Watch Out! Telephone Tech. Support Scams

-

Watch out for a scam that’s on the go at the moment.  It goes like this:

You get called up out of the blue by “Microsoft” or some such reputable-sounding company.  The person who calls you normally seems to have an Indian-sounding accent.  I purely mention the caller’s accent as it seems to be a common feature – you should watch out for this kind of scam regardless of the caller’s accent.  You are told that your computer is infected with a virus or with malware.  You are often asked if your computer has been running slowly or freezing lately.

Of course they’ve got the solution for you!  At this point you’re often transferred to their “superior” or “manager” who tells you of the sorry state your poor computer is in and how they have the means to fix it.  For a fee of course.  This usually seems to range from 120 to 260 euro.

The “fix” seems to involve them getting you to browse to their website and download some remote access software which they then use to take remote control of your PC.  At this point God knows what could happen!  They have remote control of your PC and could install malware, key-loggers, web-cam spy software, anything really.  They could look at your personal data, delete important data or system files, you name it.

What often seems to happen is they get you to look at your event log, tell you that the errors you’re (inevitably) seeing are due to an infection and then remote access your PC and perform a set of fairly pointless tasks such as defragging the hard drive and running Disk Cleanup.  Often they apparently turn of the event-logging service so now you won’t see any more errors appearing!  They then charge you for this waste of time.

Beware!  No legitimate business will contact you out of the blue in this way.  How would Microsoft know you have a virus and take it upon themselves to go and fix it for you?  It’s all a load of nonsense so just hang up and don’t engage with them.

Here’s an example of what can happen:

Symantec sample telephone support scam

Comments

Post a Comment

Popular posts from this blog

Where are SCANPST.EXE and/or SCANOST.EXE?

-
Image
I sometimes have to deal with customer computers whose Outlook PST or OST files have become corrupted.  Very often the fix is to run SCANPST.EXE on the offending PST/OST file.   However, every time I go to do this I forget where the two executable files are.  Here is where they are on a Vista machine running Office 2007: C:\Program Files\Microsoft Office\Office12 I hope this helps.
Read more

APC PowerChute Network Shutdown - Authentication Phrase

-
Image
​Was installing  APC PowerChute Network Shutdown (PCNS) on a customer’s server and couldn’t find a record of the Authentication Passphrase that I set ages back on their Smart UPSes Network Management 2 Card. So I went to reset it on the card and start anew… it took a lot of digging to find it on their particular release of firmware: Go into the UPS tab, then into “shutdown” inside the “Configuration” category: You may then need to change the passphrase being used on other servers. To do this, open up PCNS in your browser and click into the area shown below:
Read more

WSUS Issues

-
Image
Was configuring WSUS on a Server 2016 VM for a customer recently and found the performance to be very sluggish and most of the time the client PCs would time-out and throw an error message when trying to check for updates. After much digging on different forums I came across a fix that worked nicely: Open Internet Information Services (IIS) Manager and click on Application Pools Then Right-Click on your WsusPool instance and choose Advanced Settings Scroll down to Private Memory Limit (KB) and change it from the default of 1843200 to 0 which means unlimited. Then right-click and stop the WsusPool and then start it again. Hope this works for you.
Read more