Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cold calls from companies claiming to be "Microsoft"


  • Please log in to reply
5 replies to this topic

#1 fitzy89

fitzy89

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 13 May 2012 - 05:38 PM

Hello

As I'm sure there are many IT professionals on these forums, I'm sure some of you, in the UK at least, have heard of companies cold calling people, claiming that their computer either has a virus, is corrupted or has some other problem. This fraudulent company would then charge an extortionate amount to "fix" the problem, which would involve remotely connecting to the computer in question, installing and/or removing various software and who knows what else.

As an IT professional myself, recently I have received several calls from customers who have been affected or have fallen victim to this scam. After some more research and asking around, it seems a very common occurrence for many people in my area to get regular calls from this company, currently going by the name of Wintech Solutions (website www.wintechsol.net) and I am hoping to investigate this more and gain more evidence on their activities. I have been in touch with 4 people so far who get regular calls either once a week or once a month, this has been going on with these people for some time now and they are willing to help me out.

I realise that I am new to these forums, so I have not yet built up trust with any other members here yet, but I thought this would be the best place to ask. The 4 customers that I have been in contact with have agreed for me to leave a laptop with them in preparation for their next call, ideally, when they get the call, they would allow the company to remotely connect to my 'honeypot' laptop, which would then record everything that this company does to it, including recording the screen, and if possible, keystrokes and browser/network traffic too. I have even gone to the lengths of setting up a separate bank account and set some money aside to pay them for their "services", which will be claimed back later on. I realise this sounds suspicious, but this is purely a learning experience for me, to help me better deal with computers that this company has compromised, and also as evidence for Trading Standards and/or Police as necessary to have them shut down (the Police are unwilling to help without any evidence).

So I am looking for some suitable software, preferably free, which will enable me to covertly record the screen as soon as the laptop boots up, and hopefully keystrokes and network/browser traffic as well, even monitoring which processes are launched or terminated would be useful too. Ideally this software would be hidden and not immediately obvious to the scam company, and will need to work with either Windows XP or 7. To reassure you all, the laptops used for this purpose will be supplied by my company, specifically for this purpose, they will only have my own data on them and the customers who will be in possession of them are already aware of my intents, so they know not to use it themselves so there is no risk to them or their data at all.

I will of course post the results of my investigation here if successful for others to learn from.

BC AdBot (Login to Remove)

 


#2 4dude

4dude

  • Members
  • 578 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 PM

Posted 13 May 2012 - 08:05 PM

Pleasse tell all the people to hang up the phone IMMEDIATLY,this is a scam and has been going on quite awhile :(

#3 fitzy89

fitzy89
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:39 PM

Posted 14 May 2012 - 04:34 AM

I realise it is a scam myself and I always tell my customers not to let them on their own computers but I am looking to fork out some of my own money to this company and record everything they do as an effort to have them shut down, and also to help better serve my own customers who have fallen victim to this.

#4 balon

balon

  • Members
  • 432 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Haven, CT
  • Local time:04:39 PM

Posted 14 May 2012 - 06:57 AM

I told them i like turtles and they started to rage // my work here is done.

#5 Guest_Xircal_*

Guest_Xircal_*

  • Guests
  • OFFLINE
  •  

Posted 14 May 2012 - 07:33 AM

See: How to setup a honeypot


EDIT: You can use this link on SANS.org to report fake calls: https://isc.sans.edu/reportfakecall.html

Edited by Xircal, 14 May 2012 - 07:35 AM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA

Posted 14 May 2012 - 07:38 AM

Info for members reading this topic:


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users