Speaking of the October 2010 ThreatSense report, which includes an article on fake support and AV…
A few days ago I wrote an article about fake support scams, a topic I've addressed before for Security Week – Fake AV, Fake Support -and here on the ESET blog. What was missing, I guess, was that extra edge you get from direct contact with the scammers. Well, I'm not quite there yet, but only one step away. Today, my wife received a phone call. (As background, you should know that my wife's work background includes IT training and support, IT teaching, and security, so she's not very susceptible to being scammed.)
[Coldcaller] "Hello Mrs Harley, I'm from IT Support Windows Computers." [Some moments of confusion because my wife didn't catch the word "computers" at first and thought it was a follow-up call on the windows we'd just had fitted, then thought it was another company offering another window fitting service: like buses and carpet-cleaning services, they tend to come in threes...]
[The Fragrant Mrs Harley] "So why are you calling me?"
[Coldcaller] "Don't you want IT support?"
[TFMH] "But why are you calling me?" [Laughs]
[Coldcaller] "Why are you laughing? Don't you want Windows support?" [Indignantly]
[TFMH] "But why are you calling me?"
[Coldcaller] "Dohhhhhh.Grumble." [And other Simpsonesque mutterings]
[TFMH] "But I want to know why you're calling me."
[Coldcaller] "I don't know why I'm calling you either." [Slams phone down.]
It's always good to talk to an honest man. Well, it would have been, had I been there. Do ring back, Mr. IT Support Windows Computers: if you really are one of the support scammers I've been tracking (and I don't think there's much doubt about that), I've got a lot of questions to ask you…
David Harley CITP FBCS CISSP
ESET Senior Research Fellow