Old Scams Never Die – at Least Not While They Still Work

Old Scams Never Die - at Least Not While They Still WorkOld standard scams seem to be a reliable source of income or perverted fun for those who are inclined to cheat and steal for a living or who simply have too much time on their hands. A client called me this week and said she had just gotten off the phone with an Asian-sounding person who identified himself as a Microsoft representative. He told her that she had a serious error on her Windows computer and she should go to it immediately and he would walk her through the necessary fix. She said she was not near the computer and he would have to call later. He said that was okay, and gave her an 888 number to call when she was ready to make to repairs — a certified Microsoft technician would answer.

“Was that for real or a scam?” she asked. “Microsoft does not call like that. It was a classic scam,” I replied without hesitation, “In fact, no one makes calls like that except third-rate scam artists trying to hustle you.” But then my mind probably went into neutral, or maybe I am just getting older, because I neglected to ask her if she actually wrote down the 888 number. It might have been fun to call and hassle them — assuming it truly was a toll-free call. I would pretend to do what they were asking, but be extremely slow and dull about it. That could be a giggle.

I suppose we should have reported it to the authorities. If they call again, we will be better prepared. We will record the number and distribute it to law enforcement and as many freaks as I know. Becoming vulnerable to attack by giving out information is a two-way street.

The perplexing thing about this encounter is that it still exists. Scams exist in a world where they undergo brutal evolutionary forces. If they don’t make any money, they either mutate or die. This one has been around for years, so it must make money. At least my client protected herself by not giving out any information at all (except that she was home at that time and could answer the phone). Maybe my berating clients about being aware of potential scams is paying off. I hope so.

Another standard scam that I thought would certainly have evolved into something else is the classic scareware “Your computer has been infected, click here to fix” scam. A friend reported that he had such a popup appear and without thinking clicked on the X to close it. That was a mistake. As most survivors of the scareware encounters know, the X that normally closes a window actually activates the scareware Trojans. In fact, in some cases, one can be infected by simply hovering over the window. I advise clients that if a scareware popup appears, either immediately shut down the computer via the power button, or open the task manager and close all open applications. Either way, a serious scan is necessary at the least, and maybe a more serious action is required.

My friend elected to take the more serious action. He had done the right thing in that he had a current backup. He talked the situation over with another friend and together they decided not to mess around. They did a complete factory recover. Then they scanned the external backup just to be sure. It was okay, so they proceeded to rebuild the system without incident. While I had no part in their decision, that probably would have been my recommendation. Even when a combination of MSE and Malwarebytes gives the computer a clean bill of health, I still have worries. Factory recovers are not that bad if you do not mind waiting for the hundreds of Windows updates. It builds character.

While rebuilding is a chore, assuming that your anti-virus software has cleaned out all the bad guys has some risk associated with it. So what the proper action is for you to take depends on your risk tolerance and whether you are willing to take an effort to rebuild a system. But there is another way.

The one thing my friend could have done that would have been even better would have been making a current image of his hard drive — at least current in the sense of being made before there was any trouble. That makes cleaning up a cinch.

The third old-timer that happened this week was receiving an email ostensibly from an old friend with the subject line “Hey” and the total message that said, “Click here to read message.” After deleting this, I sent a warning message to the reputed author. Then I kicked myself for even looking at the stupid thing. The subject line was enough to give it away and I put myself at a bit of a risk by even looking at the message.

These three scams represent (1) attacks from a separate communication channel to avoid anti-malware protection; (2) land mines in seemingly safe websites to sneak Trojans past your protection; and (3) misdirection by spoofing email. The only thing they have in common is the desire to do harm. At least two of them have the almost-saving grace of extorting money from hapless victims. The other scam might be just malicious. I can sort of understand trying to cheat to get easy money, but harming other people just for the fun of it is beyond me.

This might seem strange, but I would like to hear from someone who has deliberately done damage to a stranger’s computer without the intent of making money from the action. What did you get from it? Do you still do it? What about people who have done the same thing to steal or extort? Do you want to talk about it? If you have been clever enough to infect computers, you should be clever enough to respond anonymously.

Article Written by

  • Karl Entner

    I have had two client of my own go through the same situation here in Canada. And when I was working for a telecommunications company for their internet Tech support I had a total of five or six alls there. All scam artists trying to do the same thing. I have not had one like that myself for my own computer. But another one for job opportunity for sell products. where they had asked for some money to sign up to become a rep. No way did I give them anything like that. 

    • Sdeforest

       Good call.  Particularly is that was not something you initiated.

  • jmurphy45

    Web listings Inc is a scam when they send out their advertisements 

    • Sdeforest

       I know nothing about this, but searched for it.  Firefox’s WOT lists it as questionable.

  • reverendflash

    One time a pop-up FIXED my computer. I had gotten infected, probably from one of the illegal mp3 sites I used to go to. My browser wouldn’t work right in normal mode, and I had to surf in safe mode. I tried all kinds of ways to fix it, including nagging my I.T. guru/friend, but even he couldn’t do anything. I settled in to just accept it, and surfed for months in limited fashion via safe mode.
    Till one day – I went to some homegrown site, and a non-scammy pop-up message informed me that it detected a specific virus on my computer and gave me instructions on how to fix it. (The solution was coming from the site itself, and not from a third party.) I followed the directions, and – voila! – my computer returned to its former glory. Everyone I tell that story to wants to pick it apart so they can say I was tricked, but they all fail. And why shouldn’t they? I went from having a buggy computer to having a perfectly working one by trusting a respectable looking site. If that’s being stupid, I don’t wanna be smart. (Most “solutions” are bogus, but they’re ALL not out to get you.)

    • http://twitter.com/br3akth3lim1t Nathan Barnett

      If you are running Windows, I recommend googling “mbam” or “malwarebytes” and downloading it and running a full scan.

      • Ian Singleton

        Yeap Malwarebytes is a good on there is also, Hitman Pro, and another one I’ve recently heard of called emsisoft emergency repair kit.  If you have a badly infected system the more engines you can put it  through the better.  Oh and they are all free for the basic service so no need to spend anything to sort out a PC.

    • Sdeforest

      You were extraordinarily lucky.  But do you still pirate things?  Doing it once or twice to test the  system might be fun, but making it a habit is stealing as well as being  risky.  Since I do not trust MSE or malwarebytes to clean absolutely every bad thing thrown at them, I would not trust a random site that happened to help you once. (or appears to have cleaned your machine–it might still be a waiting zombie or part of a botnet.)

      As I said in the article, doing a factory recover would have saved you a lot of trouble.

  • http://twitter.com/br3akth3lim1t Nathan Barnett

    I’m running my Xubuntu so I don’t got to worry about viruses, fake av, trojans, etc… Though, I still have to worry about phishing… I usually ALWAYS use the address bar and go directly to the site I want to go to. I rarely use search engine and if I do, I look to see what address it’s going to take me. I’m ALWAYS extra careful on a Windows PC.

    • Sdeforest

       The only reason Linux has been spared is the same as why Apple has only recently been attacked–there are not enough computers running it to attract a higher class of hacker.  In some sense, Linux is more vulnerable than Windows at the point simply because Window has had to develop counter-measures.  When I use my laptop in a public place, I always boot to Linux rather than Windows.

  • Ian Singleton

    One of the classics is the good old Rogue anti virus programs that get installed onto an unsuspecting persons PC, and even I remember last year the Mac had one as well.  I came across a couple my self one called XP anti virus, and one called STOPZILLA. XP anti virus is a classic rogue that just infects your system STOPZILLA is a bit more cunning it doesn’t infect your system but is does bring up loads of fake warnings, and asks you to call a number to upgrade to a professional package. Or simply enter your credit card details to buy a product that does nothing but make the problem you were having worse.

    • Sdeforest

       You have got to wonder how may people sent in their $59 or whatever.

  • nic patterson

    I have crippled peoples’ computers before…it started off as I didn’t have a computer so I went to a friend’s house and the security aspect intrigued me, so while there I would use his internet, which was good ol’ dial up, and scour the web for how these things were made and how they manipulated the computer itself. As I got older (not smarter, prolly 14 or 15) I started making small  programs that would screw up a computer and plant them on a friends computer to see their face and expression of horror…It only went to friends though, because I saw no satisfaction in putting it on someone’s computer and not being able to watch their face. As precaution to not totally screw up my friends’ computer I would always test it on an old crappy laptop I had lying around (it was good at the time, newest thing out with WindowsME, ugh). I didn’t want to permanently damage a computer because I knew how expensive they were and I was poor during this time in life and if I wouldn’t want to buy a new computer I knew my friends wouldn’t either. Best one I messed with was a program that hid itself deep within the system files and when the computer was powered off is when things would get hairy. Next boot, it would go in, let you type your password if you had one, and then the OS would start to boot. As soon as the desktop showed up it would power back off and it kept doing this. Real-life infinite loop. It was just a time in my life where I wanted to screw with my friends. No computers were ever harmed in the long-run…and even though I used the programs in a way some might deem “bad/wrong/hurtful” etc etc, it helped me learn a lot, and get inside the mind of the people that write these programs. It has been very beneficial.

    @google-3d4e2d5f725c92e6494c0ec5daf19374:disqus The rogue antivirus you speak of did some upgrading over the years, my grandfather got that because it showed up as norton antivirus (which he had already paid for) and then once clicked on it would say the thing about upgrading. Totally crashed every process just about on the pc

    • Sdeforest

       Thanks for your comments.  I seem to have missed that phase as a teenager.  Putting a stinkbomb in a friend’s car was the closest.