Most consumers know there is an uncountable number of internet scammers ready to pounce. On Aug. 28, 2017, two men who claimed to be employees of Windows attempted to extort over $1,000 from RW.
According to the so-called Windows employee, he was the same person who assisted the user last fall. She reported that he had the name and date correct.
Always skeptical, RW claimed she finally listened when Jeff told her to look up the Windows license number and he read it off to her with 100 percent accuracy. According to Jeff, RW’s computer was being hacked by at least 50 other computers with IP Addresses from Florida and California through one of her lesser used Gmail accounts.
Still uneasy about the situation, RW tried to get a phone number to call instead of simply allowing a stranger access her computer. Attempting to sway her ease, Jeff told her that if they were disconnected not to take any other calls from Windows:
If you get a call from someone else in the next 24 hours that is a hacker – for sure.
Jeff did not want access to the computer, not directly. Instead of running the usual “Run app” and installing a temporary applet he had her open files that appeared to support his claim.
One of the files showed that the hackers had successfully closed down Windows safety features such as warnings sent to the computer that there is a problem with its security. Another indicated that Windows had supposedly sent over 20 warnings to the computer that day before noon.
The caller chastised her for ignoring Windows’ warnings. Then he had her look at the firewall status on her computer. RM was dismayed and frightened to see her firewall had crashed!
At this point, she was so scared and seemed beholden to Jeff, “after all he really seemed to be from Windows.” RM allowed him access to her computer. Instead of simply using the typical method of taking over the computer, he had her open GoToAssist and grant her access there.
Once in the computer, the so-called Windows tech opened the notepad and listed the problems observed. He added, Alureon, which he said was an “extremely bad” virus that once on the computer allows hackers free access to all of RM’s data stored on her computer.
To support this claim he used Chrome to search for the malware and showed her the search result from Wikipedia that reads:
Alureon (also known as TDSS or TDL-4) is a trojan and bootkit created to steal data by intercepting a system’s network traffic and searching for: banking usernames and passwords, credit card data, PayPal information, social security numbers, and other sensitive user data.
By this time, RW explained, she was beside herself with concern, her stomach was queasy and she was on the verge of breaking down. RW chose bravado instead. She told him that between Windows Defender and Malware Bytes this should not be an issue.
Nonetheless, the clever con-man said that he could see she was using Windows Defender but it was only good for keeping viruses in check. It did not keep hackers out of her computer.
Jeff then assured her that all her electronics: tablets, computers, and phones, whether or not they used Windows, would all be covered with the service he was performing. Then he started talking about a hostage exchange contended RW. He said he could do all of this but she must purchase a license, which she could use for any of her devices.
He quoted her prices for one year’s coverage, five, and then a lifetime. The prices ranged from $311 to over 1,400. Naturally, when she told them that she has no money and that the lowest number was more than a third of her monthly income, he offered to lower the price for one year. He also intimated that there might be financing available.
Then the big push happened. Jeff told her she had to pay or he was going to shut down all of her devices until she was able to fork over the cash. That is when RM decided that she was not going to be bullied. Her mind raced as she told him he could not hold her equipment hostage. She threatened to call the FBI.
To which he responded:
Windows has the authorization of the FBI to do this ma’am. Look at this article, it says the FBI is fighting the Alurean virus by shutting down computers.
Then he opened an old story written in 2012, and published by Daily Mail, entitled, “Warning from FBI: If you have ‘Alureon’ virus on your PC, you WILL get kicked off internet on Monday.”
This was not an effective threat because RW has a fair amount of legal savvy and believed that this would never happen. She told Jeff that if the FBI wanted to shut her down they would need a warrant and be at her door. He tried to argue, so, she walked across her living room with her cell phone in one hand and using her landline she phoned emergency services.
Once he heard this he severed the connection. After making sure he was disconnected from her computer on her end, she reviewed the reports from both of her virus checkers, ran them again to “be certain there were no viruses detected.”
Then she called the FBI tip line for cyber crimes and was referred back to the local police. When she called the Clackamas County Police Department, the dispatcher asked if she had given them money and wanted to be certain he computers were not hijacked. She took a brief report and forwarded it to a detective.
While waiting for the police to call back, she located the FBI site for reporting the crime on their website. Go to the Submit a Tip page, then choose the link: “Use our Online Tips and Public Leads form to report information on criminal activity and suspected terrorist threats,” to file the report.
After taking a full report, the police detective said that RW should file a Federal Trade Commission. He indicated that they also keep track of cyber crimes. The officer added, spread the word, let all of your friends and family know.
It is advisable not to trust anyone making unrequested offers of assistance by phone. In fact, hang up on them. If they continue to call tell them you are reporting them to the FBI.
By Cathy Milne
Sources:
Interview with RW Aug. 28, 2017
Daily Mail: Warning from FBI: If you have ‘Alureon’ virus on your PC, you WILL get kicked off internet on Monday
FBI: Submit a Tip
MalwareTips: Remove “Windows Detected ALUREON Virus” pop-ups (Support Scam)
Featured and Top Image Courtesy of André Gustavo Stumpf’s Flickr Page – Creative Commons License