Very strange phone call from a scammer

mrGTB

Well-known member
So I've just had a phone call, what obviously was somebody with an Indian accent. Claiming they are from Windows Support and that my computer is showing I have virus that are multiplying when I go on the web, he goes to ask me to open "start/right click on My Computer/Manage/double click System/". Asking do I see any red symbols showing.

I tell him yes about 21 and most are linked to a program I have installed called "Bonjour". Anyway, later he puts me onto another who tells me to visit this website: www.support.me

I tell him that windows would never use a site ending with the .me domain extention and all I see there is crappy little program listed on a blank page, yes now I'm suspicious and tell the guy to forget it putting the phone down.

What do you think?
 
Its a well known scam. They get you to unknowingly install Trojans, etc then charge you to remove them.

Even better when you only have a mac, that really confuses them :-p
 
Seriourly, they've just had me on the phone for 15 minutes and I told them I know a lot about computers and could just restore a PC backup image when XP was first installed using Acronis, I keep regular full backups on a different HD. I thought it sounded suspicious right away, as the error logs show nothing out the ordinary. But let me tell you, they had even me wondering if it was for real or not until seeing that website address ending with ".ME" with a just a login box on it.
 
It's the kind of think you computer-illiterate gran wouldn't fall for so I think you're on another windup here. No way you didn't just hang up on them.
 
It's the kind of think you computer-illiterate gran wouldn't fall for so I think you're on another windup here. No way you didn't just hang up on them.

Once he gave me that website address, I just said "I'm not interested and will sort the issue out myself, I wasn't messing around some iffy looking website I don't trust using a daft .ME domain name Windows would never use", then hung-up after he said that's up to you, or whatever he said. Then heard him still mumbling on saying something else as I put phone down.

My first thought was to put the phone down right away, but they kept acting like they was from Windows Support and my computer was showing viruses to them when browsing web via my registered copy of Windows. The strange thing is, since I downloaded the last MS Updates my PC (has been playing up) when logging into boot screen for first time, taking ages before I can open a folder or web browser e.t.c. So guess that was in the back of mind they might actually be legit, after all.

I even asked the guy was he acting from Microsoft. Which he seemed to avoid, saying they act as support for Windows used by them. Yeah, I know and why I was suspicious early on but listened to what they had to say anyway feeling very iffy about it all until convinced it was definitely bogus.

I'm not making anything up, this just happened, why would I post this website address if making it up? www.support.me. Believe me, I'm not the kind of person who falls for telesales and would usually hang-up right away saying nothing. But they sounded so legit until pointing me to that website, and me knowing there's no way Windows would ever use a lame .ME domain name and such a poorly designed page with just a login box on it. I've posted this to make people aware!!!

I suspect had I carried on, next they would have asked me to enter my Windows product key in that box to login (no doubt).
 
Anyway, here is that web-page source code:

Code:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <title>
            LogMeIn123.com – Remote Support
        </title>
        <meta name="metadescription" content="Enter your code here to begin your remote support session." /> 
        <meta http-equiv="cache-control" content="no-store, no-cache, max-age=0, must-revalidate" />
        <meta http-equiv="pragma" content="no-cache" />
        <meta http-equiv="expires" content="-1" />
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <meta name="viewport" content="width=device-width, initial-scale=1"  />
       
            <link rel="canonical" href="https://secure.logmeinrescue.com/customer/code.aspx"/>
       
        <script type="text/javascript" src='/Common/Scripts/common.js?v=20111115153859' ></script>
        <script type="text/javascript" src='/Customer/AppletDownloader.js?v=20110930073750' ></script>
        <style type="text/css">
            body {font-family: tahoma, arial, verdana}
            table, select {font-family: tahoma, arial, verdana; font-size: 11px}
            h1 {font-size: 28px; letter-spacing: -1px; font-family: arial; font-weight: normal; margin-top: 10px; margin-bottom: 0px}
            input {font-size: 10pt; font-family: arial}
            form {margin: 0px}
        </style>
        <script type="text/javascript">
 
            var _gaq = _gaq || [];
            _gaq.push(
            //rollup profile
                        ['_setAccount', 'UA-26024989-1'],
                        ['_setAllowLinker', true],
                        ['_setAllowHash', false],
                        ['_trackPageview'],
 
            // individual domain profile
                        ['b._setAccount', 'UA-26000992-5'],
                        ['b._setAllowLinker', true],
                        ['b._setAllowHash', false],
                        ['b._trackPageview']
                    );
 
            (function () {
                var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
                ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
                var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
            })();
            </script>
    </head>
 
 
    <body style="margin-top: 10px">
 
<table width="420" border="0" cellpadding="0" cellspacing="0" style="border-top: 5px solid black; border-bottom: 5px solid black; border-left: 2px solid black; border-right: 2px solid black">
 
    <tr>
        <td>
            <table width="100%" border="0" cellpadding="0" cellspacing="0">
                <tr>
                    <td valign="top" style="width: 150px; text-align: left">
                        <table cellpadding="0" cellspacing="0" width="150">
                            <tr>
                                <td valign="top" style="padding-top: 6px; padding-left: 18px; width: 155px; height: 40px">
                                    <img style="border: none; width: 90px; height: 19px" src="/Common/Images/rescue_pwdby_new.gif" alt="Powered by LogMeIn Rescue" title="Powered by LogMeIn Rescue" />
                                </td>
                                <td style="width: 25px" valign="top">
                                    <img alt="" style="border: none" src="/Common/Images/tri.gif" />
                                </td>
                            </tr>
                        </table>
                    </td>
                    <td align="right" valign="top" style="width: 100%">
                        <table cellpadding="0" cellspacing="0" style="height: 25px; padding-right: 21px; background-color: Black" width="100%">
                            <tr>
                                <td style="padding-left: 3px; padding-right: 3px; width: 100%" align="left">
                                                                     
                                        <div id="ext_home_link">
                                            <a style="color: white" href="/">LogMeIn Rescue Home</a>
                                        </div>
                                   
                                </td>
                                <td style="padding-left: 3px; padding-right: 3px" align="right">
                                    <div id="ext_language_selector">
                                        <table><tr><td><form action="/Language.aspx" name="langswitch" style="display: inline"><input type="hidden" name="langswitch_params" id="langswitch_params" ><input type="hidden" name="bRequestRewriteUrl" id="bRequestRewriteUrl" value="False" ><select name="lang" id="lang_select" style="font-size: 8pt; font-family: tahoma, arial, verdana; font-weight: normal; border: solid 1px gray; padding: 1px; background-color: black; color: white" onchange="selectLang(this)"><option value="en" selected>English (US)</option><option value="en-gb"  style='background-color: white; color: black'>English (UK)</option><option value="es"  style='background-color: white; color: black'>Español</option><option value="de"  style='background-color: white; color: black'>Deutsch</option><option value="fr"  style='background-color: white; color: black'>Français</option><option value="it"  style='background-color: white; color: black'>Italiano</option><option value="nl"  style='background-color: white; color: black'>Nederlands</option><option value="pt-br"  style='background-color: white; color: black'>Português (Br)</option><option value="ja"  style='background-color: white; color: black'>日本語</option><option value="zh-tw"  style='background-color: white; color: black'>中国</option></td></select></form></table>
                                       
                                    </div>
                                </td>
                            </tr>
                        </table>
                    </td>
                </tr>
            </table>
            <table cellpadding="0" cellspacing="0" width="100%">
                <tr>
                    <td style="padding-left: 20px; padding-right: 20px; padding-bottom: 20px">
 
 
<script type="text/javascript" language="javascript" src='/Common/Scripts/webtrends.js?v=20110930073748'></script>
 
 
<h1>Support Connection</h1>
<hr size=1 color=black style="color: black">
 
<form method="post" action="Code.aspx">
    <div align="right">
        <table cellpadding="2" cellspacing="0" style="margin-top: 10px; margin-bottom: 10px; font-family: arial; font-size: 10pt">
            <tr>
                <td colspan="2" style="font-weight: bold; color: red">
                    <span id="error_msg"></span>
                </td>
            </tr>
            <tr>
                <td align="right" width="100%">
                    <b>Enter your 6-digit code:</b>
                </td>
                <td>
                    <input id="Code" name="Code" maxlength="6" style="width: 60px" value="" />
                </td>
            </tr>
        </table>
        <input type="submit" value='Connect to technician' />
        <br />
        <br />
        <span style="text-align:right"><a href="/HelpDesk/Home.aspx">Looking for LogMeInRescue.com?</a></span>
    </div>
 
   
</form>
 
<script type="text/javascript">
    document.getElementById("Code").focus();
</script>
 
 
                                    <!-- WebTrends -->
                                    <script type="text/javascript">
                                        var _tag = new WebTrends();
                                        _tag.dcsid = 'dcskxxefe00000w8odsya5xg3_8j8y';
                                        _tag.domain = 'wt.logmein.com';
                                        _tag.dcsGetId();
                                    </script>
                                    <script type="text/javascript">
                                        if (_tag.WT != null) {
                                            _tag.WT.z_iVID = '';
                                        }
                                        _tag.dcsCollect();
                                    </script>
                                    <noscript>
                                    <div><img alt="DCSIMG" id="DCSIMG" width="1" height="1" src="https://wt.logmein.com/dcsorynxb10000kjcq6qpd177_3x4i/njs.gif?dcsuri=/nojavascript&amp;WT.js=No&amp;WT.tv=8.6.0"/></div>
                                    </noscript>
                                    <!-- WebTrends End --> 
                                   
                            </td>
                        </tr>
                    </table>
                <table cellpadding="0" cellspacing="0" border="0" style="width: 100%; height: 20px; background-color: black; color: white">
                    <tr>
                       
                        <td style="padding-left: 20px; padding-bottom: 2px; white-space: nowrap; font-size: 8pt" valign="bottom">
                        Copyright &copy; 2005-2012 LogMeIn, Inc. All rights reserved.&nbsp;
                           
                        </td>
                    </tr>
                </table>
            </td>
        </tr>
    </table>
   
    <!-- ServerName: WWW03-02 -->
    <!-- ServerIP: 77.242.192.195 -->
   
</body>
</html>
 
Maybe the scam is common place to you, first time I've heard or had that happen to me. But I've already said I was suspicious right from the onset, but wasn't 100% certain due to how convincing they was on the phone at first and how they acted like they was Windows support and my PC was sending them info showing things up.

I mean, if you think I'm messing around here, fair enough. I posted what happened and feel free to believe me or not. It's no skin off my back either way, was just trying to make people aware of this in-case it should happen to them and they are gullible enough to fall for it all the way.
 
Well your supposed to be like some big "Director of Operations and Security" on the web ain't you Manager Josh, so why don't you go vet that site and do something about it, or are you just full of ---- :rolleyes:
 
Well your supposed to be like some big "Director of Operations and Security" on the web ain't you Manager Josh, so why don't you go vet that site and do something about it, or are you just full of ---- :rolleyes:
Maybe for the company he works for...doubtful he's the director for the entire web. :ROFLMAO:
 
Maybe for the company he works for...doubtful he's the director for the entire web. :ROFLMAO:

Obviously, you've not read some of his other replies made here then. That's just one, there are more like it and hence my PUN! ;)

Link: http://xenforo.com/community/thread...-it-help-webmasters.11105/page-26#post-342104

mmm. Unfortunately you're talking to someone who deals in information and cyber security. I do not blindly go installing everything I see unless I've vetted it and at least one of my engineers have vet the application in question.

That five minute setup you talk about is very well five minutes, but it takes us about a few weeks to do a proper code review.

I unfortunately do not have a few weeks to spare just to perform a test that may not produce any fruit.
 
If you really, honestly did almost fall for it GTB then I'm sorry but that's absolutely hilarious and you'll never live this down.

Yawn! Anyway Mark, I'll take that with a pinch of salt coming from you. You change your mind, like the wind blows different direction every 5 minutes.

You'll be changing your mind again in 10 minutes time. :coffee:
 
Well your supposed to be like some big "Director of Operations and Security" on the web ain't you Manager Josh, so why don't you go vet that site and do something about it, or are you just full of ---- :rolleyes:

I'd be happy to have Net Force vet that site for you, but you will need to pay our consultant's rate :)
 
Anyway, here is that web-page source code:

Seriously you can't be that dumb. Why are you posting the source? It's just a logmein applet which gives them remote access to your PC where they trick you into thinking you have a virus and then charge you to fix it.

This has been doing the rounds for years and even if you've never heard of it it's obvious within seconds that it's a scam.

I still say you're on a windup pretending to be an idiot.
 
Yeah Rob, and do you think I'm that stupid not to see all your trying to do is get a RISE out me with you pathetic lame replies. Clown! :rolleyes:
 
Top Bottom