Dinsdale-UK

Over the past month I’ve had two family members contact me in regards to scam phone calls they have a received.

The scam involves a ‘cold’ phone call from someone explaining that they are from Microsoft or your Internet provider. During they call, the caller explains that they have ‘detected’ that your machine is running slowly and is full of viruses, they will probably ask if your computer is running slowley. They ask you to type some commands into the Run box in the start menu, usually inf virus, which immediately pops up a folder. They will ask you if you recognise any of these files, to which (if you arnt an IT Professional) you will answer ‘No’. They will then explain that these are virus files and that you need a remote support session from them to fix. If you accept they will direct you to download a remote support client from their site www dot ammyy dot com. Once on your machine they will ‘verify’ that you definitely have a virus and will eventually after much procrastination and scaremongering (talking about people stealing your identity and money from your online banking) offer to fix it for you, for a price of course, at which point they will ask for your credit card details. At this point, if you are elderly, vunerable, or just not very IT savvy you will probably be so worked up by all the talk of viruses, identity theft and your bank account that you may well hand over your credit card details in order to have this fixed.

Lets break this down

1. You receive a completely ‘cold call’ from someone explaining they are from Microsoft or your ISP explaining that they have detected viruses on your machine. Right first things first, there is absolutely no way that anyone can magically detect viruses on your computer remotely UNLESS they already have some sort of remote tool on your machine in the first place, although this is extremely unlikely in a home user environment. Secondly, Microsoft, your ISP, your Antivirus vendor or whoever, will never, ever call you in this way, I’ve been in IT for 10 years and I can guarantee you, it doesn’t happen.
2. They will (probably correctly) determine that your computer is running slowly, an attribute this to the ‘viruses’ on your computer. Ok, so which of you have a brand spanking new computer that always runs at super speed and doesnt ever hang or lag when you have 10 webpage tabs open? Probably not too many of you and even more of you will be using 3-5 years old machines that arnt up to running most of the software you have on it anyway. The truth is, most PC’s have regular moments of poor performance. Your computer is slow because its old, not because its full of virus!
3. They will ask you  to type in a command that supposedly lists all the viruses on your machine, you’ve never seen any of these files before so they must be viruses? Dont be silly, of course its not! All the ‘inf’ command does is open a folder in the windows folder of your hard drive. This is a folder that is hidden, so you wouldn’t normally see it in daily use of your computer. Its hidden because it contains files critical to the correct operation of your computer and should never be touched, unless by an experienced engineer. But you typed inf virus not just inf didnt you? It doesnt matter, the inf command ignores anything else you type after it. Try it your self, open the run box and type inf josh is a legend, all it will do is open the inf folder.
4. They will direct you to download a remote support tool from ‘their’ website to enable them to verify the viruses on your computer. At this point the caller has full control of your computer and could be doing anything to your machine. They will most likely download their own ‘diagnostic’ software to your computer, which when run will bring up a ton of fake virus messages and look like your machine is chock-full of virus. This software could also be doing all sorts behind the scenes, such as installing silent remote access software, adware software, rootkits and banking trojans.
5. Lastly the nice person will offer to remove the virus, all they need is the nice numbers from your credit card. They are of course about to steal your money, they might take £10, they might take £100, once you have given them the details they pretty much have free reign over what they take. Worst of all is that they will leave all of their nasty software on your machine. So not only have they infected your computer with adware, rootkits and goodness knows what else, they have also charged you for the privilege!

I would hope most of you are sensible enough not to hand over your credit card number out to any old Joe who calls your house. This situation is slightly different as they do a pretty good job of convincing you that your computer is chocka-full of virus and play on your fears by giving you all the spiel about identity theft and hackers stealing your bank details. The thing to do is to take a step back and think about what the person is telling you, you should quickly come to the conclusion that something isn’t right.

Tell them you are going to report them to the police and see what they say, I expect it might make you chuckle.