cancel
Showing results for 
Search instead for 
Did you mean: 

Re: Beware fake Tech Support companies

Hi, I felt it my duty to report an incident of this exact issue that happened to my mother last night:

Out of the blue, a cold-caller called her from the number 202-317-1111.  The person on the other end of the line had a fairly strong, probably Indian, accent, and claimed to be calling from a contracted company hired by Microsoft.  He claimed that her computer was sending out excessive error messages.  He had her download a file named "Vsupport_365QS_en.exe" and run it.  This, along with having her turn on remote access to the computer.

At this point, he handed the phone off to his "supervisor" who had a slightly less of an accent, who then then proceded to dig Way deeper into the system than I even knew existed (and I'm a Computer Information Systems major at local college).  I am assuming it was to baffle her.  He then stated her computer was infected, and our existing AV software was insufficient to the task and that he could sell her good AV software for $200. 

At this point, she came and got me.  I got on the phone, and he asked about my technical expertise level, and I stated Expert.  He then tried to sell me AV software of my choice "Norton, McAfee, Trend Micro" at which point I hung up on him, informed my mother that it was a telemarketer, and handed her back the phone.  She started to tell me what he had done, and I went to investigate.  (this is where I discovered what he had been doing) - I immediately unplugged the network cable to the computer to cut off his access.

He then re-dialed no less than 7 times.  My mother picked up one of them and he assured her he wasn't a telemarketer, before I grabbed the phone and hung up on him.  We had to keep ignoring the calls, before he finally gave up.

This morning, I booted to a USB bootable Anti-virus thumbdrive, and did a full system scan.  The only things we found, were that EVERY .doc file in her documents folder had been infected with a macro, and there was 1 new file titled "I let a questinable technician have remote access to my computer.doc" also with macros inside it.  Thankfully no viruses were found.

Still disconnected from internet, I booted up the computer, grabbed her files to a thumb drive, and rebooted to my windows CD and Formatted the HD and reinstalled everything.  I don't know how to clean her files yet, so that thumb drive is just sitting there.

As far as what he Got from her files, we have no idea.  She spent all night and morning calling and canceling every credit card, debit card, and bank account she has.  We don't know what he got, but one item in that folder was last year's income tax records copy.

Thanks for reading, I wanted to emphasise that this is really happening, and give a turn-by-turn description of how it happens.  Also, any tips on how to clean macros out of Word files would be appreciated.

Re: Beware fake Tech Support companies

You’re covered for all Mother’s Day going forward now.   

 

Many take these things way too lightly until it’s too late. It amazes me they spend money on AV protection falsely believing it protects from everything and go roaming around carelessly all over the Internet. At best, it’s the very last line of defense and not particularly good at that.

 

Several hours of mitigation is worth every bit of your financial identity. You have everything you own to gain; the real question is what are you willing to lose?

Reliable Contributor selvan
Reliable Contributor
Report Inappropriate Content
Message 13 of 45

Re: Beware fake Tech Support companies

Hello All

Please Refer to this document (https://community.mcafee.com/docs/DOC-5907) for the different types of Support offered by McAfee to Home users. You may use this Document to connect with appropriate Support.

Regards

Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 14 of 45

Re: Beware fake Tech Support companies

Thank you Selvan, compliments of you...as you can see.I added below my Signature.

Regards,

Cliff
McAfee Volunteer
Reliable Contributor selvan
Reliable Contributor
Report Inappropriate Content
Message 15 of 45

Re: Beware fake Tech Support companies

You are Welcome CatDaddy. Glad that you added to your Signature.Feel free to provide any feedback/clarifications on the DOC !

Highlighted
Reliable Contributor catdaddy
Reliable Contributor
Report Inappropriate Content
Message 16 of 45

Re: Beware fake Tech Support companies

Basically, I find it very helpful,and informative. Thank you for creating it.

As for any clarifications...That would be kinda like, the "Grasshopper" offering the "Sensi" recommendations !

Thanks again, Selvan..and  for all you do.

Regards,

Cliff
McAfee Volunteer

Re: Beware fake Tech Support companies

Thought I would leave this to others, but it easy to find your own solutions (Google, of course). Here’s one: http://www.extendoffice.com/documents/word/758-word-remove-macros.html

Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 18 of 45

Re: Beware fake Tech Support companies

This thread is taking off nicely, which solves the problem of preventing it from disappearing and being forgotten. I may take the original post and turn it into a document though if the posts begin to diverge too far from the subject matter.

Tracey Romine has writen a blog article about these rogue companies, which is worth reading.

https://community.mcafee.com/blogs/supportthoughts/2014/05/23/dont-fall-prey-to-non-mcafee-support-o...

It looks as if we both decided simultaneously to post something on the same topic. Synchronicity or what?

Reliable Contributor Hayton
Reliable Contributor
Report Inappropriate Content
Message 19 of 45

Re: Beware fake Tech Support companies

I and several others in the UK have reported receiving calls from a number apparently in Chennai (Madras), India.

The number, unusually, is available through BT's call-back feature and so it may perhaps be a fake number. Nevertheless I took a call from that number and the very poor line quality and the Indian accent indicates it possibly did come from somewhere in India. This is likely to be a general-purpose call centre rather than a dedicated "tech support" operation because the same number is reported for both "Microsoft support" calls and fake "lifestyle survey" calls.

The number is 0091 44 2085148596 (0091 = India, 44 = Chennai/Madras).

Edit - There are plenty of articles about these phone scams, and a few YouTube videos. Some folks take a perverse (and quite understandable) pleasure in tormenting their callers by stringing them along ....

Here's a couple of links.

http://blog.malwarebytes.org/fraud-scam/2013/05/tech-support-scams-a-look-behind-the-curtain/

http://securelist.com/blog/incidents/33734/trying-to-unmask-the-fake-microsoft-support-scammers-17/

Message was edited by: Hayton on 21/07/14 20:39:15 IST
Reliable Contributor exbrit
Reliable Contributor
Report Inappropriate Content
Message 20 of 45

Re: Beware fake Tech Support companies

We get them here too.  My responses to them vary, from telling them they've reached the FBI to "we have no computers here" to swearing at them or just hanging up.   Either way I then add the number to my Call Screen list.

Message was edited by: Ex_Brit on 21/07/14 3:56:28 EDT PM

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community