Called and owned (but which way around)?
Date: 21 February 2012
Original URL: http://www.auscert.org.au/render.html?cid=7066&it=15496
I know what you are all thinking; you are thinking, "I would never get sucked into one of those silly scam calls that offer to fix my computer". But you are not normal. You are one of those few special people who know that a "CPU" is not the big box sitting under your desk, but is actually inside that box. Not everyone is like you, so I wanted to conduct a quick sanity check. I called my sister and asked her to press the Windows Key and R, and type "eventvwr" into the window that came up. Following that I asked what she saw. She said, "I see a lot of yellow warnings and red errors... Richard what have you done to me computer? FIX IT!".
After an hour or so of reassuring her (and using this as another excuse to remind her to backup her data) I was about to get back to work knowing that shedding more light onto this problem would not be a bad idea.
There are quite a large number of articles about these sort of scams. The one published today by Troy Hunt was probably my favourite for two reasons. Firstly it has a full video (1hr 22min) of the encounter allowing people to see what actually happens so they know what to look out for (jump to around 1:05 for the "coming clean"). Secondly, it has a good "debrief" section that highlights the main points and/or lessons to take away. For example:
Remember to stay safe, don't trust cold calls, and if they are a company you do know, call them back on a number you already know (or from their website).