Watch out the malware cleaning scam is back

[Depicus]

I haven't seen these in a while but just got the following screenshot from a client. It's the old "your computer is infected but we can clean it..." scam.

 

I rang the number and spoke to "Alex", not his real name he admits, who tells me that they are a Microsoft certified partner. Is he aware he is working for a scam company... no he says he is not although by the sound of it he has been asked this question before as he has an immediate response and does not sound rattled. I press him again "are you aware I have information that directly ties your company to the malware and you are in fact just extorting money from people your company has infected...." no he is not aware of that but thank you for bringing it to attention. Well that sounded rehearsed so I let him go.

 

If you don't think people fall for this c**p then the 60 people employed at this place, and one of my clients already bitten, would suggest they do. Time to reinforce with parents/friends never to fall for these types of scams.

[Praetor]

quite funny to see a message regarding adware / malware with Windows logo... on a Mac.

[francescob]

Always report those sites to Google so they block them. Also report the site if it was infected to open windows with those ads.

[T3X4S]

Just last week, I finally got the call from fake Microsoft Tech Support.  I say finally, because I always wanted to talk to them to play with them.  They didn't disappoint.

After letting him go through his routine for about 15 minutes, he wanted to remote in, and sent me to a website.  I told him I was getting an ID10T error when I went to the site, he didn't get the joke, so I had to be less subtle.

I finally started laughing and using my best call center moron with middle eastern accent and fake American name -- this got him made where he told me "ha ha ha  you are funny, you bastard, your father is a ######"  & I replied, "dank you fer calling, my name is Hajiv" in the accented voice.  The people who were with me at the time were ROFL.

Good Times.

[cork1958]

Always report those sites to Google so they block them. Also report the site if it was infected to open windows with those ads

 

Why would I waste my time with reporting this to Google? Is Google the internet police or something, or is that the ONLY site you think people visit? I probably despise Google as much as that fake malware scam anyway!

 

I sure would love for one of those fake MS support people to call also just to toy with them.

[Praetor]

Just last week, I finally got the call from fake Microsoft Tech Support.  I say finally, because I always wanted to talk to them to play with them.  They didn't disappoint.

After letting him go through his routine for about 15 minutes, he wanted to remote in, and sent me to a website.  I told him I was getting an ID10T error when I went to the site, he didn't get the joke, so I had to be less subtle.

I finally started laughing and using my best call center moron with middle eastern accent and fake American name -- this got him made where he told me "ha ha ha  you are funny, you bastard, your father is a ######"  & I replied, "dank you fer calling, my name is Hajiv" in the accented voice.  The people who were with me at the time were ROFL.

Good Times.

 

There are people trying to reverse the situation with them: sending them malware via teamviewer (that's the remote software of choice) and using a VM for fun!

[francescob]

Why would I waste my time with reporting this to Google? Is Google the internet police or something, or is that the ONLY site you think people visit? I probably despise Google as much as that fake malware scam anyway!

 

I sure would love for one of those fake MS support people to call also just to toy with them.

Yes, Google has practically become the internet police. When they add the site to the their bad-websites list its traffic is basically zeroed both from Google search users (so basically 80%+something of the web searches) and Chrome users. The scammy website has to find another domain and if the original domain that sent you there was infected they'll be forced to clear the infection.

[T3X4S]

Why would I waste my time with reporting this to Google? Is Google the internet police or something, or is that the ONLY site you think people visit? I probably despise Google as much as that fake malware scam anyway!

 

I sure would love for one of those fake MS support people to call also just to toy with them.

Why despise Google ?   I love their product(s). 

[Eric Veteran]

You can report these to Microsoft, too. http://support.microsoft.com/kb/930167

Why would I waste my time with reporting this to Google? Is Google the internet police or something, or is that the ONLY site you think people visit? I probably despise Google as much as that fake malware scam anyway!

 

I sure would love for one of those fake MS support people to call also just to toy with them.

As the poster that mentioned it said, they will block them. No, they're not the internet police but they don't want to server malware searches, either.

[Xerino]

as far as I know, it never left, I repair atleast 15 infected systems monthly

[Raa]

What do you mean 'back'? It never left.

 

I think it's a great source of weekly income. :laugh:

[techbeck]

Just last week, I finally got the call from fake Microsoft Tech Support.  I say finally, because I always wanted to talk to them to play with them.  They didn't disappoint.

After letting him go through his routine for about 15 minutes, he wanted to remote in, and sent me to a website.  I told him I was getting an ID10T error when I went to the site, he didn't get the joke, so I had to be less subtle.

I finally started laughing and using my best call center moron with middle eastern accent and fake American name -- this got him made where he told me "ha ha ha  you are funny, you bastard, your father is a ######"  & I replied, "dank you fer calling, my name is Hajiv" in the accented voice.  The people who were with me at the time were ROFL.

Good Times.

 

Would be great to turn the tables on them.  Setup a spare system and allow them access.  MAke sure the system is highly infected so when they remote in, they more than they bargained for.

[Tomo]

Doesn't an 0800 number cost the scammers money when people phone it? If so, I have an idea.....

[Nagisan]

Why would I waste my time with reporting this to Google? Is Google the internet police or something, or is that the ONLY site you think people visit? I probably despise Google as much as that fake malware scam anyway!

 

I sure would love for one of those fake MS support people to call also just to toy with them.

Others have already responded quite accurately to this, but another important thing to note, the OP found the website while using Chrome. Chrome has a decent market share and is owned by Google. If the site is reported to Google, they can block it from search results and serve a warning before any Chrome user hits that page (whether found via Google search results or not)....two birds with one stone and all.

[+Warwagon MVC]

If they remote in you should put an infected file in the documents directory and rename it to passwords.txt.exe change the icon to a notepad, and then hide file extensions.

 

LOL Maybe they will be dumb enough to run it.