Hackers making fake phone calls!
I just had a personal experience from a (not so bright) phisher / hacker pretending to be from Microsoft and warning me that my computer has been compromised by malware.
Obviously, this particular scumbag had no idea who he was talking to. I decided to have a little fun with him and to lead him on a bit before dropping the ax on him. But what concerns me; and should concern you; is not only how brazen he was in making such a phone call, but that I could tell he was part of a much larger operation. Several “phone operators” could be heard in the background making similar calls. In fact, it sounded like a full fledged call center. This was not some one-off hacker trying to gather information. This was a full-on illegal syndicate.
It was a little difficult to understand the speech of this particular “service technician”, allegedly from Microsoft. The thick middle eastern accent had me asking him to repeat himself over and over, and occasionally he would turn away from the phone and talk to someone else (in Arabic) who was in the room with him. In this particular case this turned out to be advantageous for me – because it gave me additional time to get my recording device setup.
The phisher correctly recognized that I didn’t quite buy his Microsoft story so he went into his predefined narrative to “prove” he was actually from Microsoft by asking me to type in “assoc” in a command prompt. I was then supposed to be convinced that he was legit as he read the CLSID number back to me.
Of course, I had heard of this before. David Jacoby of Kaspersky Lab even wrote about this exact scam back in August of 2012. So the fact that he had repeated the registration number of ‘ZFSendToTarget’ file extension back to me left me unimpressed.
After a while I started to get a little more direct with the scumbag. He responded that he is “there to help” and that I should be a little more “cooperative”. At that point I was starting to loose interest so I told him that I have been recording the call and will be sending the recording to the FBI. Then, he can learn to be a little “cooperative” with them.
The fake phone call ended in perhaps the most comical way that I could never have imagined. This “Service Technician” started whispering into the phone how he would (sexually) service my mom & my sister, not exactly Microsoft approved conversation.
At this point I was laughing so hard that I didn’t even hear him hang up the phone.
In all seriousness, this type of scam is nothing new. There have been similar events dating all the way back to May of 2010. But the fact that these scumbags continue this type of scam indicates that it continues to be profitable. Be aware but if you ever do get one of these types of calls, have some fun with it. The longer you waste their time, the less time they have to scam someone else. Besides, there is nothing so satisfying as screwing with a scumbag.