It’s Friday, about 5:00 pm, and we’re just wrapping up a day full of Apple v. Samsung trial coverage and endless speculation on the iPhone 5. (On a side note: The iPhone 5, when it’s announced, really shouldn’t take anyone around these channels by surprise. Unless everything up until now is one extravagant hoax.)
I wrap up, typically, by doing a last minute scan of RSS feeds and seeing if there are any story follow ups. Friday was dead. The whole week, in fact, drudged along at a glacial pace, making the weekend’s impending arrival that much more welcome; Left4Dead 2 Survival mode was calling my name all afternoon, and so was driving home, flipping on the tube and tuning out.
Then our office phone rang.
An unfamiliar number glowed on the device’s tiny screen — nothing out of the ordinary — but never could we have predicted the scene that unfolded after we answered.
“This is Rick from Microsoft, and we’re calling to tell you that your Windows PC has been the victim of a virus attack,” we were told. The caller’s drawl was almost unintelligible, requiring more effort and consideration to understand than listening to Bane in The Dark Knight Rises.
This isn’t the first time this has happened. In the ten months we’ve had an office, the same type of call has come in probably a dozen times, maybe more. And yet… The thing is, I don’t use a Windows PC in our Irvine office. It’s obviously a scam, an attempt to swindle and deceive. I knew this from day one, and always resigned to merely saying I didn’t have a Windows PC and hanging up. But today? I willingly invited the scammer, so to speak, right through our front door.
Making a living can be tough. I’ve experienced what it’s like treading unemployment waters, and it’s essentially like being stuck in a dimly lit elevator with no emergency phone and no buttons to press. People these days are willing to do nearly anything for work — I understand that folks are desperate. I applaud initiative. But scamming? That’s not a living. That’s an existence that falls in line with the worst kind of people. I can’t fathom how a human being can wake up choosing to be a liar, cheat and thief, and smile to their friends and family like it’s OK.
But Rick is on the phone, and I’m all ears.
“My… computer has a virus?” I ask, stunned.
“Yes sir. I’m here to help,” Rick assured. “Your computer shot us a message, and it’s telling Microsoft that you’ve been attacked. Immediate action is required.”
I know this is BS. I know that he’s just attempting to get me to trust him. I won’t. I don’t. But I’m going to play along anyway, just because. Because the week has been long, because what else am I going to do? We’ve called out the scammers before, yet our phone still rings.
“You’re kidding?” as if to say, “Tell me more.”
Rick is adamant he’s not kidding. To the contrary; he’s my friend, and wants to ensure my nonexistent PC is safe and sound. Again, trust. Thanks, Rick, I tell him, I’m glad people like you are out there, watching over victims of the Internet. “It’s my job,” Rick said. Ha!
This particular scam relies heavily on visual communication. From the get-go, Rick wanted to know exactly what was on my screen at all times, and repeatedly pushed me to tell him what I saw. At first, he tried to infiltrate by instructing me to enter a series of commands through Windows key+R. I did. “What do you see?” was often a question Rick asked.
At every turn I feigned a half-baked response, and at one point acted as if I arrived at the correct command screen, right where Rick wanted me. I was then asked to read off a set of numbers — twenty, I think it was, of very particular and very specific digits — which I imagine would be key information to help him take control of my machine.
Again, I faked it — but of course spouting off numbers that don’t exist subverts my whole act. Rick quickly became suspicious, and began accusing me of wasting his time. He was mad at me! The guy he’s trying to scam. You don’t want to waste a scammer’s time.
I convinced him I was merely tech-illiterate, announcing my inability to even send email.
Rick calmed down. Let’s try something else, he suggested. “This method is much simpler, and will tell us exactly what we need to know.” Sure, right, great, I respond.
The thing about scammer calls is that they provide very explicit instructions, and if you try to deviate, even a little, their patience will quickly wear thin. That, on a Friday evening, was perfectly fine for me: “R for Roger,” Rick said at one point during our conversation, spelling out a series of numbers and letters he implored me to input. “How about ‘R for Roy?’” I suggested, purposely deflecting his attention.
Eventually, I was carefully instructed to download software from utechsupport.com which, according to the website, “is a global computer maintenance companywhich (sic) provide technical support all over the globe.” The About Us explains that UTech-Support “signifies ‘Value, Quality and Guaranteed Resolution for our customers’technical problems’”. Right! Sounds totally legit to me.
The software is basically disguised as a bologna PC Booster developed to identify and eliminate computer viruses. Only it doesn’t. All I had to do was download and run it, and retrieve a specific set of numbers. “Ok, I downloaded the software,” I lied.
Rick’s whole purpose is to trick me into giving him key information. Under the pretense of “helping,” Rick is actually trying to get me to install malicious software so he’ll have access to my computer. This, for obvious reason, is bad for people who do online banking, or have any personal information they don’t want falling into the wrong hands.
Again, “What do you see? Now what do you see?” At this point, nearly 30 minutes into the call, my attention and cooperation become intentionally erratic. I talked about cats, dinosaurs, and even a very inappropriate, and very graphic issue of hygiene I pretended to once have.
This is not how Rick wanted the call to go; he wanted to be in complete control, he wanted to have all the power. After further miscommunications from my end, and repeated missteps, Rick become increasingly annoyed and, after exclaiming that he had the ability to “end my happiness,” I was eventually handed over to the “FBI.” Yes, the Federal Bureau of Investigation apparently works inside the very same building as outsourced Microsoft technical support. What are the odds?
So now I was on the phone with the “FBI,” talking to a guy of similar disposition and drawl as Rick. Oh, and the supposed agent’s name was Alan. The guy named Alan says, “You can trust me.”
But this Alan wasted no time with the threats, rambling about how if I didn’t cooperate, he — not the imaginary virus supposedly already on my computer — would break my Windows PC forever. The PC that doesn’t exist! “Do you want me to do that?” he asked. “No I don’t want that. Just help me,” I said. But he was convinced I didn’t want him to help, so to show how serious he was, Alan read off what he thought was my address — down to the street number — and what my phone number was. Only, his information was completely bogus, and that indeed was not where I lived or my phone number.
But I said it was. So the call continued.
The PC Booster software I supposedly installed was designed to give me a number above my IP address, the key to the whole scam. Upon running, the program provides an eight digit number in a big, obvious green box. It couldn’t be missed, I was told. “I see it.”
I read him a made up set of numbers — what else? — which Alan immediately dismissed as wrong. I explained my foolishness, and spouted off another set. Still nothing. Again. Nothing. Throughout most of the call I managed to, instead of me telling them exactly what I see, I got them to tell me what I’m supposed to see. That’s how the call lasted as long as it did, because I gave them just enough hope to believe they might be successful.
But finally, after 10 rounds of sparring off incorrect sequences, Alan finally had it. No more accusations of me wasting his time. After nearly 60 minutes of misdirection, I was suddenly Alan’s most hated enemy, and he didn’t hold back with the insults.
I tried convincing him, calmly, in the most stupefied “I’m-a-helpless-tech-noob” way, that I simply didn’t know what the heck I was doing, and that was the reason I kept reading off the wrong numbers. But Alan couldn’t take any more of my ineptitude, and again, this time with more conviction, claimed I was wasting his time. Which is precisely what I was doing. No skin off my teeth.
The audio below is the last three minutes of our conversation.
Disclaimer: There is language in the call that is not safe for work (NSFW).
The moral, after all of that, is to never, under any circumstances, give information, personal or otherwise, to someone who randomly calls you. Never. These people are taking advantage of poor saps who don’t know any better and, worse, likely stealing their identities and taking their money. It’s completely and utterly reprehensible, but it’s happening everyday.
Scammers have targeted our office with the same spiel numerous times, coming up unsuccessful each time. There was really no point for me to play along other than because I wanted to, and because I have no remorse for wasting the time of someone who spends it taking advantage of other people.
In the end, it’s a cautionary tale for anyone who might be targeted in the future. If this story helps just one person out, then this PSA served its purpose. We aren’t the only ones reaching out to tell our story. Hopefully with enough awareness, incidents like this will occur far less often.