Scams and damned scammers!
Posted by joeabbott on April 30, 2013
Well, in the last couple days people have attempted to scam me a couple times so I thought I’d share a bit of that here. Please don’t fall for things like this!
Hotmail Account Reset
On Saturday I received the following mail … let’s take a look at the parts together:
From: Windows Live Team
Sent: Saturday, April 27, 2013 10:23 PM
Subject: Microsoft account password reset
Thank you for being one of our valued users of Windows Live Hotmail. We hope you are enjoying it and having fun using Windows Live Hotmail & other Windows Live services. We are constantly working to improve the service to you.
Please be informed that due to the recent upgraded of the service, we would be closing both all unused and anonymous registered accounts. You are receiving this email because your account is among those to be deleted, and your verification would be needed, to enabled you to continue the activities of your account. Verify it by clicking on the reply button in order to reply back to this message and fill out the information required below:
* Date of Birth:…………………..
* Country Or Territory:………..
* Alternative e-mail: ………….
This back up is necessary for update and to avoid blocking of your account. If you do not respond to this message. you will lose your account permanently.
Thank you for your usual co-operation. We apologize for the inconvenience.
Please be aware that there is a risk involved whenever downloading email attachments to your computer or sending email attachments to others and that, as provided in the Terms of Service, neither Hotmail! are responsible for any damages caused by your decision to do . Please reply to this message. This is a service email related to your use of Hotmail! Mail.
Microsoft respects your privacy. Please read our online Privacy Statement.
First, you can see that a reply to this mail sends the response to “email@example.com” … which shows no affiliation to Microsoft.
Next, the grammar is poor. This may seem like a subjective issue, but you’ll never find an official Microsoft email that includes a phrase like “ … due to the recent upgraded of the service …”.
Finally, there’s just too much personal information being requested. In one-on-one conversation with a Microsoft support specialist, you may be asked for a number of these items, but they should never ask for your password, and the other information would typically just be used to confirm they’re talking to the person they think they are.
The above reeks of a scam and a very simple web search for “mcarstens121 hotmail scam” brought up a list of hits with the first and second links showing the text of the scam above! Don’t be caught by a phishing scam like this.
Your computer is compromised
This was an odd one.
I normally don’t work from home but had to on Monday and got a call from someone with an Indian accent saying something like, “Hi, I’m from Online PC Experts and our servers have detected a problem with a computer you have on the Internet. We need to clean your machine right away to avoid it being hacked.”
I almost started laughing and I noted some of my credentials but also commented that I have virus scanning software installed. That must have been on his script because he noted that normal virus detection software can’t see the problem but his service could (not sure how that’s possible) but it was essential we work together to clean the computer. I decided to play along and asked him the name of his company and what “server” had detected my problem. Unfortunately, I didn’t get his name or any strongly identifiable piece of information to file a complaint against him and his company; I thought he said “Online PC Experts”.
A couple things here.
First, there’s no way that my computer is associated with my phone number. How someone could look at data about a computer and say, “ah … this belongs to Joe Abbott in Seattle! Let’s give him a call to fix up his machine!”, is beyond me to know. I bet if someone knew as much about me and my relationships with businesses and whatnot could work it out, but even then it would take my level of knowledge to go from machine data to me to my phone number.
Next, he was talking gibberish technobabble: the sorts of thing you mutter when you’re not sure but the word “dohickey” just doesn’t seem right. I kept hearing about “my computer” (he never gave the name of the machine or MAC address or anything that was strongly identifiable about this machine), he mentioned “servers” but when pressed, couldn’t tell me what service or how it happened to find my computer information, and warned of exploits and danger, classic Internet boogie men.
I hate being so suspicious of people but if you assume someone like this is on the make and trying to take advantage of you, you stand a better chance of avoiding problems. By not giving this guy any information about me, taking his information, and asking him to explain how things worked, he ended up hanging up on me. Outrageous.
I did a quick search on “online pc experts texas” (he’d mentioned they were based in TX) and one of the first hits was from a Rip-off Reports citing Online PC Expert Aggressive, alarming, persistent phone solicitation Internet. It shares a story very much like mine but the salesperson was much more aggressive (wish that guy had called me!). Another hit from Scambook cites Online PC Experts but tells of someone who lost money when they availed themselves to the offer … there is a response to that mail from someone saying they are a customer of Online PC Experts and that “they work in an ethical & systematic manner”. I’m not sure who’d use that sort of language when supporting a company but it sounds like someone from Online PC Experts posted that response!
About a year ago I wrote an article about how I’d been hacked. Most compromises these days use some sort of social engineering … that is, getting the information they need straight from you. And then they can get more. Things like your birthday, home address, and of course SSN are all key pieces of data and shouldn’t be given away lightly. But, it’s just surprising how bold scammers are, whether they’re trying to steal lots of stuff from you like my first example (Hotmail Account Reset) or just trying to bilk you out of a bit of money, as appears to have been the case in my second example (Your computer is compromised).
Be alert and stay vigilant for these sorts of scams; it’s dangerous to go alone!