H
Hibox
Today 25 August 2020 i got a call as described in a previous post from 2012. It is clearly scam. I am amazed by the strategy developed to verbally lead you to do what youu don't want to do.
I received a land-line phone call asking for me by my firstname.
The caller identified himself as Microsoft support service and that my computer had been infected. Nice I thought, how can that be as I use Linux and did not switch my windows computer for a few month....
He called from 0034 966 595 620 said his company was "Windows Total Care" or sth like this and that I had been infected by a serious threat and virus.
I followed the instructions to get to understand what was the trick he was trying to play on me... There was no doubt
Fine I booted on windows...
He made me click on windows key + R and open eventvwr and look for standard log messages, made me point out some basic information, sécurity log messages as there are many in a System log file. Nothing to worry about.
But he explained me that is the proof of infection.
Arg, i made him lose his time... What was next ?
He made me open CMD window and type the "assoc" command and pointed out the line
zfsendtotarget=CLSID\{ 888DCA60-FC0A-11CF-8F0F-00C04FD7D062}
and explained to me that this number was a key only shared by two persons: me and microsoft (what an approach to mislead some not aware people, rubbish)
All Windwo vista, 7 or 10 (i thhink) users have the same number.
Here gave me this number 1 digit after the other and ask me to chekc 8 8 8 D C A 6 0 F ....
Ok sir, you got it.
He explained this is the proof he represents microsoft
Ok let's go on
He made me open chrome browser and download Teamviewer.
Then install it.
- It is already installed sir.
- Oh great he said. He ask me for the id and password...
And he connected
He felt a bit confused and asked me what was the version I had...
In the meantime I had rebooted on linux and connected with a user with very few rights.
I disconnected, he complained, I asked what do you want to do next, he asked why did you disconnect, i did it 2 or 3 times and I got to understand he wanted to get back to the eventvwr manager and do i don't know what.
I finished explaining him i need to know what he wants to do, i dont't trust you. He understood and hang up probably hangry to have been fooled.
Microsoft Windows team, what can be done against such calls and behaviour. It could happen to anyone naive or fragile.
if you need some info on that i recorded the call.
Be vigilant
Continue reading...
I received a land-line phone call asking for me by my firstname.
The caller identified himself as Microsoft support service and that my computer had been infected. Nice I thought, how can that be as I use Linux and did not switch my windows computer for a few month....
He called from 0034 966 595 620 said his company was "Windows Total Care" or sth like this and that I had been infected by a serious threat and virus.
I followed the instructions to get to understand what was the trick he was trying to play on me... There was no doubt
Fine I booted on windows...
He made me click on windows key + R and open eventvwr and look for standard log messages, made me point out some basic information, sécurity log messages as there are many in a System log file. Nothing to worry about.
But he explained me that is the proof of infection.
Arg, i made him lose his time... What was next ?
He made me open CMD window and type the "assoc" command and pointed out the line
zfsendtotarget=CLSID\{ 888DCA60-FC0A-11CF-8F0F-00C04FD7D062}
and explained to me that this number was a key only shared by two persons: me and microsoft (what an approach to mislead some not aware people, rubbish)
All Windwo vista, 7 or 10 (i thhink) users have the same number.
Here gave me this number 1 digit after the other and ask me to chekc 8 8 8 D C A 6 0 F ....
Ok sir, you got it.
He explained this is the proof he represents microsoft
Ok let's go on
He made me open chrome browser and download Teamviewer.
Then install it.
- It is already installed sir.
- Oh great he said. He ask me for the id and password...
And he connected
He felt a bit confused and asked me what was the version I had...
In the meantime I had rebooted on linux and connected with a user with very few rights.
I disconnected, he complained, I asked what do you want to do next, he asked why did you disconnect, i did it 2 or 3 times and I got to understand he wanted to get back to the eventvwr manager and do i don't know what.
I finished explaining him i need to know what he wants to do, i dont't trust you. He understood and hang up probably hangry to have been fooled.
Microsoft Windows team, what can be done against such calls and behaviour. It could happen to anyone naive or fragile.
if you need some info on that i recorded the call.
Be vigilant
Continue reading...