Here’s a little story that I hope will serve as a warning to
others. I received a call from the “Windows Department”. The caller ID said “India”.
He asked by name for my wife, and told me that my computer must be infected
with a virus because their servers were showing that I was downloading a bunch
of files from Sweden. As is my wont, I put the call on speaker so my kids could
listen in for entertainment purposes. I asked him to restate the company he was
with. He repeated that he was with the “Windows Department”. I told him that wasn’t
a company, and I had a Linux machine, anyhow. (Part of my strategy is to keep
them on the line as long as possible to cost them as much money as I can, and then
make them hang up on me.) I told him that I thought he was lying and asked him
where he was calling from. He told me “Florida”. I then asked him what the time
was right now. He said, “it’s right now”. I persisted and asked him if he had a
watch, or clock on his screen. After he deflected my question for exactly the
amount of time it would take to google up “current time in Florida”, he then
provided me with the correct Eastern Time. I told him I still thought he was
lying, and he said that he could provide me with a U.S. dial-in number. I
replied that many companies, such as Dell, have used U.S. 800 numbers that
redirect to “you guys down in India”, to which I received the waited-for
*click* when he hung up.
Personal information can be sold and re-sold all over the
planet, so it’s not too surprising that they have names and telephone numbers. The
disturbing thing is that I recently had one of my financial institutions cancel
my debit card and send out new cards and PINs because there was a breach in
security of one of the vendors I use to make auto payments from that card. I am
hoping that it’s just a coincidence.
Then a few days later I get another call from, I assume, the
same “Windows Department”. This time, I wanted to find out just what they were
up to, so I played dumb. I know, not much of a stretch. He directed me to the
system logs on the computer. I have a Windows 7 machine, so it has what he was
looking for: a Custom Views log under the Event Viewer. Windows 7 apparently
comes with a default view called Administrative Events. It appears that this
one is specifically designed to filter and display warnings and errors from one
or more of the other system logs. So all it has is errors and warnings. He said
that this was proof that something was wrong with my computer. He then told me
to right click on one of them and delete it. There is no delete option on that
filter. Because it’s a filter. But he made a huge deal out of it, saying that
the virus really had gotten control of my computer. The whole first half of
this call was dedicated to convincing me that my computer really has a virus.
The next step was to click on the start button and type into
the Run box a website. I stalled him while I looked it up. “It hasn’t come up
yet. Still waiting. Nothing is happening.” Meanwhile, I was doing a whois on
the domain name. It is registered in Panama and had been around for a while. I
googled the domain itself, and saw that it is software that is designed to give
remote control to another user, ostensibly for tech support – like logmein or
VNC. Now I know what they are up to, and I don’t really want to talk to them
anymore, so I go into make-em-hang-up-on-me mode. I asked where he was calling
from. He told me Brooklyn, NY. I asked him what time it was, and got a nearly
identical response as the first call. Twenty seconds of stalling, then the
correct time. I asked him what his name was, and he said “John Thomas”. Now, if
you have watched as many BBC America programmes as I have, you will know this
is a slang term, and what it means. I got irritated with him and said something
to the effect: “Okay, ‘John’ Nahasapeemapetilon ‘Thomas’, you are surely
getting paid for sitting and making these phone calls, and you certainly know
what you are doing to people, how is it that you can go home and sleep at
night?” He hung up on me. I know, it was already night in India. My mistake.
The moral of the story is, don’t trust anyone over the phone
from the “Windows department”. Don’t give out information, passwords, pets
names, the model number of your printer, or your favorite ice cream flavor. Don’t
click on any link in an email. Not one. Never. Not from trusted friends,
or from members of the Danish monarchy. Be suspicious of everything that sounds
fishy or plausible.
I have since looked it up, and there are many people being
called by these virtual thieves. Many people have fallen for it. They actually
opened up the gates and dragged in the giant horse. Me, I went to ic3.gov and
filed a complaint. But I don’t expect they can do much about it. One would hope
that the United States would have a decent relationship with India, and that we
could work with their local law enforcement to trace the phone number back to
the call center and shut them down. Or better yet, it would really be
satisfying if they somehow called someone with the know-how to use the remote
control software to infect their network and disable it. A little something
they know about in India: Karma.
No comments:
Post a Comment