Reading mode: Light Dark

Virus phone call scam

Go to last post
C

cspringer

Forum Pro
Messages
19,632
Reaction score
2
Location
US
There was a thread about these calls not long ago.

I like the approach that Andreja suggested (keep 'em on the line and waste their time). :-)

http://forums.dpreview.com/forums/read.asp?forum=1004&message=38496251

I haven't received one of those calls yet. Or, perhaps they've tried calling and I just didn't answer because of an odd or missing caller id.

But, if/when I do, I think I'll use that technique (keep 'em on the line as long as possible to waste their time)

If I'm not real busy, I may even let 'em direct me into downloading their software and installing it, then keep them on the line lots longer troubleshooting the install (just using Wine with a "throw away" VM running Linux as the guest, under Linux as the host) with it's Firewall blocking all traffic. Then, submit whatever they wanted me to install to http://www.virustotal.com with comments so that the participating AV Vendors add it to their malware definitions if it's not already there.

--
JimC
 
Got the same call. Asked for his number so i could call him back and he hung up.
 
Don't Jim. The software has the ability to make all files Read Only and Hidden attributes amongst other things on all hard drives on computer - however carefully installed, along lines you mentioned. Very intrusive.

Either act dumb and keep them on, for fun, until whomsover is doing the call tires or just say "I'm an IT Consultant" - which I did and result was instant hang-up. I reckon that's the best action as am sure, like many scams, it gets passed down the line.

As example - I well remember my Mother sending a small donation to a registererd charity, following a postal mailout - and got hundreds of "requests" from hundreds of other charities. That was land post but I have heard of similar selling of mailing lists for "active" e-mails. Ignore is the best policy ... like ALWAYS. :-P

--

Zone8: Although I am a handsome geniearse, when I stand in front of a mirror, I vaguely recognise the ugly idjit standing on the other side!

LINK: For B+W with Epson 1400 (and other models) using black ink only PLUS other useful tips:
http://www.photosnowdonia.co.uk/ZPS/epson1400-B&W.htm
Cleaning DSLR Sensors, including Kodak DSLR Factory Cleaning method:
http://www.photosnowdonia.co.uk/ZPS/KodakDCS-sensorcleaning.htm
Solving back/front focus problems on Sigma DSLRs
http://forums.dpreview.com/forums/read.asp?forum=1027&message=35565277
 
Zone8 said:
Don't Jim. The software has the ability to make all files Read Only and Hidden attributes amongst other things on all hard drives on computer - however carefully installed, along lines you mentioned. Very intrusive.
Click to expand...
Note the "throw away VM" part of my last post. I would not allow it to access anything outside of a Virtual Machine that I could just delete after I finished wasting their time. ;-)

It would not be able to gain access to anything on the host operating system unless I specifically allowed access to shared resources on it.

--
JimC
 
As I understand it, this is a fairly popular new ploy. It figures like this: at any given time, just about everyone is having some sort of issue with some piece of Microsoft software. Thus, these cold calls are reaping some real rewards for scammers.
 
Jim Cockfield said:
Note the "throw away VM" part of my last post. I would not allow it to access anything outside of a Virtual Machine that I could just delete after I finished wasting their time. ;-)
Click to expand...
I had specifically noted that in your post Jim BUT I know of one local person who did that and still had all file attributes changed on his hard drives. How? I don't know but the software seems especially intrusive - gets into the boot area (MBR) and activates on next reboot.

--

Zone8: Although I am a handsome geniearse, when I stand in front of a mirror, I vaguely recognise the ugly idjit standing on the other side!

LINK: For B+W with Epson 1400 (and other models) using black ink only PLUS other useful tips:
http://www.photosnowdonia.co.uk/ZPS/epson1400-B&W.htm
Cleaning DSLR Sensors, including Kodak DSLR Factory Cleaning method:
http://www.photosnowdonia.co.uk/ZPS/KodakDCS-sensorcleaning.htm
Solving back/front focus problems on Sigma DSLRs
http://forums.dpreview.com/forums/read.asp?forum=1027&message=35565277
 
My caller did not mention Microsoft. Maybe they can do it on any OS.
hotdog321 said:
As I understand it, this is a fairly popular new ploy. It figures like this: at any given time, just about everyone is having some sort of issue with some piece of Microsoft software. Thus, these cold calls are reaping some real rewards for scammers.
Click to expand...
 
If you allow your boot drive to be shared read/write by a VM, it can do anything it wants to with it. Giving a VM access to resources on your main system can come in handy for sharing files between them. But, you sure wouldn't want to do that if you want to keep any software running in it isolated (as in testing malware).

So, don't do that if you want to make sure it's isolated from the rest of your system.

Then, as far as any software knows, the Virtual Machine is the entire real machine it's running on, and it can only infect the virtual drives setup in the Virtual Machine; and can only access other devices you give the VM access to (USB devices, etc.). Just don't give the VM access to anything outside of the VM. ;-).

--
JimC
 
Oh. I had heard a similar report last week using Microsoft as their baseline scam.
 
Jim, you are a truly devious thinker. I like that. I suspect, however, that a Linux host also provides a measure of confidence that I, at least, probably wouldn't have otherwise. Of course, I'd need to figure out how to hide the little Guest Additions icon in my system tray...
When you tire of this game, you can turn your attention to "419 scambaiting."
http://www.419eater.com/
Great fun.
 
Try this: Don't answer the telephone if you don't know who it is!

Most phones have "caller ID", don't waste you time with "phone spam"....you most likely don't click your e-mail spam, just to see what it is,etc...
 
You must log in or register to reply here.

Keyboard shortcuts

f
Forum
m
My threads
Mobile site
About
Editorial content
Cameras & Lenses
Community
All content, design, and layout are Copyright © 1998–2025 Digital Photography Review All Rights Reserved.
Reproduction in whole or part in any form or medium without specific written permission is prohibited.
When you use DPReview links to buy products, the site may earn a commission.
©GPS Media - Guides, Products, Services.
Back
Top