux is perhaps the reason you can't see the screens or issues they are suggesting?

    They seem to disappear pretty quickly after than IMHO.

    1. Teiwaz

      Re: Re "putting the phone down is almost always the right thing to do."

      Leading them down a long alley for 20 minutes while pretending to be a dimwit is the right thing to so.

      I prefer the 'deny everything' approach, also known as the 'argument sketch' approach, in which you contradict the person on the other end on everything..

      Declaring I didn't have a phone really confuses them for a moment, also presumably when the catch on as line goes dead after a moment...

      1. Rameses Niblick the Third Kerplunk Kerplunk Whoops Where's My Thribble?

        Re: Re "putting the phone down is almost always the right thing to do."

        "I prefer the 'deny everything' approach, also known as the 'argument sketch' approach, in which you contradict the person on the other end on everything..

        Declaring I didn't have a phone really confuses them for a moment, also presumably when the catch on as line goes dead after a moment..."

        This sounds like a great idea to me:

        Scammer: "Is your computer switched on?"

        You: "I've told you once"

        S: "No you haven't!"

        Y: "Yes I have"

        S: "When?"

        Y: "Just now"

        S: "No you didn't!"

        Y: "Yes I did!"

        S: "You didn't!"

        Y: "I did!"

        S: "You didn't!"

        Y: "I'm telling you, I did!"

        S: "You did not!"

        Sounds like a giggle to me, I think I'll try this next time.

        1. annodomini2

          Re: Re "putting the phone down is almost always the right thing to do."

          Also have a recording of dial up tones on hand.

          Pretend people are at the door.

          Making a cup of tea.

          Computer is slow

          Then have a secondary Linux machine on a 3G modem (can't be too fast) rigged up with a screen to look like your favourite five eyes supporter (e.g. GCHQ, NSA, CIA, FBI etc) with network logging, (their IP address is always good, with automated extrapolation of their location on your favourite mapping software).

    2. David Harper 1

      Re: Re "putting the phone down is almost always the right thing to do."

      My wife regards this as an excellent sport, and she will happily spend 20 minutes playing along. My preferred approach involves making anatomically impossible suggestions, which generally results in a far shorter call.

      1. Doctor Syntax Silver badge

        Re: Re "putting the phone down is almost always the right thing to do."

        @ David Harper 1

        Upvote for your wife's good work..

      2. Platelet

        Re: Re "putting the phone down is almost always the right thing to do."

        "My wife regards this as an excellent sport, and she will happily spend 20 minutes playing along"

        I'd recommend listening to replyall episodes 102 & 103. It's Olympic standard "playing along"

        https://www.gimletmedia.com/reply-all/long-distance

        https://www.gimletmedia.com/reply-all/103-long-distance-part-ii

        1. Autonomous Cowherds

          Re: Re "putting the phone down is almost always the right thing to do."

          @platelet - Wow - 102 starts pretty standard, (with some very long and incredibly cringy advert-plugs) but by the end, its a very, very interesting insight into the tech scam world; not that far away from a 16/17 year old in the UK finding themselves in a double glazing cold call office.

          Thanks for posting!

      3. Anonymous Coward
        Anonymous Coward

        Re: Re "putting the phone down is almost always the right thing to do."

        > My wife regards this as an excellent sport

        She might not when they call back at three in the morning for weeks on end to see if she wants another spin of the wheel.

        1. Dr Dan Holdsworth
          Facepalm

          Re: Re "putting the phone down is almost always the right thing to do."

          Most if not all of these twerps are operating over a Voice over IP line, so cannot press tone buttons even if they wanted to. So, more or less the same tool has been created several times to torture and waste the time of these idiots.

          It starts off fairly simple: "To ring this phone, press 1, if nobody answers you talk to the answerphone. To talk direct to the answerphone, press 2, otherwise please hold and Lenny will be with you shortly".

          "Lenny" is what might be termed an Artificial Stupidity program. When the call begins, it plays its greeting, sometimes several times until the moron answers. Then it merely waits for the moron to stop talking for about 1.5 seconds, and plays one of a dozen or so sound clips at random. This is all it does; greets then plays random responses when the moron stops talking.

          Strangely enough, this is generally enough to keep a scamming moron happy and engaged for quite a long time. Lenny's exploits may be heard on the Lenny Youtube channel:

          https://youtu.be/vWrkDOt_IfM

          1. phuzz Silver badge

            Re: Re "putting the phone down is almost always the right thing to do."

            "a Voice over IP line, so cannot press tone buttons even if they wanted to"

            What kind of shitty VoIP system can't pass touch tones? I've had to use some really terrible ones, but I've never found one that didn't work with touch tone menus.

      4. Anonymous Coward
        Anonymous Coward

        Re: Re "putting the phone down is almost always the right thing to do."

        Might I suggest that the old maxim 'Everyone has a book in them', which when correctly used also includes the rest of the words 'which, with plenty of lube and the necessary force, can be put back in them' would also apply here?

      5. Chris King
        Mushroom

        Re: Re "putting the phone down is almost always the right thing to do."

        "My wife regards this as an excellent sport, and she will happily spend 20 minutes playing along".

        I prefer a sprint to a marathon - the faster I can stress them out and get them screaming obscenities, the better.

        The other week, I had one screaming that his $DEITY would smite me.

        I just told him I would be way down the queue, as $DEITY is probably too busy smiting all the criminal scumbags taking his name in vain.

        Icon, because it's going to take an awful lot of Gaviscon to cool down that ulcer.

      6. Mark 85
        Pint

        Re: Re "putting the phone down is almost always the right thing to do."

        A salute and applause to your wife. She's obviously a master and rest of us are rank amatures.

        Icon: A toast.

    3. Davegoody

      Re: Re "putting the phone down is almost always the right thing to do."

      After a MAHOOSIVE 1hr11minutes, I told my (Indian) "Tech Support Man" - their description - that my computer had crashed as my 16K RAM pack had wobbled......... He sounded really Pissed-Off when he put the phone down on me.

      1. Anonymous South African Coward Bronze badge
        Pint

        Re: Re "putting the phone down is almost always the right thing to do."

        1hr11mins on the line?

        For reals?

        Have one! :)

        1. Hans Neeson-Bumpsadese Silver badge

          Re: Re "putting the phone down is almost always the right thing to do."

          1hr11mins on the line?

          Lightweight...I managed to keep one strung along for just over 3 hours. Cordless phone with speaker on it so could carry it around the house with my while I got on with my chores. Just had to remember to put in on mute from time to time (the sound of flushing would be a bit of a giveaway that I wasn't taking it seriously)

        2. TFL
          Linux

          Re: Re "putting the phone down is almost always the right thing to do."

          I got one up to 45 minutes, and thought to record the last half. Escalated through several people, before the last one called me an asshole and hung up.

          The approach I took was:

          - Attempt to play along on Linux.

          - Don't advertise that it's Linux, but would tell them if asked. No one did.

    4. Colin Bull 1
      Trollface

      Re: Re "putting the phone down is almost always the right thing to do."

      Oh no it's not.

      I used to get one every month, but not had any for about a year. Think it is because the TalkTalk data list is past its sell by date.

      Spoilsports

    5. Baldrickk

      Re: Re "putting the phone down is almost always the right thing to do."

      They seem to disappear pretty quickly after than IMHO.

      Not in my admittedly limited experience. My Father had one of these calls, which he immediately handed over to me.

      Cue the PC taking a long time to turn on, not knowing my way around a keyboard ("press the key next to the CTRL one in the bottom corner of the keyboard" - cue "pressing" the "Fn" key multiple times with no response. etc)

      After about half an hour, my breakfast was served, so I told him just what I thought of him, and thanked him for letting me waste his time.

      This seemed to particularly vex him, so he kept calling our number for another half an hour, to which I dutifully answered, ignored the insults, laughed, and put the phone down again.

      I'm not normally anywhere near that good at aggravating people.

    6. Wilseus

      Re: Re "putting the phone down is almost always the right thing to do."

      "Oh no it's not. Leading them down a long alley for 20 minutes while pretending to be a dimwit is the right thing to so."

      This. This is exactly what I do.

    7. swschrad

      one of those schmucks woke me at 4 am for this

      probably sent the weasel off on a curry break, for I railed at him with the knob at 11. or 12.

    8. Antron Argaiv Silver badge
      Thumb Up

      Re: Re "putting the phone down is almost always the right thing to do."

      I once kept a guy on the line for 10 minutes while following his directions on a Linux system.

      When he wanted me to hit the Windows key, I told him I didn't have one. This was true...I have an IBM Model M keyboard on my system. He finally gave up and told me to call Microsoft.

      I replied, "When I do, should I tell them I'm running Linux?"

      His reaction was: "Sh...<click>"

    9. bombastic bob Silver badge
      Thumb Up

      Re: Re "putting the phone down is almost always the right thing to do."

      "Leading them down a long alley for 20 minutes while pretending to be a dimwit is the right thing"

      and, gloriously entertaining!

      sorta like the "419 eaters"

      /me notes that in the article, along the side, it notes that the U.S. treatment of these worthless scumbags is overly tolerant, whereas the U.K. response is much more appropriate. I think that EVERYONE is being too kind to these sociopathic PARASITES, as they STILL LIVE.

    10. adnim

      Re: Re "putting the phone down is almost always the right thing to do."

      I have had so many of these kind of calls I just say fuck off and hang up now. I got bored with baiting them and sick of being called when concentrating.

      I have had fun with them in the past, 40 minutes is my record for keeping them talking. I have also screen recorded them installing malware on a VM and reported it to the police. The abuse I have received when I have told them I am an IT professional that is taking the piss... Funny.

      I have also had a long conversation with a "supervisor". I asked if they were proud to be scamming innocent people. The response was unexpected honesty. He said he knows that it's not right but he has a family to feed. Choices for work in his part of India were limited apparently.

      1. Prst. V.Jeltz Silver badge

        Re: Re "putting the phone down is almost always the right thing to do."

        "I have had so many of these kind of calls I just say fuck off and hang up now."

        I havent had any , but thats my plan. Fun tho it might sound stringing them along , i cant be arsed . its wasting my time as well as theirs.

        If I get some email / ebay related scam i might bat that back and forth a bit ...

    11. Big-nosed Pengie

      Re: Re "putting the phone down is almost always the right thing to do."

      I did exactly that. Kept them on the line for an hour. :-)

      1. Anonymous Coward
        Anonymous Coward

        Re: Re "putting the phone down is almost always the right thing to do."

        Usually when I these calls, they ask for my wife by her unmarried surname. She is obviously on the phone list they have acquired. I just say that I will go and get her, put the phone down on the table then see how long they wait before hanging up.

    12. phuzz Silver badge

      Re: Re "putting the phone down is almost always the right thing to do."

      There's another approach that requires a little bit of work before hand.

      First you need a Windows VM. No need for it to be a recent version, or to be updated, a bog standard WinXP SP2 box is fine.

      Find some remote access trojan, and save it on the desktop as "sekret passwords.txt" or similar.

      When you get a call from a tech support scanner, allow them access to your honeypot VM, and wait for them to copy off your 'sekret' trojan, and run it on their own machine.

      ???

      Profit!

    13. Tom 35

      Re: Re "putting the phone down is almost always the right thing to do."

      I always consider it a challenge to get them to swear at me. For the ones with Indian accents telling them how disappointed their mothers must be after all the work of raising you only to get a cheap crook, works almost every time.

      1. Michael H.F. Wilkinson Silver badge
        Happy

        Re: Re "putting the phone down is almost always the right thing to do."

        I have recently noticed many of these guys introduce themselves by some very British sounding name (I had a "Mark Williams" recently) in a thick Indian accent. I am SOOO tempted to answer in an equally thick accent "this is Bill Gates speaking". I wonder whether I should use a thick Indian, Scottish or Aussie accent.

        Choices, choices

  3. J27

    This could be avoided if we ditched the old phone system for one that could actually verify who was calling you. It would be VERY easy to build a system like that on top of the Internet and would quickly reduce costs for phone companies. Why aren't they doing it? Legacy thinking and legacy technology.

    1. Anonymous Coward
      Anonymous Coward

      The internet would be the worst option, it was never designed for secure unfalsified identification. It is trvial to spoof the source address.

      The existing phone network is more secure, and does have most of the necessary technology to do this, at least for non-international calls. The problem with international calls is that, just as with the internet, the network that received the connection has no way to know if it can trust the network that originated it.

      1. Christian Berger

        "at least for non-international calls"

        Well actually the standards for the same for international and non-international calls. The "problem" is that some phone providers are very sloppy when dealing with those numbers. It's not unlikely that a phone call from Germany to Germany will have a Swiss network provided number, because the carriers the call went through couldn't be arsed to do their job right.

        BTW what good does it do if you know the number? It could still be a company acting as a front for someone. In a time when coorporations can create fake identities by building fake companies, a phone number is worth nothing.

        1. kain preacher

          The solution to the problem is use the ANI and not CLIP for caller ID.

          1. Phil O'Sophical Silver badge

            The solution to the problem is use the ANI and not CLIP for caller ID.

            True, but CLIP is defined as the presentation-level service because there are times when it is legitimate to display a different number to the real one. A company may want to display an 800-number for return calls, for example.

            What we need is a way to store the ANI value so that a customer can flag a call as bogus, and have the ANI registered. Even so, spoofing ANI isn't impossible, especially for calls from a different network.

            Even with the actual number, though, the problem is then how to get the phone companies to block calls from agreed callers using ANI details.

        2. veti Silver badge

          The option to spoof the calling number is a feature, not a bug. It's something that, historically, companies have gone out of their way to enable people to do.

          The use-case is for - yes, call centres, but also other types of offices, where people make outgoing calls but want the return call routed to somewhere else.

          Of course, scumbags quickly came up with another use for it. But that's true of approximately every feature ever added to anything. Scumbags are inventive.

          1. Doctor Syntax Silver badge

            "The option to spoof the calling number is a feature, not a bug."

            It may have started out that way. We should now treat it as a bug.

      2. Doctor Syntax Silver badge

        "The problem with international calls is that, just as with the internet, the network that received the connection has no way to know if it can trust the network that originated it."

        The phone network does, however, have the ability to label the call as international and to display a warning if it's then trying to spoof a number.

        1. Chloe Cresswell Silver badge

          How does the system know the number is being spoofed?

          I once had a call from 1234567890. Becuase the internataional info had not been setup properly in .ve. So it was 100% conviced it was sending the valid phone number.

          1. Doctor Syntax Silver badge

            "I once had a call from 1234567890"

            Was the ANI 1234567890? No? Then it was spoofed. Not necessarily intentionally but spoofed none the less.

    2. Christian Berger

      "This could be avoided if we ditched the old phone system for one that could actually verify who was calling you."

      a) There already is a field for the "Provider Asserted Identity", it's just that providers often are rather sloppy.

      b) You're suggesting no less than a complete redesign of the phone network, a network that has grown over a century and consists of wildly divergent technologies, often as many of 3 generations being active at the same time.

      1. bombastic bob Silver badge
        Devil

        " often as many of 3 generations being active at the same time."

        you sure there's not a manual switchboard someplace, with Lilly Tomlin as "your operator" ?

        1. Phil O'Sophical Silver badge

          Lilly Tomlin as "your operator"

          "We don't care. We don't have to. We're the Phone Company!"

    3. WonkoTheSane

      I doubt that entered into BT's considerations when pledging to shift all calls to VOIP by 2025, but you never know...

  4. Anonymous Coward
    Anonymous Coward

    This could be avoided if we

    RLY?

    Cheers

    J27

  5. Christian Berger

    There is a "non-filler" talk about that topic here:

    It was held during the SHA2017 and talks about some people who decided to hunt down such a callcenter.

    https://media.ccc.de/v/SHA2017-233-a_trip_to_india

  6. chivo243 Silver badge
    Devil

    I missed my call

    the missus fielded the call not to long ago... Wish I'd been there ;-}

  7. Ye Gads

    Are they still doing this?

    I remember being called at home repeatedly by these guys. What finally worked was playing clueless with a twist:

    "I'm afraid I don't know very much about PCs. I work as a lumberjack. Let me tell you about my job".

    They hung up halfway through the second verse, which is a pity as that's when you get to the really fun lyrics.

    But there you go.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon