Scammers are everywhere in the world and the internet is the perfect breeding ground for scammers of all types. Even though, getting scam emails/calls from scammers around the world has been going on for ages now, it’s not often that a Security Researcher from a company like, Malwarebytes gets (nearly) scammed.
Scammers: Bait and Switch
Senior Security Researcher from Malwarebytes, Jerome Segura is the main man in this little play. A team of scammers from another country that appears to be a South Asian country, called him on his phone pretending to be from Microsoft’s support staff. They told Segura that his PC is a safe house for viruses and malware, including other numerous software related problems; and they just happen to be the only people in the world who can fix it.
Although, this time the scammers were in for a real treat. As a security researcher, Segura is well versed with these types of scams, and for the sake of some good old fashioned fun, as well as a lesson to others, he played along. He recorded the whole conversation for future reference.
When Segura took the first call he quickly turned on his Virtual Machine and started recording the complete call on his computer. The first person who spoke to Segura was a woman. She (assuming that he is naive) instructed him to look at his PC’s Event Viewer – that keeps a log of all error reports in Windows. She asked him to count the number of errors in the Event Viewer. She then warned him by saying,
These errors and warnings are very much harmful for your computer. These are major problems and it doesn’t matter if you have one or two errors or more than that. Each one has already started corrupting your whole computer system.
Well, the Event Viewer wasn’t the only thing she wanted him to see, so she asked Segura to have a look at the Prefetch folder as well, which keeps track of how your computer starts up and what programs have been opened. Although, for some ridiculously selfish reason, the woman claimed that all the files in the Prefetch folders were viruses and other hacking files. This was probably done to make sure that the victim starts panicking and falls for the scam.
After a little while, a male voice took over the call claiming to be a Senior Manager. He then instructed Segura to go to Google and download Team Viewer, to let a “technician” assist him remotely. A couple of minutes later the so-called technician logged into Segura’s PC and quickly browsed to Paypal, asking Segura to make a payment of $299 for a lifetime renewal of his Windows.
Angry Scammers will Delete your Data
Segura then proceeded to enter bogus credit card data, which quickly got rejected. At this point the “technician” realized that Segura is not the kind of guy who will fall for this scam. So, he quickly took control of Segura’s PC and tried his best to corrupt it, by deleting all the files and even removing the Network Adapter driver. However, before sending the computer offline the technician did call Segura an “asshole”.
On the other hand, the “Senior Manager” was still on the phone with Segura and he was probably unaware of the situation yet. So, Segura asked him politely, why all his files and driver was deleted. He also asked him why the technician called Segura an “asshole” and the scammers response is definitely something that will always be remembered in history of failed scam attempts.
Segura: The technician, he called me an asshole.
Male Scammer: The technician is always correct, the technician is always correct. If he’s saying that you are something, then you must be.
Fortunately, Segura knows these types of scams and no harm was done to his computer since he was using a Virtual Machine. Therefore, make sure you keep this story in mind the next time you receive a call from Microsoft tech support or an email from a Nigerian king.
Do you have any interesting scam stories to share? Let us know.
Check out the full conversation below.