Comments | kremmen: Scammers ahoy!

kremmen

Scammers ahoy!

Jun 28, 2011 17:35

I've been feeling a bit left out, but I finally got one of the Event Viewer scam phone calls this arvo. Curious as to their tactics, I decided to play along while I made lunch. It was a bit of a juggle sometimes, boiling eggs and such while holding my finger over the handset mic and responding as best I could to their questions at times when I wasn ( Read more... )

Comments 5

Scammers edm June 28 2011, 08:03:17 UTC

Sadly I think that the general, not terribly computer literate, public have been primed for exactly these sorts of scams by the computer security industry paranoia marketing about viruses, etc, as well as all sorts of auto-installing/auto-updating software vectors, and software that "phones home" to report problems. It doesn't really surprise me that people believe such scams. (Hell, amongst vendor supported enterprise hardware "the SAN reported a disk needed changing and we've couriered it to you" is considered the mark of good service, not an indicator of a scam -- even to the very IT clueful ( ... )

kremmen June 28 2011, 09:23:46 UTC

The trouble with general reactions is that the devil's in the details. Sending me a new hard disk isn't a problem. I'm going to create a file system on it before using it, or my RAID is going to automatically write over it. Unless they actually send you a disk with a non-standard controller, there's really no harm possible. (Likewise, banks want you to sign deposit slips. Why? I'm quite happy for anyone to give me money, even anonymously. It's only taking it out that needs authentication.)

Speaking of which, the real problem with phone calls is that we have no authentication at all. I had a call purportedly from ANZ last week wanting to ask about my new credit card. "But we'll need your security password before we can proceed." Like hell, you will. I'm not giving my password out to some random, unidentifed caller and ANZ shouldn't be moronic enough to want me to.

Scamming edm June 28 2011, 10:33:06 UTC

And your second paragraph is basically my entire point. "Legitimate" businesses are doing things that ought to trip people's "it's a scam" sensors, and expecting their customers to treat it as normal and go along with it. (The local eBay equivalent, Trademe, in one email will tell people not to go to a link from an email and type in their password, and in another email tell people to log in via a link in an email they send them to take some "legitimate" action on their site. Sigh ( ... )

februaryfour July 7 2011, 05:11:06 UTC

My bank only wants you to sign deposit slips when you're asking for cash back.

the_dags June 29 2011, 22:47:21 UTC

Well done in making them work for nothing ( ... )