Scammers on the loose pretending to be Microsoft

re: Scammers on the loose pretending to be Microsoft

StephenL — Thu, 10 Jan 2013 19:58:38 GMT

Too funny! I just got off the same call. I recorded part of it, for the fun of it. I did go to ms7.us - from a test machine. They have you install TeamViewer from TeamViewer.com. This looks like a legitimate application - but, once you give the person the connection info, it DEFAULTS to remote full control. You'd think the application would require a request for control. Anyhow, I quickly removed remote control and opened a chat window. They didn't respond to my "hello?". :) And, shortly thereafter, the phone line went dead.

I checked a few logs, and, I don't see that they were able to do anything. Because the test machine was part of my domain, I decided to drop them before they could do anything... next time, I might have a truly disconnected test machine and see what they decide to do.

re: Scammers on the loose pretending to be Microsoft

NathanD — Wed, 16 Jan 2013 19:05:16 GMT

I just got the same call. Fortunately, I know enough about computers to be skeptical.

The Indian-sounding man on the line claimed he was from Microsoft Technical services and was calling me because they were getting error reports from my Windows 8 computer. I asked how I could verify this and he asked me to open Run... and type in www.ms7.us. That tipped me off, and I stopped following his directions and instead searched for the site in my browser. I eventually went to the site, trusting that I'd know before anything crazy happened. He then asked me to click a link (#4 on that page), which began downloading some random EXE file, at which point, I pulled the plug on the download and started pressing the guy. He claimed that the EXE file would help their technicians show me the problems.

I told him that I'm well aware of Event Viewer and asked him to walk me through it. He basically just had me open up the Event Viewer Application log and made vague comments about these being errors. I pressed him more to prove to me that something was wrong. He then asked me to open my Windows Prefetch folder and double click on any file...acting like the fact that Windows didn't find an appropriate application to open those files meant they were malicious. I quickly searched for the prefetch folder in Google and informed him what it was for from the Microsoft website.

At this point, I asked him to point me to anywhere on the Microsoft website that discussed this issue. His response--we're not from Microsoft, we're their technical services and "if we just posted it on the web site, why would I be calling?" LOL!

Next, I asked him for ANY link to a trustworthy antivirus or news site mentioning this issue. Obviously, no response. At that point, I started accusing him of being a scammer and trying to get me to install malicious software. I pointed out that Microsoft wouldn't be calling all their end users, which he emphatically insisted was what was happening even at that point.

He began trying to get off the phone, saying that it's my problem if my computer starts crashing in a few days. I basically told him that he's trying to scam people who don't know enough about computers to resist it and kept repeating "Stop doing this. Stop scamming people." until he hung up.

The bad part about this, is that I could totally see someone falling for this if they didn't have past experience with Event Viewer, know a bit about file extensions and have a basic understanding about how this kind of thing works.

Sadly, there's not much on Google yet about this scam, so I'm hoping that my description here will help get this page higher in the ranks. MS7.US are scammers. Don't be scammed by MS7.US. Repeat: WWW.MS7.US is a scam.

re: Scammers on the loose pretending to be Microsoft

SteveL — Wed, 13 Feb 2013 04:13:52 GMT

Thank you guys for your comments. Last night I I got this call. Since, I was half asleep and not familier with event viewer, I ended up with this guy remote controlling my computer. I did not buy anything, especialy when the pay-pal thing was called "loot" something in India. Is there any way that he may have put anything in my computer and get past Nortons? I ran Nortons and did not find anything, but have not allowed any internet connection since!

thank you.