This just happened. I literally just hung up from this call.
I got a phone call from someone claiming to be Microsoft Tech Support that told me my PC is filing many error reports on their server. Now, I have just bought a new laptop and haven’t customized it much yet, so I was gonna give this guy the benefit of the doubt and let him proceed. We then had this wonderful conversation:
Him: Hello sir, I am calling from Microsoft Support”
Me: “Hello.What’s up?”
Him: “Mr. RandomName, we are receiving a LOT of error messages from your PC”
Me: “I think you have the wrong number. I am not Mr. RandomName”
Him: “We have your number listed here, sir. I think the name may have been misspelt”
Me: “Oh, OK. Go on.”
Him: “Focus on your keyboard, can you see a key with 4 squares on it?” (tee-hee, this guy thinks I am a super dumb user)
Him: “Press and hold it and press R. Did a window open up with the text blah blah blah. Type in e-v-e-n-t-v”
Me:”You want me to open the event viewer?”
Him: “Yes. Do you see the Custom Views folder? Double click it. Double click the Administrative Events now. Do you see the red and yellow error messages? Do you know what these errors mean?”
(At this point, I’m a little out of my comfort zone. I have never analyzed Event Viewer logs in depth before, and I do not know what these errors mean).
Me: “I have no idea.”
Him (with extra confidence): “This is malware, sir. Your computer has been infected with malware from the Internet and is filing error reports with our server.”
(I’m wondering why my PC is phoning home to some random server. Has to be either Microsoft or Dell that it phones home to.)
Me: “Who did you say you were again? Please give me some credentials, some official email at least. Did you say you were from Microsoft?”
Him: “No sir, we are from Microsoft’s official IT Support firm. Microsoft outsources their tech support to us. Anyone saying they are calling from Microsoft is lying. Microsoft never calls.” (LOL)
Me: “Fine, but can you please prove it to me in some way that you’re genuine tech support?”
Him: “I will prove it to you, sir. Can you type assoc on your black window and hit Enter?”
Me: “OK, done”
Him: “Sir, you see a long line at the end, let me read you that number and you will know that I have access to your details”.
(he then proceeds to read me the long ID with prefix “CLS” that I’m seeing on my computer)
Him: “That is your CLS ID, sir. As in, Computer Licensing Service ID. Only genuine tech support is given access to that ID. It is secret, so please do not tell anyone your ID.”
I can sense what’s coming next. If I were him, I’d ask for remote access. So, I decide to dive deeper before taking action.
Me: “Hold on a moment, will you? I need to check something.”
I then quick-fire Google “CLS ID” and see that it is a COM Licensing ID (I know what COM components are).
I also search for event viewer errors on a parallel tab and see that they are insignificant reports in my scenario that can be ignored.
I then check for scams that follow this pattern, and find plenty of shady stuff. By then, I am convinced this guy is trying to scam me.
Him: “Are you busy right now? It is important that we get the malware removed soon”
Me (I’m in the middle of my research): “Mm-hmm, hold on. Give me just one moment”.
Him: “Sir, are you there? What are you doing?”
Me: “Yes, I am here. I am looking at a bunch of websites that tell me you’re running a scam.”
Him: “Sir, scammers don’t need your consent. They insert malware without your knowledge. We are trying to help you.”
Me: “Really? Well, I am a Computer Scientist and I know a LOT more than what you think I know. Did you know that?”
Him: “Sir, you do not seem to believe us. Your computer will be critically affected by malware if you don’t let us help. I am gonna hang up now, I will call you back when you have a bit more time.”
Me: “F*** off, dude”
(he hangs up)
Why did his scam fail? He called the wrong guy. He was looking for an old person with no computer experience; he got me instead.
Who am I?
I am a computer science geek with a decade of experience in multiple Windows versions, Mac OS X and multiple flavors of Linux. I am an expert at databases. I am also an open source programmer dabbling with mountains of data on Linux clusters. Oh, and I have 3 years of experience teaching Microsoft .NET and Azure programming. I’m not a guy who hasn’t heard of Event Viewer, I’m one that has written apps that write to the Event Viewer log.
I am the one who knocks.
Better luck next time, scammer.