You have no guts, man. The fingerprint of a scam.

I got a call  from 020 0982 3420 this evening from someone "authorised by Microsoft" offering to scan my PC for all manner of unnamed things that apparently make it run badly. I kept "Paul McKenzie" (with an Indian Accent) talking for about 25 minutes with the lure of 6 or 7 PC's to fix, knowing full well this was a scam.

I know it's a scam because a family member fell prey to it in 2010. And by how my call ended.

It is a well executed scam, very well executed actually; these folks have all the answers and play out a very convincing story. But, in the final analysis, when you consider that someone is prepared to stay on the phone for 25 minutes to make a sale of "PC healthcheck", something smells fishy - around about the 3 minute mark actually.

I stuck it out with this guy for a couple of reasons. One - just to save someone else being caught - my 25 minutes on the phone might have used up time scamming 3 or 4 other people, so it was part community service. Two - I also wanted to get a full sense of how they operate. I certainly got that.

Here are the tell-tale signs I noticed:

 

  • A call from a London number; when answered 3 or 4 seconds of silence before speaking = classic power-dialling = wanting to sell something
  • The chap then started referring generically to my PC. Rather than ask how he knew I had one (he, doesn't by the way, he's guessing; and if you ask the question he'll say it's the error reports you get from crashed programs), I asked which one. Pause.
  • The one with windows on. Yeah, doesn't really narrow it down does it? Which windows?
  • Err.. either windows XP or Vista. So immediately I know he's fishing, I own neither. This is almost like getting a psychic reading.
  • He proceeds to ramble on about windows auto updates and how it downloads junk and my computer is full of it and do I want a healthcheck. I play along.
  • I say I am recording the call. He says he doesn't mind, which proves he is reputable - a scammer would hang up, he says.
  • I say I know what's going to happen - he'll get me to download something and access my PC. Evasion.
  • I question his identity - he says he is a partner of microsoft, sort of implies doing it on their behalf.
  • I push the whole identity thing and he takes me to microsoft's website and claims to be SB3 INC. Would microsoft allow a disreputable company on their website?
  • When I question that I have no proof he is SB3 INC he says surely I trust microsoft. That an intelligent person would realise that a company associated with microsoft would not be disreptuable. I don't disagree, but my question is about proof he is SB3. And he insulted my intelligence; that raised the stakes.
  • He says he is my system admin and he is just trying to help. I say what? Do you access my PC without my permission? No, he just wants to help. Just a check, like going to the doctor, then you buy the medicine. (Good of him to spell that out for me).
  • He just wants to check my PC for bad things, what would a reputable company do that's bad? I say, you could install a keylogger and get my bank details. He repeats, why would a reputable company associated with microsoft do that?
  • I push the "prove you are SB3" line and he suggests I look at the SB3 INC website. I say this is not proof. I say I could tell him I'm from HP and show him an HP webpage - what does it prove?
  • Backed into a corner he asks what proof I want? I say it can't be given - what I'll do is call the SB3 number. He says Ok, he'll give me the number so I can call back and speak to him. I say no, I'll call the number on the microsoft site that I DO trust. He insults my intelligence again and asks why I don't trust microsoft. Calmy, I again explain to him that I do, but I don't trust him.
  • In the end I force this point and he says "you have no guts, man; you have no guts" and disconnects. 
  • I guess mr unintelligent here outsmarted him. 

 

Let me tell you - his persistence was wearing and convincing. I can see how it would be ever-so-easy for someone to be socially engineered into following his instructions. When you step back and analyse it, however, the whole scam revolves around the association with microsoft as a claim to be reputable (I hear all the Apple fanboi's - and a few others - sneer in the background!). The point is, at no time is there any proof of his identity, no proof of that association. This is where they trick people - they labour that point, state it as if it is fact. That's what convinced my family member.

How do you protect yourself?

Well, if you know nothing about technology, it doesn't matter; just follow this simple rule:

NEVER, EVER, EVER buy something if you are approached by someone you cannot verify - this applies as much to the doorstep as it does to the phone. If you get an incoming sales call, leave the decision to later. Make it your policy. Tell doorstep sellers "I never buy on the doorstep; leave me your details and I'll get back in touch". NEVER! NEVER! NEVER!

The second thing is to realise something about microsoft: this is not how they operate or authorise anyone else to operate using their brand. Furthermore, this is not the market that microsoft partners are in. MS partners are business solutions partners - they create systems and integrations for business, using email, instant messaging, sharepoint, communications, and all sorts of stuff that if you haven't worked in a big IT department will probably have never heard of. Microsoft retails through the usual channels to consumers, but it does not sit behind this kind of consumer support.  

Finally, make sure your computers are up-tp-date with virus checkers, windows/operating system updates, and run regular scans for malware. This is just as good as what these scammers can do - and the truth is, they don't even do that properly - it's a subterfuge to get you to pay for their services. It's all about impression. Be warned. 

 

Upgrading to Windows 7 from XP without the pain

I've just completed my second of 3 (ultimately) upgrades from windows XP to windows 7.

For the first machine i just followed the standard Microsoft line and did a custom install "over the top" of XP. This takes your existing setup and stores it in a windows.old folder on the new machine running windows 7. You are then free to do with that folder what you will (such as delete it). This was ok on my first laptop as I'm just using it as a windows 7 media centre - didn't need my old stuff.

However, for my next (main) machine, that wasn't the case. It's the main machine that I use for all my personal work, which includes a lot of image creation and production (more on that in a later blog). I absolutely could not afford any downtime nor a whole weekend or more of solid copying and re-installing. (A process which from experience drags on and on for weeks in my experience.)

Thus the promise of a smooth migration, keeping all the existing XP setup alongside windows 7 was sufficiently tempting for me to take up. The system is called zinstall XP7 and you install it after you have done your windows 7 custom upgrade (keeping your old files in windows.old). When you install zinstall it wraps up all those old files and creates a fully functioning virtual machine of your old installation. Absolutely everything remains intact, all programs work correctly and all data is preserved. 

In use the system places an icon in both the windows 7 system tray and the XP system tray (is it just me that finds it quite clever it can install itself into an operating system that has been replaced?). Double clicking this icon allows you to switch between windows 7 and XP. XP is displayed full screen, even though it's running in a virtual machine and could theoretically run in a windowed container (I intend to try this). Presumably this is to make it less confusing for novice users - zinstall describes its mode of operation as "TV Channels" - which makes it easy to understand.

You can copy and paste between each system with ease, and see the file system on each system for moving files between the two. 

So what's the point of all this? Well - it means you can get windows 7 up and running, but keep your old system running in parallel - allowing you the time (as long as you want) to re-install and move applications and data to Win7. And if you have applications that will only ever run on XP, then you can keep them running indefinitely. 

It should be noted this is not the same as Microsoft's own "XP Compatibility mode" which consists of their own VM container ("Virtual PC") and a specially licensed copy of XP to run in it. The hardware requirements for their solution are stricter and you get an empty XP which you have to get your programs and data back into. This compares starkly with zinstall which is a one-click process and retains everything as is.

After 3 days, I'm giving zinstall a big thumbs up.