Weird phone call! "online pc doctor" - Only thread on these scam calls please

Keshguy

I too got this phone call last Friday week about 17:30. I was asked to go a web page and I told him it wasn't convenient at this time. He asked when would be a good time I said Mid-day Monday. He questioned would it not be better on Saturday or Sunday - I said no - Mid-day Monday suits. Haven't heard from them since..

KeRbDoG

The National Consumer Agency: Consumers warned about 'PC problem' scam calls

Just tell them you have no PC

Darkglasses

Just got another call from them there ten minutes ago, hung up as soon as I said Mr. _____ wasn't here...

jarvis

I started this thread on Feb 24th and that was the only call I got until yesterday June 24th (4 months to the day!).
They had my name, which they said they got from the Eircom directory and that they also use the "Internet users database"!!!
They wanted to know if I'd noticed that my pc was running slowly to which #i replied yes. He told me it most likely has malicious software and he can check the windows log and clean it up for me. He told me to turn it on and I said it may take a while as it's very slow to start up because of malicious software and does he mind holding, he said hell hang on. I left the phone face down on the table while I finished my dinner but he only lasted 9 minutes before he hung up. Too bad I was looking forward to playing with him.

He called from 0061111111112. I am in the phonebook, I never bought anything in pc world that wasn't with cash and I was with BT but now with Vodafone since Feb.......Hmmmm.... fist call was Feb!!!!!

Anyway, I was feeling a little left out having started the thread and only got one call while everyone else was getting multiple calls, I though they didn'tlove me any more. I hope they ring back.

Slightly off topic but I've had 3 calls from a guy pretending to be from O2 but before he discusses an issue on my account with me he needs me to confirm my identity with my DOB, address, name!!!! Phone O2 and they said there was 2 attempts to access my account but the person failed the DOB question:eek:

Anyone get this call, it was on my mobile while our friends on this thread call the landline.

NatWW

Yeah, they're calling me every week from that number: 0019476632176. Just rang me again this morning. Was so fed up I argued with the guy and told them to eff off, that they were just a bloody scam but the guy seemed offended... Poor him

Elbow

Been getting 2-3 calls a week at work from these people. At the beginning we just told them where 2 go, but the past 2 weeks we've been having a bit of fun with them

Had one fella on hold for 45 minutes: Told him i was going on lunch and would he mind holing until i was finished.... he was still waiting when i got back

Another guy we keep giving funny email addresses to and he keeps ringing back wondering did we get the information he sent
(Apologies if anyone actually has the email address [email]im@****all.ie[/email] )

We try to sell stuff to them when they ring, usually lasts about 15 seconds before they hang up

Told another guy that was ringing from "google" that i was setting up a new business selling unusual clothing for animals (there was something in the paper about a penguin with a wetsuit the same day)

BopNiblets

jimoc wrote: »

Step 1. Buy Vuvuzela
Step 2. Wait for a call.
Step 3. Deep Breath

After 4 of 5 of these they should all be so deaf they cant make the calls any more

Or use this handy site with your computer speakers!
http://www.vuvuzela-time.co.uk (just put in any old site and it Vuvuzelafies it lol)

If only that "Brown Noise" from that South Park episode was real...

scudzilla

I'm soooo pissed off, why can't these clowns ever call me :(

foggy_lad

He called from 0061111111112. I am in the phonebook, I never bought anything in pc world that wasn't with cash and I was with BT but now with Vodafone since Feb.......Hmmmm.... fist call was Feb!!!!!

I have also been getting several calls a day from this number but they just hang up on hearing my voice!

wolfric

Would a mod consider linking a security note to after hours as most people will be browsing there and it seems like a good place to get out warnings. Personally most scams are so small it more than likely won't get out to the people who do get hit but this seems pretty damn big. Just got a phone call from a neighbor, same story.

SB-08

I am constantly getting calls from these pricks and I am sick of it.:mad: I have told them several times now that I am fully aware it is a cold call and that I would be reporting them if it continues. They always hang up but call back a few days later. I just got off the phone just now with one of them after telling him to **** off. Seriously, surely once they are aware I know it is a scam they should just delete my number from their records? Bloody ridiculous. And it is impossible to try and wind them up either as the long pauses and delays on the line is so annoying it's not worth it.:rolleyes:

kirving

I just got a call from one of these guys, told him I was a Gard. I was convinced it was a prank call, and started laughing when he started going on about the World Cup.

He started laughing then, and I could hear others in the background laughing - I was convinced I was on the radio at that stage!

Anyway, I'm off for the summer, so If they ring back I'll keep him going for as long as I can and record it!

alad

I just went onto their website http://www.onlinepcdoctors.com/
and used their live chat to talk to an engineer it seems you log in and download a file[trojan virus] and run it
below is the output of the chat
the ssl cert was ok but they will have fun checking

micheal westover:
my computer is making strange noises

Call accepted by operator Online Support. Currently in room: micheal westover, Online Support.
Online Support:
Welcome to Online PC Doctors !
Online Support:
How may I help you today?
Online Support:
Please type in your Full-name , Email-address and the Telephone number .
micheal westover:
my computer is making strange noises
micheal westover:
I already did!
Online Support:
Kindly confirm if you are registered with Online PC Doctors ?
micheal westover:
I opened up live chat and typed in my Full-name , Email-address and the Telephone number and here I am
Online Support:
ok
Online Support:
Kindly confirm if you are registered with Online PC Doctors ?
micheal westover:
I opened up live chat and typed in my Full-name , Email-address and the Telephone number and here I am
Online Support:
Have you paid for the service anytime?
micheal westover:
how
Online Support:
please wait while we are connecting you to our online support service
Online Support:
Please click on the link
Online Support:
https://secure.logmeinrescue.com/R?i=2&Code=301108
Online Support:
and click on run or save whatever option you are getting on the screen.
micheal westover:
your ssl cert is wrong
micheal westover:
my security software said not to click
Online Support:
could you kindly check the time and date of your computer and confirm that it right or not?
micheal westover:
its running ntp
Online Support:
ok
Online Support:
have you clicked on run two times?
micheal westover:
with a bad ssl cert I will not
Online Support:
Please click on this link : www.logmein123.com in order to get you connected to the next available service engineer .
micheal westover:
why
Online Support:
to get connected with us
Online Support:
Can we give you a call right now and have you checked the time and date of your computere?
Online Support:
because that may be a reason for bad ssl
micheal westover:
who is logmein123.com
Online Support:
thats a site through which we connect to our online support system
micheal westover:
i am already connected to you thats why we can type to each other
Online Support:
No this is our chat support we can just chat with this window and to fix the problem we need to connect to our online support system
micheal westover:
your website seems to be broken as well
Online Support:
and thats a secure site and i believe if you have heard about https then you must know that its a secure site trough which we provide the support.
micheal westover:
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/content/b/u/s/businesspro/html/onlinepcdoctors.com/opdcrm/models/customer.php on line 94

Warning: Cannot modify header information - headers already sent by (output started at /home/content/b/u/s/businesspro/html/onlinepcdoctors.com/opdcrm/models/customer.php:94) in /home/content/b/u/s/businesspro/html/onlinepcdoctors.com/rightbar_sm.php on line 174
Online Support:
i am sorry for that but that may be due to the compatibility problem
Online Support:
and this is a SQL server error as i think you can also see that
micheal westover:
mysql databases are normally very good
micheal westover:
usually its bad programing that causes problems
Online Support:
its seems that you are tech savvy and i appreciate that and i am getting this feedback from you first time and we will report it our web site department
micheal westover:
lol
Online Support:
so can we go ahead and look after your computer issue?
micheal westover:
it was a loose screw in a fan I fixed it myself
Online Support:
ok
Online Support:
so is there anything else i can help you?
micheal westover:
yes stop phoning Irish telephone numbers as this conversion is going to be posted on a anti scam forum so expect to be busy
Online Support:
we did not call you
micheal westover:
yes you did about 5 x times
Online Support:
it was you who came into our online chat
micheal westover:
dos
Online Support:
thank you for choosing online pc doctors.

Online Support has left the conversation. Currently in room: micheal westover.

wolfric

http://www.providesupport.com/

Their live support. Please report the website as a scam if you've seen this yourself. Apparently i'm the first to report it. More than likely they'll get another website service to get live chat but all the same...

alad

you can play with them using proxys
slow computer works well 3 min before reply
wreck their heads

Amalgam

3 calls from Repair Zone this morning. New number for us 0061111111112.

Odd thing is, it takes about 5-10 seconds for them to start speaking. Any technical reason for that, some sort of VOIP issue?

Polite enough, just told them 'we don't have a computer' and he apologised for calling and rung off.

Fun wording, maybe just lazy or tired, 'We're phoning about the Windows'.

Gaps of 15 minutes between calls. Also asked for the name of the person on the phone bill, (deceased).

Mec-a-nic

Amalgam wrote: »

3 calls from Repair Zone this morning. New number for us 0061111111112.

We received our first two calls from guys like these today, ''Computer Support (Something)'' difficult to tell due to strong Indian accent. I'm at work so didn't get to talk/play with them myself.

Working in IT, I have the missus up to speed on phishing/scamming via social engineering so she told them pretty quick where to go (away).

Time to fire up a distro of choice in VMWare in preparation for their next call...

donnacha

4th call from onlinepccare in 2 weeks. they are persistant I'll tell you

everytime they ring I explain that I do not have a computer but I guess they'll just keep calling until they realise no-one here is gonna be scammed.

the "senior" supervisor i spoke with this evening goes by the name of rock smith lol

Amalgam

There's a major vulnerability to do with XP at the moment, currently still unpatched, to do with the 'Help & Support' aspects of XP.

I was thinking it might be linked to the current exponential rise in calls.

The BBC covered it yesterday (July 01, 2010), in a rather vague report.

http://news.bbc.co.uk/2/hi/10473495.stm

Hackers target Microsoft Windows XP support system
Page last updated at 09:17 GMT, Thursday, 1 July 2010 10:17 UK

Hi-tech criminals are "escalating" attacks on an unpatched bug in the Windows XP help and support system.

Microsoft said it had seen more than 10,000 machines hit by the attack that, so far, it has not found a fix for.

Windows PCs falling victim will have control of that machine handed over to attackers.

Microsoft said the attacks had gone from theoretical to real very quickly and urged users to take steps to protect themselves.
'Nightmare' attack

Microsoft revealed the upturn in attacks in a blog post saying that it had been monitoring activity around the loophole since it was first revealed on 10 June.

Found by Google engineer Travis Ormandy, the loophole revolves around the Help and Support system built into XP. Mr Ormandy found that it was possible to exploit its ability to give remote aid and apply fixes to ailing machines.

Initially, said Microsoft, it only saw "innocuous" attacks by researchers attempting to replicate what Mr Ormandy had found.

Real exploits turned up on 15 June and these have been enthusiastically adopted by hi-tech criminals.

Writing on the Microsoft Security Centre blog, Holly Stewart said it had started seeing "seemingly-automated, randomly-generated" web pages that host the exploit.

A variety of trojans, spam tools and viruses are being downloaded to compromised machines, she said.

Rik Ferguson, senior security researcher at Trend Micro, said: "It's certainly very serious and is now being actively exploited by what appears to be several different groups as you can see from the multiple payloads being delivered."

Carole Thierault, senior security consultant at Sophos, said attacks like this were a "nightmare" to defend against if people did not regularly update or use anti-virus.

Statistics gathered by Microsoft suggest Portugal was taking the brunt of the attacks but users in Russia and Croatia were also being hit. More than 10,000 machines had been hit at least once by the attack, it found.

To avoid falling victim, Microsoft advised users to turn off the part of the Help and Support system that is vulnerable. It has produced an automated tool that can do this for users.

Mr Ferguson from Trend Micro said there were other steps users could take to stay safe.

"It is important to ensure that your security software is capable of identifying and blocking malicious websites," he said, "as you can be sure that the criminals behind this will be constantly updating their malicious files to try and avoid traditional security."

Microsoft said it was working on a lasting fix for the loophole.

eimsRV

Just received one of these calls from 0019476632176 on my landline. He knew my full name, I'm ex directory.
Was switched to Vodafone at home from BT a few months ago.
He said that as I was running Windows he could help me improve my PC.
I asked him what version of Windows was I running, he didn't reply.
He asked me was my PC running slow, I said no.
He then was saying my virus protection was out of date.
I told him I work for Microsoft, I was all set and hung up.
Checked back my phone and I've several missed calls from the same number over the last few days.

Not sure where they got my number, as I said my ISP is Vodafone, and got my laptop direct from HP through family.

jack presley

I just spent about 20-30 seconds telling the guy to "f*&k off and get off the phone" and he still kept telling me my computer needed a check-up. I eventually hung up and then about 10 seconds later he rings again and he got another earful. I didn't pick up the 3rd time he rang.

Snowbat

Two sources - the phone book and a list of BT customers who were switched to Vodafone?

Solair

If it's a lost/stolen database, people need to alert the data protection commissioner.

Burgo

Snowbat wrote: »

Two sources - the phone book and a list of BT customers who were switched to Vodafone?

I got a missed call from him yesterday,disappointed i missed

Im currently with upc for phone and broadband, eircom before that and BT before them.

donnacha

i'm ex directory - bu I am one of those that switched over to vodafone from BT.

Snowbat

Looking back through the thread, alan89 mentions Perlico customers also being targeted and OP was cold called "by Eircom" 15 minutes beforehand. Maybe that wasn't a coincidence... Who are the Eircom Winback pests these days? Is it still contracted out to CPM?

However, if names of ex-directory customers are not redacted in the National Directory Database (Cherrycola's post #169), that's a likely source. Anyone care to write to Eircom's company secretary for clarification?

jimmycrackcorm

Snowbat wrote: »

Looking back through the thread, alan89 mentions Perlico customers also being targeted and OP was cold called "by Eircom" 15 minutes beforehand. Maybe that wasn't a coincidence... Who are the Eircom Winback pests these days? Is it still contracted out to CPM?

However, if names of ex-directory customers are not redacted in the National Directory Database (Cherrycola's post #169), that's a likely source. Anyone care to write to Eircom's company secretary for clarification?

Could be some Indian guy delivering a curry found one of those telephone directories still lying outside someones door, opened page 1 and started dialling names listed.

PeterHughes

Similar call received by my parents this morning, which looked like it came from the number 001947663217.

They are Eircom customers and have never changed.

They asked my mother to load up event viewer and to count all the entries "with red marks beside them", told her there was problems with the machine and they could fix them. She started to smell a rat and asked them to ring back in 1 hour coz she was busy.

In the meantime she rang me and I advised the don't say anything just hang up approach. They have rang back once already, hope that is the last of them.

Dermot Illogical

The Register have something on it today
http://www.theregister.co.uk/2010/07/05/malware_cold_calling/
They must have found a UK phonebook too..

shaneny

I think Eircom should block all these numbers, as most calls are to eircom numbers, the number is the same, someone should report them!