Software architect and Microsoft MVP, you’ll usually find me writing about security concepts and process improvement in software delivery.
A few months back I got a call one evening which was clearly a virus call centre scam; you know, the ones that call you out of the blue, tell you your PC is infected with all sorts of nasties and offer to fix it for you? Or maybe you don’t know, which of course is why these scams have been going on for quite some time and are still very active today.
Fortunately I did know about such things so rather than summarily dismissing them with a level of disdain I normally reserve only for telemarketers, I recorded the audio of the call right up until the point where they were ready to take control of my PC. I published the whole episode in my post titled Anatomy of a virus call centre scam.
But I was left wondering; what exactly were they going to do to my PC once they got remote control? Try and squeeze some cash out of me for “fixing” things? Install their own variant of “antivirus”? Or just plain old enslave my PC into being part of a botnet? So I decided to find out by letting them do whatever they wanted whilst recording the audio and the screen so the entire experience could be shared.
The setup
For this exercise I created a brand spanking new Windows 7 trial install on a spare hard disk and physically disconnected every other disk from the machine. I then unplugged every other device from the router and disabled wifi. I now had a totally isolated, disposable machine with nothing more than an internet connection.
I installed enough of the basics on the machine to make it look legitimate (Office, Acrobat Reader, Skype, etc.) and also installed Microsoft Security Essentials. I then ran Windows Update repeatedly until every single service pack, patch and even language pack was installed. The machine was as up to date and as secure as it could be without going to third party products.
I then added various items to the desktop which might appear a bit tempting such as “Passwords.txt” and “2011 Finances.xls”. I wasn’t expecting them to be accessed, but it helped the machine appear more legitimate.
The call
I’d asked around about other people having received scam calls and was given a phone number in the UK (01916451644) and one in Australia (0872001644), both having previously been left by the scammers. A quick Google on either of these numbers will give you numerous results with people complaining about being cold-called by scammers. Both of these numbers also appear on Comantra’s website.
So who is Comantra? They’re an Indian firm specialising in remote computer support which, on the surface of it, is a perfectly legitimate business. Problem is, they’ve got a long history of scamming people and had their Gold partner status revoked by Microsoft back in September last year as a result.
I started Camtasia running on the machine capturing both screen and microphone then gave them a call. After a couple of false starts, I ended up acquiring a pre-paid SIM card for my phone as each time I called they absolutely insisted on calling me back before doing anything nasty and I wasn’t about to hand out my personal details. Finally, on Saturday a few days ago, I got through to them.
Here’s what happened next:
Debrief
Let give you the abridged version here in case you (quite rightly) didn’t feel like sitting through the entire thing:
- The operator explains that the PC is infected with malicious files.
- He directed me to Ammyy which he then used to gain remote control of my PC.
- He started the Event Viewer then explained that errors and warnings are signs of serious problems with the PC.
- He then had me go the LogMeIn website and attempted to start a remote support connection without entering a PIN code. Naturally this failed after which he explained it’s the “software loyalty key” for the computer and its expiration is the cause of all the “problems”.
- Next, I was assured numerous times that there is absolutely no cost involved for him to “fix” the warranty.
- I was then told the free warranty would cost a one-time payment of $160. Annually.
- After explicitly prompting him, he confirmed this payment is for the software key for my Windows.
- A PIN was given to me which I then entered into the LogMeIn website and granted them remote control to my machine. Again (on top of the Ammyy session).
- The operator then controlled my PC and downloaded Advanced SystemCare 3, a legitimate (albeit twice superseded) product. He explicitly told it not to create a restore point when prompted.
- SystemCare made numerous findings which the operator leveraged to explain the poor health of my PC, including an explanation that fragmented files indicated “These are all of the hardware problems”.
- I was directed to a registration form where I registered with false information.
- I was then forwarded to a payment gateway where credit card information was requested using a service provided by India’s Bank of Baroda.
- At this stage I came clean and confronted the operator. Numerous excuses were made with the general gist of it being that they are honest, have not misled me and are providing a legitimate service.
- When reviewing the system the next day whilst disconnected from the internet, the LogMeIn software loads automatically and attempts to re-establish a connection. It appears that there is now a persistent ability for Comantra to take remote control of the machine.
The whole process was a completely disjointed, muddled experience involving jumping around between a number of legitimate services which were used to create fear, uncertainty and doubt. Even the Comantra processes of registration then payment don’t actually appear to be related which makes you wonder if there’s any service provided at all after handing over cash.
One thing that was a little interesting was the use of two different remote control products; Ammyy then LogMeIn. My best guess at the rationale behind this is that Ammyy is used first because it’s an entirely free service which doesn’t require them to divulge any sort of subscription key. However it also doesn’t give them persistent remote control beyond that initial session so I suspect it’s used to validate that the “mark” is willing to go along with the scam before divulging something of value to them – the LogMeIn PIN.
Now, I want to be absolutely crystal clear that this is a scam from the outset. The end of the call descends into the operator vehemently defending the legitimacy of the Comantra service so I’m going to specifically quote a number of the things he said during the call. Also keep in mind the pretence with which these calls are initiated; this is a “cold-call” – one made without opting-in on the premise that they have been alerted to malicious activity on your PC. This is clearly a lie.
Here are some of the more significant quotes from throughout the encounter:
- “Your computer has accidentally uploaded some unwanted malicious files”.
- “The Windows operating system and the software part of your computer is getting infected”.
- “Whenever you go online or browse internet, unwanted junk files are downloaded to your computer” and then “The application views the entire part of the software part of the computer”.
- When viewing the Event Log: “This is the errors and the warnings that are in the computer, these are the very harmful files in the computer” followed by “That is the reason your computer is having a lot of problems”.
- When asked about the errors and warnings in the Event Log: “These are the corrupted files” then “This are not functioning properly in the computer” and “The software part of your computer is getting corrupted day by day”.
- When asked if Microsoft Security Essentials protects the computer: “No, no, no, it’s a security warning that comes up”.
- When I suggested I might just buy a new computer: “If you buy a new computer, you will face all the problems in the new computer as well”.
- When trying to connect to the LogMeIn service without a PIN: “This six digit code is the software loyalty key for your computer” then “This six digit code is expired from the computer, that's why your computer is having a lot of problems” followed by “All the folders has been corrupted as there is no software key yet within the computer, your software part is not functioning properly”.
- After I said the PC was 5 years old: “You've got two types of warranty on the computer, one is the software and another is the hardware” then “The software one is for 4 years and the hardware one is for 5 years” and “As the software warranty expired from the computer that's why your computer is experiencing problems”.
- When explaining the costs: “From now on you don't have to pay a single penny for the services” then “They will provide you the services and the software absolutely free of cost” and “You have nothing to pay a single penny neither for the services and neither for the software” followed by “You will get each and everything absolutely free of cost”.
- Shortly after the previous point: "You just have to pay $160 annually".
- When asked if I can pay the warranty directly to Microsoft: “No, as we are the service providers of Windows operating system”.
- In justifying their service: “We take care all the users of Windows operating system all over the world”.
- When asked about what a defragmented files was: “These are all of the hardware problems”.
- When asked why Microsoft dropped Comantra as a partner: “People like you who are always behind who full of themselves they blame the person who fix up the problem” and “Microsoft dropped us because of you kind people”.
Summary
Despite the operator protesting to the contrary, this is an outright scam in every sense of the word. The Australian government has this on their Scam Watch website, it’s widely reported in the UK press and it’s rampant in the US as well. I very much doubt these three countries are the only targets too; they’re simply the ones I’ve had reports from when I asked about other people experiencing the same thing.
The modus operandi is a familiar one; load the Event Viewer to demonstrate all the “problems”, get remote control and install third party software then charge the customer for the service. I knew better than to get caught the first time, as would most of you reading this on a technology blog.
But it’s not always that way; innocent people who are not tech-savvy enough to recognise the scam are frequently being caught and it’s often the people who can least afford to part with the cash. The scam centres around finding victims who are vulnerable and easily exploited for the benefit or crooks on the other side of the world.
I was a little tongue-in-cheek in the video but this really is a serious matter. Now that this has been posted I’m contacting each and every innocent party involved in the scam (Ammyy, LogMeIn, iObit and obviously Microsoft) and submitting it to the Australian Scam Watch site and AusCERT. I’ll update this post with any responses of interest I can share.
So what can you do? Talk to those around you who may fall victim to this scam, share this post, make them aware of the risks and above all, hang up on crooks who call out of the blue in the hope of parting you from your hard-earned cash.
Update 1 (09:30): Within hours of publishing this post, I have contacted each of the following and provided details of their role in the scam. I’ve also asked each if they’re willing to provide any feedback that I can share here:
- IOBit (their Advanced SystemCare software was used to show “malicious files”)
- Ammyy (the first remote control software used)
- LogMeIn (the second remote control software used)
- Bank of Baroda (used to process the payment)
- Microsoft (legal department though an Microsoft contact of mine)
I’ve also submitted it to:
- Scam Watch (Australian government site tracking scams running down here – also submits to the ACCC)
- AusCERT (Australian Computer Emergency Response Team)
Update 2 (21:00): AusCERT responded within hours of my contacting them and issued an alert on their website. They also put out an advisory on the Australian Government’s Stay Smart Online website. Big kudos to them for acting so promptly.
Ammyy has also responded with the following:
Thank you for contacting us. You are right, all we can do is to post warning on our main page.
Somebody also pointed out to me that during the video, you can actually see text on the Ammyy website which says “Got phone call and asked to launch Ammyy Admin? Important info on malicious use.” and links to a warning page. Is this enough? I certainly didn’t see it during the call and you could argue that Ammyy could do more to verify legitimate use (email verification, for example), but of course this also increases the barrier to use. Of course you could also argue that there is no incentive for Ammyy to prevent these sort of scams so I’m not expecting anything to change on that front any time soon.
Update 3 (Feb 22): I’ve had a response from LogMeIn with the important bit relating to this video being as follows:
Use of our software for nefarious or illegal purposes violates our terms and is immediate grounds for account termination -- it is something we take very seriously. The code you provided can be used as a fingerprint to immediately ID the account. And it was forwarded to our team to investigate and shutdown, as soon as we received it last night.
Hopefully that means life has just been made a little bit harder on Comantra, but then again, they’ve been running the same scam over and over again using the same Ammyy and LogMeIn software so clearly having one account terminated is nothing more than a small hurdle to them. The response form LogMeIn continues:
A major safety and security feature of an on-demand support solution like is that it requires mutual consent: No action can be taken by a support technician without a computer owner granting access.
The problem, of course, is that Comantra are socially engineering people into consenting to what amounts to little more than a software install. Certainly there are no big warning signs put up by LogMeIn. I totally understand this from LogMeIn’s perspective (barrier to use and all that), but the fact remains that scammers are able to repeatedly abuse their service times and again and have done so for a long period of time.
Update (March 28): As pointed out in the comments below, Comantra has ceased "further inputs into novel registrations". The grammatically challenged entry on their site effectively states that due to "some fellow critics in the industry", they will no longer be making unsolicited approaches to consumers. There is no mention of whether they will continue to screw existing customers.
Update (May 8): I've interviewed the man behind this scam in my post titled Interview with the man behind Comantra, the "cold call virus scammers".
85 comments:
This is great. Thanks for taking the time to record this and write it up. I have to admit surprise that the scammer didn't notice Camtasia recorder running. That alone tells you how smart they are.
That company should change their name to ConMantra instead
Awesome article...did they call you out of the blue and told you that you have virus on your machine ?
Yes, originally they called me out of the blue in October and told me they'd been alerted to problems with my PC. I recorded the audio only and posted it to the link at the start of this blog article. This time I called them back using one of the numbers that they'd been leaving with other people.
I don't know how you kept from busting up laughing. Some of that stuff they said is hilarious on an epic level. I especially like the "we are the service providers of Windows operating system". That's one of the funniest things I've ever heard a scammer say. Then there's the whole "free of cost" but you only have to pay $160 a year for it lines. Wow. Do people actually fall for this stuff?
One of my mates, here in Australia, had some fun with these guys, too :-)
http://clubduh.com/blog/2011/11/20/friendly-aussie-has-a-friendly-chat-with-microsoft/
I lolled. This guy. Has he no shame? Caught red handed and still arguing. Wow.
I had one of these idiots call me as well. I strung them along for about 3 minutes before pointing out that my PC was a Mac, I was a computer programmer and he was a crook. And *click* - the line went dead.
Nice work.
I'm in Brisbane, Australia. These guys call me fairly regularly. Sometimes I string them along for a while, sometimes I just hang up.
The second time it happened, I asked "Where did you get my number?".
Their response: "We are the Internet. We have everyone's number."
As a programmer these calls are humorous and a minor inconvenience, but I have certainly warned my family and friends about them. Mum wouldn't have stood a chance...
I wish you'd edited the video, but at the end when you pull up the Guardian article made it completely worth the wait. Nice work :)
I've had this scam a few times now. One time I tried to string them along, but when it was obvious their script was for Windows XP (and my PC is Windows 7) it confused them too much so they hung up. Had another call recently, allegedly from the "Australian Tax Department" about a refund. The ATO being an "office" not a department was the first clue. As was them hanging up after some spiel about what I needed to do to get this "refund" and my reply of "oh, nice script you have there".
I do get a common almost daily call of an open line, no sound and then a click as it hangs up (another favorite is "your conference has been cancelled, click!") No idea what that is.
I don't know about Ammyy, but LogMeIn gives you more than just desktop control. Once you have access to the desktop, it gives you a bunch of other neat features in other tabs - such as a filesystem viewer. I can quite happily be looking through someone's filesystem with absolutely no symptoms viewable on their screen should they be watching.
It's great as a troubleshooting tool, especially over poor links like satellite modem (a local filesystem viewer on the desktop would require multiple graphical updates to get where you want), but the potential for sniffing around and copying without the user knowing is extreme.
Great stuff. But couldn't you see what happens if you boot it up again with network on? They shouldn't get to ruin something other than the worthless windows install right? Could be nice to see if they would actually do something malicious.
As tempting as that sounds, I wanted my PC back and other devices on the network and I wasn't about to let that happen while these guys are in control of the machine.
Great write up, thanks. All of my family have had calls from these guys in the last few months. They even tried to scam niece of mine who was only 11 yrs old. Luckily she had the wherewithall to realise that it just didn't sound right and just hung up on them.
For anyone who wants to get the word out to their family/friends here's a little email I sent to mine:
I just wanted to give you a heads up that there is a particularly nasty call centre scam going on at the moment.The perpetrators are an Indian based company called COMANTRA. This is what their website looks like: [[ INSERT WEBSITE IMAGE ]]They've been cold-calling people at home, pretending to be a "service provider for Windows" to gain your trust so that they can install some software on your PC. They then do scans on your PC that spit out a whole lot of technical jargon to make you believe there's dire problems with your computer. Problems that can be solved by a simple $160 annual fee, so they say.I know you guys are savvy enough not to be lured in by this but I just wanted to give you a heads up, in case you want to get the word out to your friends.You can find out more detail on the scam here:http://www.troyhunt.com/2012/02/scamming-scammers-catching-virus-call.html
I've gotten these calls a couple of times at home targeting my grandfather. The first time I listened to his gibberish, explained I was a Software Engineer and that everything he told me was a lie and he hung up on me. Next time I simply asked what company they worked for.. they hesitated for a while and just hung up without answering.
It's fun to know what they would've tried to do.
Thanks for the post. I'm suprised that Comantra is still running as a business. Shouldn't the Indian goverment be doing something about them already?
Nice write-up. I am happy to say that when my mother was called by a similar scam (scum?) call center a few months back, she wasn't sure so asked them to call back then called me. I assured her that Microsoft would not call her out of the blue and suggested she either not take their call or ask them for a name and phone number. Later, she reported she was terrified when they called again and berated her for wasting *their* time but stuck to her guns and asked the caller for name and phone number. He hung up and hasn't called since.
Thanks for running this experiment. My Mum was caught by some scammers recently, but the script was a bit different. The system was XP. They used Ammyy, showed the event viewer, then proceeded to help - by deleting all of "My Documents" and everything on the Desktop. They never asked for money apparently. A rootkit was installed though that may have pre-dated the scam.
The files were deleted rather than just hidden. They've never called back. I can't imagine what their purpose in doing this was.
I got 3 of these calls in a 3 day period in Jan. Total annoyed me, but for fun I did the 5 minute string along as well and eventually said, I don't know how I could not have known there was a virus, I work for the Australian Intelligence and Defence Agency (really what I called it) and they monitor my workstation and all activity on my links. The line died immediately and I haven't heard from them since.
Yes, the Indian government should be doing something about this.
I was one of the unlucky ones who took the call in late January and I took their advice. The company was pcsolution123.com stating I would get software warranty for life. I paid 2 amounts then realised what I had done and asked the transaction to be cancelled. After 2 days the first amount was refunded back onto my cc but not the second one. They said that would take 14 days to refund. I tried to retrace the second one which was gold plan but it is now being investigated by my cc company. I have a block on my phone so I dont know how the callers got through.
Talk to God with this after unplugging everything:
http://www.losethos.com/files/TSGod.ZIP
Tongues in the Bible:
http://www.biblegateway.com/passage/?search=1+Corinthians+14&version=NIV
God says, "uncorruptness counted maid leads strongholds besets moving indicate notion coming existeth expense unjust baptise V com travailing warranted shameless sparrows cellars cloak hid companions mortal lists Hortensius swept apprehending feeding cheeks garlands "
Directions:
http://www.losethos.com/LTHtml/Apps/AfterEgypt/AENotes.html
The fixation with landlines is that they're using VOIP for the calls, so landlines are very cheap to call.
I'm in the UK, and have had calls from 3 pseudo land-line numbers. I started off stringing them along, but this got boring. The last time I had a call, I said that I didn't get the 'run' box, as I was running Linux.
Instant disconnect, and haven't heard from them since....
Thanks for sharing this, it's a good reminder that this is a serious scam which is trapping innocent victims. Here's hoping you get that second payment back.
LogMeIn details all up and down file transfers and other activity in the LogMeIn log files (in ProgramData\LogMeIn - look for it).
Look in there to see if they grabbed any files or did anything else untoward.
Troy thanks so much for a very well written account of your adventure. My own rule of thumb is if I don't recognize the number when the phone rings, especially if it is an uncommon area code or 000 area code I simply do not answer the phone.
I think that you get calls from overseas. A 'phone relay' is set to call you from a local number. Hence the "your conference has been cancelled".
Thank you so much for this vid. The funny thing is that when they have called me and my 13 yo daughter (several times in the past couple of months) to tell us we have "virus activity" detected on our computer we tell them that's not possible as we don't have a computer. Gets them everytime. They say thank you and hang up immediately !!!!!!!!!
Absolutely incredible... Fantastic work. My grandfather had a call from these guys (or some other similar) recently, and thankfully he was savvy enough to realize it was a scam. Kudos also for keeping your calm towards the end of your call, I would have lost my rag! +++
What a boatload of patience you have! Good work!
I would guess that they want you to call them back and ask where your files are, they blame a "virus" and offer to recover your files (for a fee.)
This has been going on for about a year now ... why hasnt ANY country pressed charges? Clearly the loss of money for th eMPAA is more damaging
Many thanks for this. I had a very similar experience just a few days ago, but the AMMYY step was absent, and I bailed out at Step 8. However the "significant quotes" were almost identical." The pcsolution123.com website mentioned below was also one of the websites they wanted me to go to.
Great article. I was just discussing these scams with my mates the other day.
Absolute GOLD. Great job!
Great :). The initial part with the phone number is hilarious, the last part with the "not-visible" credit-card form (for you to fill in front of them) is quite scary.
For Richard:
Scam: A confidence trick, confidence game, or con for short (also known as a scam) is an attempt to intentionally mislead a person or persons (known as the mark) usually with the goal of financial or other gain.
Might be worth contacting there web host and registrar.
Good point Andrew, I went back and pulled the logs but there was nothing of interest re file access. If LogMeIn hadn't killed the access code already, it might have been interesting to leave it running for bit then checked it out.
Kudos on following through on this. These vile excuses for human beings are a blight. I suggest anyone who gets repeated calls from these parasites buy a whistle and blast them when they call. These people are not only calling they can be quite pusy too and persistent. Never talk to anyone who calls and wants to talk about your computer and if you have older relatives using computers do clue them in to this scam.
I got hit with this yesterday; I let them get me to the website www dot microwindowsupport dot com and had them ask me to click on the "online support" button before going off on them (because I didn't want to chance them getting malware on my system).
The great part about this is I work for Microsoft so I could tell them with the utmost certainty and sincerity that I was going to report them as soon as I got off the call with them...
I've had a couple of these calls (I'm in Canada) and this is how I dealt with them:
Caller: "Hi, I am xxxx and I am with Microsoft"
Me: "I'm very happy for you, goodbye"
For some strange reason they don't call back :)
If I said "thanks" a squidzillion times it wouldn't be enough. I'll be referencing this as much as possible to spread the gospel of Troy.
Believe me this is real. I just went through a similar scam involving 2 seperate companies. WWW.windowstechnicalteam.com and Einix Software Solutions. I was called right after getting off of a skype call which was messed up and what they were saying (in Hindi/English) fit the problem I was having so I went with it. They did access my computer with Aammy and pointed out a number of problem areas. I did fall for it hook line and sinker and bought the service for $99.99 which I payed for thru PayPal and the scammers even had the apropriate forms to fill out for PayPal. Before the day was out my wife and daughter had heard of this similar scam and tried to convince me that it was a scam. It was hard for me to believe as I am a pretty cautious guy and do not like to put much info out on the computer or do any on-line banking etc. So finally they convinced me it could be a scam so i
immediately cancelled 2 credit cards, put my PayPal account in limbo and disconnected my computer. I contacted the two companies by phone and told them I thought they were a scam (whic of course they denied) and that i wanted a refund on my money. I tried calling again the next day but the same number was assigned to someone else. Fortunately though they did call me a short while later as they were to do more work on my computer at which time I said again I thought they were a scam and that I wanted a refund. They stated that they were a legit business providing a service and if I was unhappy with the service they would gladly refund my money which they did before the end of the next day. Both the credit card company and PayPal had put the incident up for dispute and assured me that one way or another I would get my money back. The person at Einix Software Solutions called to tell me the money had been refunded to PayPal and apologized for any inconvience. PayPal call to say the money had been sent to my credit card.
The next day I took my computer to my local technician who when through it completely and found nothing that had been added or removed and installed Microsoft Security Essentials. All is fine once again and I have learned that even the most cautious person can get caught up in a scam. Be aware, be alert.
Tom Ryan
The phone number part is hilarious all by itself.
I've had a couple of these calls, and always done a fairly poor job of keeping them on the phone - I just can't keep the sarcasm in check. But just had another one tonight that I kept on the line until she transferred me to a "senior technician", and kept HIM on the line until he wanted me to install LogMeIn. At which point I explained that the jig was up and how badly I'd owned him by keeping him on a call for fifteen minutes instead of trying to scam somebody else.
Then he called me an "Australian monkey", said "shut your ass motherfuck", and hung up on me. Comedy gold!
02/28/2012 - I received a call from these people. The fellow on the other end stated he was a representative of "Microsoft support". He then stated he was calling to resolve serious problems with my "Windows". I asked him "what windows? Windows 3.0, 3.1, WFWG, Win95, WNT, WINXP, VISTA...what?" He replied "I *must* gain access to your windows immediately before serious damage is done!" I thought, OK I'll play along... I physically disconnected all my router connectedions except the one to my old IBM OS/2 2.1 box and let him scratch his head. Took him about 3 minutes to give up.
Thanks man for this!
It is him! I just got a call from him and a woman, omg, I did not fall for it, phew!
Good luck to all of you who did! =/
Btw I'm from Sweden, it has been on the news here a few days ago.
I got a call from them a few minutes ago and I'm Swedish too. It's a bit weird - it feels like they should end up having to spend about as much money on making India-Sweden calls as they can reasonably make from this kind of scam.
This was brilliant. Good job.
You my friend, are my new hero.. The amount of headaches these phone calls have caused me at work are immeasurable. Thank you, let's work together to take them down.
The thing that gets me is that I've been told that because they are calling from OS they can loop our laws.
but you have list an Australia phone number, should that not be enough for some one to bring these guys to justice?
You can be dragged to the US for copy right infringement.
But when a company (OS or other wise) list a phone number in country to operate a scam, we can not reach out and even sue for damages!
ACCC & AFP should be using this to have the directors of that company sent here to face the courts & our jails.
How is a call centre and a front company operating a scam in multiple countries not organised crime? That carries some hefty weight.
Knowing these details, the excuse of "they are over sea's and we have no jurisdiction to stop them" no longer holds!
Enjoy
10 minutes later, finally get the number.
GRR. LOL.
FML, These guys are stupid.
This is giving me the shits, Can you put book marks in to the video or something? :p (Just after they finally get the number right and start accessing the computer)
Well done man. Good for you for taking action on this. SO many haven't.
Best desktop ever!
hahhaha you Australian monkey!
I don't know if this is entrapment, but it is good laughs :)
"14. When reviewing the system the next day whilst disconnected from the internet, the LogMeIn software loads automatically and attempts to re-establish a connection. It appears that there is now a persistent ability for Comantra to take remote control of the machine."
Perhaps this is another revenue stream for them. They on-sell the LogMeIn access to your pc to blackhats, botnets, etc. Which allows them to be at a remove and say it wasn't them who put the trojan, hacked your bank details, and on and on.
I had received quite a few of these calls. I was determined to have fun with them the next time that they called. AND THEY CALLED AGAIN! - and this time I was prepared with my Macbook. Here is the link of what went down: http://www.youtube.com/watch?v=eAN0K_BUIzo
I have fun with them too: http://www.youtube.com/watch?v=eAN0K_BUIzo
looks they have stopped their registration from 11 march onwards.i got this to know from a press release in their websites news section
That's very good news indeed Fab, thanks very much for bringing it to my attention.
I did actually discuss the local phone number issue with AusCERT and in particular, whether the AFP could be involved in taking it offline. Unfortunately there doesn't appear to have been any traction. I also doubt the ACCC has any clout given the Comantra operations are offshore.
Re US copyright, I suspect the influence of a single content creator like Warner Bros extends somewhat further than the collective "might" of a bunch of local consumers defrauded of a few hundred bucks each.
The only hope here is action on the Indian authority end which I seriously, seriously doubt will happen. Either that or consumers get educated and wise up to the extent that it makes the scam non-viable.
Absolutely brilliant, came across this after receiving a call from them myself this afternoon and thought I would try to find out a few more details about them. I ended up winding them up so much they actually called me back and left some rather nasty words on my answering machine.
Unfortunately watched the whole thing instead of preparing an I.T. report for a client so will do that this evening. We need to keep up the pressure on people like this as they are still taking in to many people.
I got a call about a year ago. I’d not had anything like this before, but I had heard of the scam. They told me I was having problems with my Windows computer, so I politely told them that I don’t have a Windows computer and that I was running a Mac. Rather than terminate the call (a couple of more recent calls of this type just end there and then if I mention Macs), the person on the other end started to get abusive. I was told I was a “liar”, that I was “evil” and “wicked” for besmirching Microsoft’s products - and they clearly did not believe that I was not running Windows.
What was concerning at the time was that they said that they would send some people round to my home to “sort me out” and proceeded to give me my home address.
I hung up on them and gave the police a call. I know people like to hide behind the anonymity of the internet and the phone lines, but the callers clearly had more information than just a random phone number. The police were pretty good about it - they said that had a had a few calls about it, and it was a scam, and not to tip anything in that they tell me to. They gave me an incident number and said to call back if anything more happened.
I recorded the incident on my blog at the time.
http://hairydalek.posterous.com/windows-supoort-department
Yes, I got them calling me today
What's your website - microsoftwindowssupport.com (doesn't exist) - then - on spelling it out only one s (window support) - convinced? Hardly!! Then I check Google - 300 hits - game over. I have to say anyone who puts up with being told to f... off 5 times is clearly a scammer. Eventually, when I quoted a Google source about the nature of their business they rang off - after 10 minutes of me telling THEM I wasn't interested.
I am based in Norway, and now they are here, too.
I almost fell for this, and I am so embarrassed. I sat (naked, straight out of bed, BTW) for 45 minutes with these people (low hourly wages in India, I guess), and became increasingly sceptical, and told them so. I did not install Advanced System Care 3, but I did let them use remote control programms AMMYY and Gotomeeting. I am now scanning for malicious software in Safe Mode using the Windows tool, and plan to do a system restore after that. Hope they haven't injected the PC with trojans, although I realize they could have.
Does anyone know if they keep a backdoor or trojan?What really got me suspicious was when the second tech showed me lots of error entries for Bonjour service, and I explained to him that it is part of iTunes, and he insisted that it isn't. I then showed him the Wikipedia article. After this, he started to get attitude, and the whole thing ended with him promising that the computer would start to run slow, and that he would call me back in two months to see if he had been right, and then we could talk about getting rid of the "problems". Another funny thing is that he said he called me because I am a legitimate windows user, which, ...erhmmm. is not really true.
You have tremendous patience my friend, and for that we are grateful. So many people will be saved from these deceitful people because of your endurance.
I live in Canada - and got this call a few months ago, and a cousin recently. I personally never encourage conversations from anyone trying to sell me anything on the phone (whether they are legit or not). I am a firm believer in , if i need a service i will call someone for it once i have done my research - which is why i am always curious on how people get scammed out of giving up money just like that.
Thanks again for a good job well done!
Ontario Canada and I keep getting these calls, sometimes twice a day.
Him: My name is xxxx and I'm with Microsoft
Me: I'm very happy for you {click}
They just don't get it and keep calling :(
You are wrong troy hund they are good service providers
your wrong troy they are just technical service provider and they are not scammers. i happy with services.
That's a very bold statement in light of 70+ other comments on this post condemning the brazen activities of Comantra. If there is truly a legitimate service behind the illegal activities observed by so many, perhaps you'd like to share how they've helped you and what it has cost?
Unless of course the (ab)user decided to delete log files form that folder ;)
Is it Australian are MONKEY...I came to know today.....hahahaha
Got a call! As we know Windows does not call you. As a matter of fact, it is almost impossible to get in touch with Windows
If there is a statement that they no longer make unsolicited calls I can confirm this is false, just spent 10 minutes leading on an operative of this organisation who cold called us here in UK, 30 April 2012.
Just got one of these, and I asked for his call back number for the "Windows center", and he gave 239-220-5342 in FL. Told me to call back and ask for him directly! Good grief. I appreciate your post about this!
Interesting, I just called that number and got a recording with an Indian accent asking for a number so a technician could call back. It has all the hallmarks of how this scam operates in other countries.
I'm a Swede that have been harassed since last autum despite that I have not answered since first time (and I did not allow them into my computer).
My father that have a computer but no internet have been called to.
My question is HOW they get the phonenumber and in my case the serialno for my windows vista?
Thx for a nice (but horrible) article :0)
I'm not sure about Sweden, but in many countries phone numbers are easily obtainable through published directories such as the White Pages. The scammers just randomly call through these.
It would not have been your Vista serial number they had, they may have socially engineered you into thinking it was but there is no way they would have had access to it in advance.
They may also be using an auto dialler which just cranks through every possible number in an area. Regardless of whether or not you are listed in public directories, they will get you.
I'm from sweden and I just got a call from one of those scammers. I was sceptical the whole time and stupid enough I clicked on accept button without knowing that it meant by accepting. Then they told me this whole thing is free but then they said something about some fee. I then understood it was some stupid scam. Sadly I had the ammyy program in my computer, weird enough I couldn't find it and uninstall it. So I just rebooted my computer. I hope that program is gone. I'm not good with these computer stuff. I feel so stupid beliving that. I mean I shall have understood since it was in english. UGH. Creepy people.
Post a Comment