Old Scams Never Die – at Least Not While They Still Work

Old Scams Never Die - at Least Not While They Still WorkOld standard scams seem to be a reliable source of income or perverted fun for those who are inclined to cheat and steal for a living or who simply have too much time on their hands. A client called me this week and said she had just gotten off the phone with an Asian-sounding person who identified himself as a Microsoft representative. He told her that she had a serious error on her Windows computer and she should go to it immediately and he would walk her through the necessary fix. She said she was not near the computer and he would have to call later. He said that was okay, and gave her an 888 number to call when she was ready to make to repairs — a certified Microsoft technician would answer.

“Was that for real or a scam?” she asked. “Microsoft does not call like that. It was a classic scam,” I replied without hesitation, “In fact, no one makes calls like that except third-rate scam artists trying to hustle you.” But then my mind probably went into neutral, or maybe I am just getting older, because I neglected to ask her if she actually wrote down the 888 number. It might have been fun to call and hassle them — assuming it truly was a toll-free call. I would pretend to do what they were asking, but be extremely slow and dull about it. That could be a giggle.

I suppose we should have reported it to the authorities. If they call again, we will be better prepared. We will record the number and distribute it to law enforcement and as many freaks as I know. Becoming vulnerable to attack by giving out information is a two-way street.

The perplexing thing about this encounter is that it still exists. Scams exist in a world where they undergo brutal evolutionary forces. If they don’t make any money, they either mutate or die. This one has been around for years, so it must make money. At least my client protected herself by not giving out any information at all (except that she was home at that time and could answer the phone). Maybe my berating clients about being aware of potential scams is paying off. I hope so.

Another standard scam that I thought would certainly have evolved into something else is the classic scareware “Your computer has been infected, click here to fix” scam. A friend reported that he had such a popup appear and without thinking clicked on the X to close it. That was a mistake. As most survivors of the scareware encounters know, the X that normally closes a window actually activates the scareware Trojans. In fact, in some cases, one can be infected by simply hovering over the window. I advise clients that if a scareware popup appears, either immediately shut down the computer via the power button, or open the task manager and close all open applications. Either way, a serious scan is necessary at the least, and maybe a more serious action is required.

My friend elected to take the more serious action. He had done the right thing in that he had a current backup. He talked the situation over with another friend and together they decided not to mess around. They did a complete factory recover. Then they scanned the external backup just to be sure. It was okay, so they proceeded to rebuild the system without incident. While I had no part in their decision, that probably would have been my recommendation. Even when a combination of MSE and Malwarebytes gives the computer a clean bill of health, I still have worries. Factory recovers are not that bad if you do not mind waiting for the hundreds of Windows updates. It builds character.

While rebuilding is a chore, assuming that your anti-virus software has cleaned out all the bad guys has some risk associated with it. So what the proper action is for you to take depends on your risk tolerance and whether you are willing to take an effort to rebuild a system. But there is another way.

The one thing my friend could have done that would have been even better would have been making a current image of his hard drive — at least current in the sense of being made before there was any trouble. That makes cleaning up a cinch.

The third old-timer that happened this week was receiving an email ostensibly from an old friend with the subject line “Hey” and the total message that said, “Click here to read message.” After deleting this, I sent a warning message to the reputed author. Then I kicked myself for even looking at the stupid thing. The subject line was enough to give it away and I put myself at a bit of a risk by even looking at the message.

These three scams represent (1) attacks from a separate communication channel to avoid anti-malware protection; (2) land mines in seemingly safe websites to sneak Trojans past your protection; and (3) misdirection by spoofing email. The only thing they have in common is the desire to do harm. At least two of them have the almost-saving grace of extorting money from hapless victims. The other scam might be just malicious. I can sort of understand trying to cheat to get easy money, but harming other people just for the fun of it is beyond me.

This might seem strange, but I would like to hear from someone who has deliberately done damage to a stranger’s computer without the intent of making money from the action. What did you get from it? Do you still do it? What about people who have done the same thing to steal or extort? Do you want to talk about it? If you have been clever enough to infect computers, you should be clever enough to respond anonymously.