(877) 629-6972 info@mycomputerworks.com

ROFL,

That was fun.  A scammer called me.  I scrambled to open my windows 10 VMware to let him do his thing. First he told me he was from Microsoft and that my computer was reporting to MS that I had errors. I said oh no! what can we do!! He said he could show me and then help me fix it. First to prove he knew it was my computer had me open he had me open a command window and list file associations and claimed the following was a unique identifier for my computer:

zfsendtotarget=clsid 888dca60-fc0a-11cf-8f0f-00c04fd7d062

(more info on that http://www.welivesecurity.com/2011/07/19/support-desk-scams-clsid-not-unique/ its just the entry for right click send to zip file). 

Then he had me open msinfo: 

Look at all the errors!!!

Unknown

And claimed those were the messages Microsoft was getting. Oh no what do we do!!

He asked me to connect to him.  I said ok I need this computer for work ill do anything.  (giggle)

All throughout the call he had me winkey+r to run things including going to the site below.

How he had me connect:

scammer

Tight VNC…old school goodness!

I asked if he was Microsoft why did we go to a non-Microsoft website.  He said he was Microsoft Certified and moved on very quickly.  Not wanting to tip my hand too much I allowed it to continue.  Having me connect with a VNC client he showed me how he now had control, very much like what we do at My Computer Works when we do online tech support for our members. Although he stumbled with Windows 10 for a bit…that was funny.

“OMG these are very bad virus!!”  All of these errors are the infection they were getting reports about.  Forget that there is no history other than today in the last 3 months or that they are all for after he called today so how were they getting reports…it wasn’t even ON!

Unknown-1

He went on to say it must not be running good.  I said it seems perfectly fine.  So he said it can’t be and took me somewhere to show me all the services that were not running.  Proving that it wasn’t working at its best.  OH NOES!! These are stopped services..and its bad.  Really bad.

Unknown-1

He started to uncheck things…so I was done.  I paused the Vmware I then asked him how often this scam works on people.  He started to try to defend himself.  I called him a slimey S.O.B. and wished him a good day and killed the VMWare before he could break it.  I should have let him continue but the next step as we know is to break the computer and get credit card info.

What I learned:

He was very confident and well versed in his scam.  He also was able to get me to connect very easily when I played dumb with his instructions.  He controlled the flow of the call 100% and used some good scare tactics to make me believe that there was something wrong with my computer.  I can see how this works, a layperson would not know what the errors are or that the CSID is on EVERY SINGLE WINDOWS COMPUTER EVER.

 That was so fun and scary, poor laypeople.

If you ever feel your scammed or just need help call My Computer Works today.