Apologies if you're bored with my banging on about PC support scams, but it seems that there are plenty of people who aren't. At any rate, some of my previous blogs on the subject have attracted more comments than any of my blogs on other topics, and in fact, I've learned a great deal from some of those comments over the past two or three years.

And now I see that the Internet Storm Center is running a poll on Fake Tech Support Calls. The organization says:

We are trying to better understand how common "Fake Tech Support" calls are, and what they are trying to achieve. If you received a call that claims to provide tech support, or another service, only to extract information from you or to trick you into installing malware on your system, please use the form below to report any details.

None of the fields are mandatory, and you don't have to log in. The questions include the following:

  • Was the call automated or did a person call you? [In my experience, there's more often than not a pause when I pick up the phone, suggesting that dialling is automated and the scammer picks up when he sees there's a response. Of course it would be fairly difficult to automate the actual conversation...]
  • The gender of the caller, the language they used, and whether they had a strong accent.
  • Details of any URL they asked you to visit, and whether they asked for remote access.
  • Whether they identified the organization they were calling from,
  • Whether they asked for credit card data and/or other personal information.
  • The phone number of the caller

Actually, it was Martijn Grooten of Virus Bulletin who pointed this page out to me: he and I, along with Steve Burn and Craig Johnston, are working on a paper on the topic to be presented at Virus Bulletin in September. We're in the process of establishing contact with the researchers at ISC who are working on this in the hope of exchanging information, and would encourage you to fill in the questionnaire, if you have experience of the scam. But I'm still also extremely interested to hear of your experiences through the ThreatBlog, so keep the comments coming!

David Harley CITP FBCS CISSP
ESET Senior Research Fellow