As some know, I’ve been harassed the last couple of months by some sort of “windows support”. Each time I tell them not to call, but I still get called. Finally, I started messing with them. Throw them off script and they hang up, fun but tiring. They are very vague about who they are, only saying “windows support”. They will say they work with Dell, where they probably got my name because my wife called Dell support one time and that’s when it started.
It is very obvious it is an Indian call center. Everyone has an accent, some speak and understand English more than others and they all have American names. These people are parasites preying on the naive and ignorant hard selling Software Maintenance Contracts. The smallest being for a year and the longest for a lifetime. They always start out saying that my computer is sending them messages telling them it’s infected.
Their tactic is to show you something harmless and tell you your computer is filled with viruses. Once they guided me to my \windows\inf directory and told those were all viruses. Another time the “tech” guided me to Windows Event Viewer Log and said all those were viruses. After I told him I cleared the log and the screen was now empty, I was told, I made the problem worse by moving the viruses to my motherboard and only their trained technicians could help. If I signed up for their service I would no longer need any sort of virus program. I’m sure they would sell me one or for that price it may have been included.
Today I’m on the phone for an hour with the first sales rep, supervisor and the “department head”, plus a “technician” in a chat in a remote logmein rescue session. When I’m hesitating about buying, I’m given a link to Logmein Rescue, which is used by legit IT support to remotely access your computer. The supervisor / tech (whoever) guides me to the Windows product information number and the last six digits of the Product ID is the access code. It’s invalid because there’s a problem with my computer and they can give me an access code so a tech can fix all of my problems.
I start up a VM machine (for those that don’t know: You are running another version of windows within your computer. I use it mainly for testing or when I’m looking for viruses to troubleshoot. It’s a “sandbox” where you can do things without harming your real computer and operating system). A remote session starts up and the tech on the other end opens my browser to their website mywindowssupport.com and leads me to the part where you pay. It’s not a secure page and it doesn’t ask for credit card information, only a code of some sort. Looks like you’re supposed to give your information over the phone and not the website.
During the Logmein Remote session, it says it’s the Trial Version of Logmein Remote. When told them how can they be real if they can’t even use the full version of logmein. I was told it only said trial on my side because I didn’t have the right code (which I doubt) because the previous time they used something called ammyy.com
I’m telling the supervisor how they are scum and the longer I can keep them on the phone with me, the fewer people they can contact. After awhile I’m moved to the “Department Manager” that tells me how legit they are. I tell them they are all liars. While this is going on I start chatting / texting the tech on the remote session. I ask stuff like which Microsoft certification he has, because they are all “Microsoft certified technicians” with no response by the way. The supervisor tells me they are certified in “software support”. The manager finally tells me they won’t call anymore after I tell them they are going to go through the same BS every time they call me. I will make the time even if I’m at work to mess with them.
After that and everyone is about to hang up, I’m telling the tech in the remote session what an idiot he is. He then starts deleting stuff from the VM machine (which he doesn’t know he’s in), files in the windows\inf directory (which you shouldn’t do), he deleted all the shortcuts on the desktop, emptied the recycle bin, all the while I’m laughing at him and telling him he’s in a VM machine and he probably doesn’t know what that is. This went on until he disconnected.
Hopefully they won’t call any more, but I feel sorry for others that fall for this. They have UK, US and Australia flags on their websites so they are targeting more than just the US. I know it started with the Dell support call and Dell should be ashamed of themselves. I’ve only found a few other stories on the internet about these people but there needs to be more and pressure put on Dell and anyone else that sells our information to these vermin.
And if I have it, how do I get rid of the Conficker virus? Stand up, run around your chair three times, sit back down, don’t buy all kinds of anti-spyware and anti-virus tools, don’t sign up for free scans or pay for someone to check for you. Don’t download some program that you know nothing about, making claims to clean your PC, speed it up and cure your cold.
This is what you must do, right now – R-E-L-A-X.
Was your PC one of the 9 million? If you were following my advice and updating your Windows operating system on a regular basis, you would have been completely protected. The patch for this exploit came out in October.
You may not even know you’ve been affected. Back in the old days, virus’ and worms were written to be destructive, usually erasing your hard drive or corrupting system files so you couldn’t boot. Now the bad guys only want to use your computer without you knowing. There are keystroke loggers that will record your keystrokes, especially passwords and send them back to their evil headquarters and you won’t even know it until your bank account has been emptied into some offshore account.
You computer might be drafted into a zombie army of computers to perform evil deeds when the bad guys send a command. This is how sites like Amazon and Yahoo can be taken down, by using the processing power of thousands of computers. Read the rest of this entry »
Most people are online A LOT. After reading Obscure Mania there are tons of things to do and people to communicate with in dozens if not hundreds of ways. From chats, VOIP, email, myspace, facebook, myspace, your documents, photos, videos and files can all be online. Face it, if you’re not online you’re in the dark ages.
One of the best protections against all of the bad people that want your identity or that want to hijack your computer for evil deeds, or just place a bunch of crap on your computer is to keep all of your software up to date.
Microsoft Windows Updates
Microsoft comes out with operating system updates about once a week, critical updates get pushed out as soon as they’re ready. If you don’t have Automatic Updates turned on, you’re putting your computer at risk. Most of the updates are some type of security updates. If a vulnerability isn’t known by every hacker in the world, when Microsoft puts out an update, every hacker in the world now knows about it and will exploit that particular problem against people that are slow updating their system.
If you’re not sure about your updates go to your Start button, then Right Click on My Computer, or go to your My Computer icon and Right Click, click on Properties, then click on the Automatic Updates tab and this is what you see.
At the very least, be notified of updates and you can download them when you’re going to be online for a while. On your desktop, there’s no reason why Automatic can’t be checked.
Or you can go to the Windows Update site to check for and download any updates, you have to use Microsoft’s Internet Explorer to go to Microsoft Update.
If your still on Windows 98 or anything else before XP, you’re putting everything on your computer at risk. If you’re computer is too old or doesn’t have enough processor power or enough memory for at least XP, there are several things you can do. The single biggest bang for the buck upgrade is RAM/Memory and hard drives are getting dirt cheap. Or you can switch to Linux, but that’s a whole ‘nother series. Read the rest of this entry »
Your physical security was compromised and your laptop or desktop are gone, but you’re not worried because your important data was encrypted, but now what? If you were backing up your data, you buy your new computer, restore your data and continue like nothing happened.
Backing up your data even on a desktop is essential and it’s one of those things everyone knows they should do, but no one does. People usually wish they would have backed after something happens. Because most humans are lazy, especially about backups, the best backup solutions have the least amount of human involvement. The best backup system is the one you will use, consistently and can restore your data easily.
Thumb Drives
Flash drives, also known as thumb drives or USB drives can be connected to your laptop in seconds. If your laptop has a built in card reader you can also use SD or Compact Flash memory as a drive.
For backing up to another hard drive or flash drives, I like Syncback from 2BrightSparks. There are several versions of Syncback, including a completely free version. For something that’s as important as your data, you need something reliable and easy to use. It’s extremely flexible and will allow you to backup to any kind of drive, including FTP (more on that later). You can choose to backup or synchronize directories on different computers like home and laptop. You can automate backups using Syncback with several different options, including any time a file is changed, it gets backed up.
If the physical security for your computer was bypassed, cut, picked or you didn’t think you needed it and your laptop is gone. The next level of security is putting a password on your BIOS.
BIOS Passwords
When your computer is first turned on or restarted it goes through what’s called the POST – Power On Self Test. While your RAM and other things are tested, you may see instructions on what key to press to enter the BIOS settings. Computer manufactures have their own unique key combination and key to enter the BIOS aren’t on the screen, here’s a list of possibilities by manufacturer. If you don’t know what your doing this could be a dangerous area to start changing things, so just enter a password, save and exit.
Make this password easy for you to remember. If you forget this password depending on the computer (actually the motherboard / bios maker) it could be something you will need to have professionally recovered. Toshiba laptops have a separate security chip that can only be professionally replaced. Others can be reset by a jumper on the motherboard or taking out the CMOS battery, it just depends.
Windows Passwords
Basically a waste of time. If you want your XP to automatically logon or no password at all, there are a couple of ways to do it. You probably should have some sort of Windows password but it’s too easy to crack to put too much faith into it. Google cracking windows passwords and there are free utilities and even keyboard combinations that will crack or bypass Windows passwords easily.
Computer Security
by Wayne in Computer Security One comment so far
In the next few weeks I’m going to be going over some important security tips for your computers. Some we have gone over before, but they are worth going over again in more detail. I want to cover both physical security, network security and being secure while your surfing the web.
Physical security is self-explanatory. Don’t leave your laptop unattended. I have too much stuff on my computer and even though a thief wouldn’t get my personal data (more on that later), they still have a laptop they could replace the hard drive and be good as new.
There is really only one way available to secure your laptop while your in the Internet Cafe and that’s with a Kensington lock. Kensington was the first, but other manufacturers are making the same style of lock nowadays. Almost all laptops sold in recent history have a slot for a Kensington lock. It’s basically a steel cable you connect to your laptop and wrap the cable around something solid. There could be a lock at one end with a loop or some kind of lock on both ends.
Given enough time, cables can be cut, locks can be picked, but hopefully in a crowded truck stop that kind of behavior would be noticed and someone would say something.
Another option is a laptop alarm. If the cable is cut or the USB connection is pulled out the alarm sounds.
If after your two minute restroom break you come back and you alarm didn’t go off, your cable was cut and your lock was picked and now your laptop is gone, now what?
Since your Lojack for Laptops is installed, no worries. If your laptop is stolen, call the Computrace center and report it stolen. The next time your laptop connects to the internet, Computrace calls the authorities with the location of your stolen laptop. The thief will have to replace or format the hard drive to erase the Lojack software, but if you have a computer bios with a piece of the Lojack software, it reinstalls itself and alerts the monitoring center.
There are similar systems out there that will show their location when the laptop or desktop connects to the internet. One that doesn’t require police intervention is Laptop Cop. The next time your laptop goes online not only does it broadcast its location, but you have access to your laptop so you can erase sensitive files.
Links:
