In my previous post I explained and shared phone recordings from an experience I had with some internet scammers. I would like to take this post to show a few of the tactics they used or may use if they were to call you.
First off you may ask how they could get in contact with you. That is simple. There are lists and lists on the internet of our email addresses and phone numbers that are made available to anyone. It's disturbing I know. This also means that you could received a call about a Windows PC and you only have a Macbook. That is a tip off right there. Hang up.
If you do happen to have the computer they mention and start to use a scare tactic on you realize this, there are many highly qualified individuals in a small radius from you who can assist you and can meet you face-to-face. If somehow you get convinced, here are some things to look out for:
- They will use things built into your operating system against you
- System & Applications Logs in your Event Viewer
- Windows Command Prompt (cmd.exe)
- Known good application properties.
For instance, during my call they directed me to my Event Viewer and showed me how many events I had. This number is large by design. Everything your computer does, good or bad, logs an event. However they will pick one, lets say for example "UserModePowerService," and convince you that this means some other user had power over your computer.
One common practice is they will use the Terminal (Mac) or Command Prompt (PC) to run commands unfamiliar to most individuals. In the call I had with them they used the command 'tree' which simply lists the folder & file structure of a particular location on your computer. While all the files are flying by, they can type whatever they like and you will see it when the command is complete. For me they typed "Virus Infection." Scary right?
Next up is your Anti-virus software. If you are running any, they will look at the properties and try to explain to you that the version you are running isn't even for your computer. That could be true but in most cases is false. Any version of Windows newer than WindowsXP has a feature called 'Compatibility View' so you can run legacy applications in your more up-to-date Windows environment.
Last but certainly not least, they will try to do all these commands themselves by running a remote administration tool like TeamViewer, AmmyRemote, LogMeIn's Join.me, or any other service. Once this software is installed you give them the information they need to access your computer. They are in to do as they wish.
Granted, not all of these companies are completely malicious. What they are doing isn't necessarily illegal but it is a scam. They take advantage of individuals. It is not that they are gullible, they simply do not know and shouldn't be required to either. If this has happened to you, make sure you contact your Credit Card company and file a dispute. You may get your money back and the Credit Card company may help put out a scam alert. You can also file a complaint at https://www.ic3.gov/ or contact your local computer support company and let them take care of it for you.