By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here. - Internet Anti-Fraud Center - now open!

 Call about malware

View next topic
View previous topic
Post new topicReply to topic
Author Message
Parkwood P Parkenfarker
Hello I'm New here!

Joined: 13 Jul 2011
Posts: 1
Location: Right behind you

PostPosted: Wed Jul 13, 2011 3:10 pm Reply with quoteBack to top

I, recently, have been getting phone calls from someone in India (at least it sounds like an Indian person talking) saying they are Microsoft Certified and that they are calling because I might have a virus or some kind of malware on my computer. The first couple of times, I brushed them off, telling them I don't use windows, I use linux (ubuntu actually). After a few times, I got another call saying to go to (a legitimate site) to download a program. It turns out that the program is a remote desktop viewer, that will allow someone to control my computer, and it will also run on linux (they must cross reference previous attempts). So I played along. Now I used to do tech-support for 4 years, so I pretended to be as dumb as some of the folks that I used to get and had him on the line for a half hour. All the while he was trying to get me to download this teamviewer program. After a half hour, I almost had him in tears (I really played up the stupidity scale) and he muttered something in whatever language and hung up.
View user's profileSend private message
Baiting Guru

Joined: 10 Sep 2006
Posts: 5496
Location: Yeah who can tell me where I am?

PostPosted: Wed Jul 13, 2011 5:45 pm Reply with quoteBack to top

I like that a lot Twisted Evil
That's how I treat all unwanted phone calls and we get a lot of those in the motel here.


I don't do bling, I just do lads Evil or Very Mad
View user's profileSend private message
Hello I'm New here!

Joined: 14 Jul 2011
Posts: 5

PostPosted: Thu Jul 14, 2011 2:15 pm Reply with quoteBack to top

I've had this particular call a number of times. During one call I strung them along for ages (including exasperated gasps when I 'found' some malware on my computer - which was actually turned off).

The site they directed me to was legit. As mentioned, it was for software to remotely view your desktop. I have used this software before to get help from a legit provider. I got to the point were I said I had installed the software. They gave me the account and username to enter, which I wrote down. After the call, I e-mailed the software company with the account details, to let them know it was being used maliciously (never did get a reply though).

Anyway, at one point he got excited and got someone else to take over the call (they must've been rubbing their hands together by now!)

I did also confirm they were in India. I asked them what their accent was, as I might be able to communicate, if it was a language I understood. They confirmed India. Unfortunately, that wasn't a language I speak. Awww.

After a while I told them I have their teamviewer account details, their calling number ID (which I didn't) and I would report them to the FBI (I'm not in the U.S). They weren't sure what to say at that point and there was awkward silence. Gold.

They still call. Now if they call and I don't feel like playing, I tell them that I only have a work computer, but that's ok, as I can give them the number for my IT helpdesk and they can help my entire company. Strangely, they hang up straight away.

Twisted Evil
View user's profileSend private message
Please Taunt and Ridicule Me

Joined: 27 Apr 2011
Posts: 186

PostPosted: Thu Jul 21, 2011 6:11 am Reply with quoteBack to top

Nice job. I've been hearing about these calls more and more lately. Problem is, unlike 'Nigerian Prince' emails, many people don't know about this technique. So I'm sure they get a decent amount of success out of it, sadly. Evil or Very Mad

Parkwood P Parkenfarker wrote:
It turns out that the program is a remote desktop viewer, that will allow someone to control my computer

Ah, highschool. Those were some fun days. The 'wars' we had with each other... Laughing

I wish to inform you now that the square peg is now in square hole and your payment is being processed

Offering baiting tools and taking requests at (Updated: 8/6/11)

Last edited by username14 on Thu Jul 21, 2011 6:12 am; edited 1 time in total
View user's profileSend private messageSend e-mail
Baiting Guru

Joined: 19 Aug 2008
Posts: 3793
Location: Romancing the (Blood from a) stone!

PostPosted: Thu Jul 21, 2011 6:46 am Reply with quoteBack to top

I had two in two days. the 1st caught me unawares and I did the I use Linux, which went right over their heads... but the next day I was read for them Twisted Evil

In RL, my PC has a little quirk having just uninstalled windows server 2003 and gives an error message that ctrl-alt-dlt fixes every time, but I wasn't going to tell them I knew that.

so Indian guy says to turn on my PC, which I do and sure enough the error message comes up. I feign horror and scream "it's fucked, it's fucked! It worked last nite and now it's not working. Thank GOD you guys rangme, fix it fix it".

This freaks out the guy on the phone who starts stammering there's nothing he can do. Of course I point out he's Microsoft technical and that he rang me!!! believe it or not they transfer me to someone who actually knows a bit about IT. I read out the error message and he asks me about boot up options and IDE drives and I tell him there's none of that, just an error message. he then tells me to reboot, to which I say sure. In reality, I make a cup of tea, check out facebook on my mobile phone, and then tell him, "no it's the same shit!"

For our Aussie readers, you can just say "I'm on the Do not call register" (even if you're not), and they hang up quick smart!

Am looking for other things to wind them up with Wink

Proud "member" of "The Todger Club"!

Safari x1 (Senegal to Gambia)
"You can go now and f*ck yourself with a donkey or horse because you really need to be f*cked by a donkey or horse"
(George Michael's brother Frank/Frannypoo)

"You are a dead meat!"
(Léon the (Not so) Professional)

Closed lad accounts (19 in total:
x2 Léon the (not so) Professional. x4 Via Swindler's list. x4 Via Will and Grace the Law Firm. x3 *Hitman, x1 Hitman: The sequel!, , x1 Haiti scam, x1 The Bimbo (via Umbongo Chambers),
x1 Rita the ETA eater, x1 Via Team Doughnut, x1 Via Prince Emaka, x4 via the Nazis)
View user's profileSend private message
Hello I'm New here!

Joined: 09 Oct 2011
Posts: 2

PostPosted: Sun Oct 09, 2011 8:56 pm Reply with quoteBack to top

I work in IT, and these fraudsters called me at work - so I quickly duped them into believing I had big problems with home PC - they excitedly took my home telephone number (lol) - and called me in the evening - unfortunately I took a very sudden drunk turn - made their life hard to the point where they decided I didn't deserve their scam Sad

Oh, and what the heck is 'the blue the blue the blue' :p

.. Then they forgave me - by which time I had a nice clean virtual XP set up and I allowed them to play to their hearts content - kept them busy Smile Unfortunately I had to visit the dentist, so wasn't available for their follow up call - So I redirected all their calls to a mate in the US. Anyway, for educational fullfilment, here's what they do from start to 'nearly' finish.

Hope ya'all enjoy, shorten the URL for more 'important calls' Wink

Feedback appreciated.
View user's profileSend private message
Elite Baiter

Joined: 29 Dec 2010
Posts: 1613
Location: Having chow with an old friend.

PostPosted: Sun Oct 09, 2011 9:54 pm Reply with quoteBack to top

Hello and welcome Wingcommander,
It looks like an interesting site, very much in the spirit of eater! However I have ADHD and couldn't wait for the files to download.
One word, streamingaudio. Razz

Closed lad accounts*207 *193
ThailandGhanaUnited KingdomTogoNigeriaIsle Of ManIvory CoastIndonesiaHong KongSpainUnited StatesSenegalSwedenIreland * 47
You would look good in Gold
Never use windows auto-fill again, use something much more secure like lastpass for free.

"I am a man of hing reputation." - Loan lad Billy Hord.
"don't even think of given me that crap that you are Deaf and dump or my line is cut off , i don't have a phone please don't.." - Loan lad Billy Hord. (Having been baited to hell)
View user's profileSend private messageSend e-mail
Master of Master Baiters

Joined: 23 Mar 2006
Posts: 668

PostPosted: Tue Oct 11, 2011 12:39 am Reply with quoteBack to top

Hey there wc419. I listened to the first of those two calls and was quite entertained. The second is downloading right now. Your drunkenness, whether feigned or genuine, was great and seemed like a very effective way to waste their time. Too bad that second woman was so intolerant to your temporary intoxication. Smile

Oh, the "the blue, the blue, the blue" was the gal saying "w w w". I'm not sure if you realized that or not, but her accent made it sound like, "the blue, the blue, the blue". At first I was thinking, "What the hell is she talking about?"

"BIG BODY LIKE ELEPHANT, small knowledge and wisdom like mosquito. SHAME ON YOU THE FIRST FOOL OF THE GREATEST ORDER." - Wilson Smith<br>"I HAVE A GOOD NEWS FOR YOU, YOU CAN STILL QUIT THIS JOB BEFORE YOU GO HANGYOURSELF." - Wilson Smith<br>"I want you to understand that those guys at Western Union are nothing but enemies of progress" - Jude 0koya

Closed lad accounts Easter Egg 2012
View user's profileSend private message
Hello I'm New here!

Joined: 09 Oct 2011
Posts: 2

PostPosted: Tue Oct 11, 2011 8:17 am Reply with quoteBack to top

Actually, I very rarely drink at all - I was quite sober at the beginning of the call - but her cries of 'da blue da blue da blue' turned me to a quick nip of whisky!

As you're now aware, the second call is more educating than entertaining - I should have recorded their 'session' inside my fake machine, the video would have went well and explained how these swines operate.
View user's profileSend private message
419Eater is my life

Joined: 11 Feb 2010
Posts: 442
Location: USA

PostPosted: Tue Oct 11, 2011 10:17 am Reply with quoteBack to top

I had a call last month from one of those guys. The site they referred to was for Remote Desktop Management software. It was for Windows only. I played along and plugged the site into Google to find out what it was. When I found the site was for a commercial software package, I visited the site. Since I was running Ubuntu without Admin privilages (root) there was no way to install software.

They walked me through clicking on install.. Which provided a .exe file. It gave the warning that the file was a Windows exe file.. Save, Open with Archive Manager, or Cancel. I read the message to the support guy. Naturally the guy wanted me to open it. Very Happy I'm sure he didn't understand the message entirely.

When it downloaded and opened, I was surprised to find the program was actually a self extracting Archive.. It contained inside another Windows .exe file by another name. I don't remember the names of the files now.

I told the guy the archive file contained a Windows exe file. What do I do now. He told me to save it to my desktop. No problem.. Saved. Then he wanted me to double click it.. Umm OK.. Do I want to open it with Archive Manager or Cancel? Question Question Rolling Eyes

He wanted me to run it.. I asked how to do that. He said to double click it. I did and gave him the options again. Rolling Eyes

He is starting to get the idea.. What version of Windows am I running. Idea I tell him I'm not running Windows. I ask him what time is it? He dodges the question.

I ask why he called me. He explained my computer has a virus and malware that was contacting Microsoft. I asked how it sent my phone number to Microsoft.. Question Question

He doged the question and asked if I was running an Apple. I told him No, It's a PC. Evil or Very Mad

I asked where was he calling from.. The caller ID is blank. ( it was.. No number, no name. Did not come up no info, blocked, or out of the area )

They admitted the call was from New York when pressed again. They then said sorry wrong number.. and hung up.

Easter Egg 2012 Closed lad accounts X5 2 piggies in my first batch of 4 baits.
Magic Jack phones : CellphoneCellphoneCellphone
you have to answer this questions because seem that you are playing with this organisation from money order to generator, please we do not like stories and playing at the moment.

Internet Security Team

Agent 1002
View user's profileSend private message

Joined: 15 Nov 2011
Posts: 1

PostPosted: Tue Nov 15, 2011 11:25 am Reply with quoteBack to top

Teamviewer - nice, i use "Litemanager" too ...
View user's profileSend private message
Master Baiter

Joined: 14 Oct 2008
Posts: 168
Location: Alpha Male of the Corgi Nation!!!

PostPosted: Thu Nov 17, 2011 10:48 am Reply with quoteBack to top

I actually think some of these guys are running legit businesses. They get you to pay $50 and they remotely install and run some freeware registry cleaners etc.

The fact that any numptie can do this himself for free is not the point as I am sure they prey on the large slice of the community that is totally unaware of such issues. i know through their remote management software like 'Logmein' etc they could take control and load up trojans etc but, like many lads I reckon all they want is a quick $60 ish and move on.

They could probably do loads of PCs in an hour. They would have a room with 5 or 6 indian students ready to log in and another room with the cold callers lining up the work queue for the guys next door.

I have also played along with these guys and, like many lads you get the boilerplate from the 1st guy and have to work through to the Maga.

Able George "Once again we thank you for the international re-corgi nation given to this Honorable chambers"

Dan Nkwerre "the group is doing pretty well and we needed to give them the hot beef injection to see how it will look like"

Badago Kabore "I am very busy here in finland the capital city of Paraguay"

Closed lad accounts x 2 Germany
Safari (Group Safari) Dan Port Harcourt - Abeche
View user's profileSend private message
Baiting Guru

Joined: 09 Jul 2008
Posts: 3114
Location: somewhere over the rainbow

PostPosted: Thu Nov 17, 2011 2:09 pm Reply with quoteBack to top

There are some cases in which scammers like this don't install viruses, but instead charge for a free or subpar piece of software that is not necessarily harmful (and may even be useful). But, they are not legit businesses. They ceased to be legitimate businesses the moment they used bogus scare tactics and made false claims about receiving reports of viruses, etc. on people's computers.

Purple FlowerEaster Egg"I've a feeling we're not in Kansas any more..."
View user's profileSend private message
Hello I'm New here!

Joined: 18 Nov 2011
Posts: 1

PostPosted: Fri Nov 18, 2011 12:36 am Reply with quoteBack to top

I would have loved to see what they're doing. You must have watched, can you give a summary of what they did on the machine?

You said it was a fresh VM... so there was probably no "personal data" on there... (which they were not accessing anyway, only corrputed files, right)

But I wonder where the real scam was. They were waiting for the guy to transfer 120 pound (but didn't give any account information)... 120 pound doesn't sound like too much for all the time invested. or were trying to get the full information needed for credit card transfers (date on card/security number etc)?

Perhaps they were looking for information on home-banking or the like and trying to hook in their private spyware

You could have switched off the machine and said there was a short power failure, btw. Smile or actually better: just switch it off and say "I didn't do anything!!!" Then you could have filled in some (made up) "personal information" before they next visit.

The phonecalls were amusing, but the really interesting thing would have been the ways they try to make profit... because when you understand what their targets are, you might realize you've been a bit too easy-going on some security measures, too

View user's profileSend private message
Display posts from previous:      
Post new topicReply to topic

 Jump to:   

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

E-Mail Header Analysis

All Content © 2003 -
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT