Phone Scam - Windows Customer Support and CLSID
For many years now, we've been receiving phone call from a company that name itself Online Windows For Support. For the past few weeks, we've actually received one phone call a week from them and today, was one of those day. Since I'm at home and recovering from a surgery, I actually had time to ask them some questions and investigate further their claims.
I talked to Jim and he said he was from California. His accent did not sound like an American, more like an Indian, so this was hard to believe. He said they've been receiving error messages from my computer for a long time now. Since they've been calling many time, I wanted to try something different. Thus I asked Jim to speak to his manager, who identified himself as Edward and said he worked for Microsoft. Again, this guy did not sound like an american, more like an Indian (from India). I wanted to know more about the company so I asked for a website address, which he provided, after many spelling issues (me being french and him obviously not being an english speaker) he finally give me this: http://onlinewindowsforsupport.yolasite.com/ It was really strange that an support company did not have its own domain name, but a subdomain to an internet provider (yolasite.com). But I kept this question to myself. I then asked him for an email address and he provided me with this one: onlinewindowsforsupport@microsoft.com. It made me even more suspicious, because this email address doesn't look legitimate to me... Anyway, I did not try it and pushed further my investigation about my specific computer.
I asked Edward when was the last time they received an error message from my computer, and he said yesterday... My Windows computer was turn off that day and has been for many weeks and was not even connected to the internet anyway (no cable connection), so this was obviously not true. Edward told me that even if my computer was not connected, what mattered was that the hackers were using my IP address to hack and do bad stuff under my name.... I actually don't believe this is possible. My IP address is of public domain, any web site that I visit will have my IP address (it's part of http protocol). A hacker, to do something bad under my name need somekind of username/password of mine or access to my one of my computers. So again, this was obviously not true (After the call, I ran Microsoft Safety Scanner and it found no trace of viruses or spyware). But Edward keep being insistant and I still complied because I wanted to know more about these guys. So they said he could prove me that he had information from my computer. I said OK, prove it! So he spelled a CLSID that I should find on my computer and this was supposetly an information I only had on my computer. This CLSID was
888DCA60-FC0A-11CF-8F0F-00C04FD7D062
or something close to that... It took a long time to spell it since he did not prononced the letter easily (english was not his first language, that was for sure). Once my computer was turn on, he told me to open the command window (cmd.exe) and type "assoc", which I did... Then once the app had done its job of listing information, he told me to look for the actual CLSID that he spelled for me. Of course it was there. Look at the picture below (4th before the last):
I then started to be a little worry... How could he possibly know something about my computer like this? But more he was talking, the less he was convincing to me. He kept talking about my ip address being used, and blablabla... So at one point, I said they were full of s???, and then they hand up on me.
After that I made some research about what he told me. First of all, the application "assoc" displays or modifies file name extension associations. So basically, this CLSID is about somekind of file on a windows computer. Then I search on Google for Scam and CLSID, and I found this answer:
assoc command lists the file associations. zfsendtotarget happens to be the last one. The Class ID identifies a COM object to run.
http://blog.eset.com/2011/07/19/support-desk-scams-clsid-not-unique
zfsendtotarget is a part of the implementation of the 'Send to compressed (zipped) folder' option on the Explorer right-click context menu.
So what is this telling me is that this CLSID is not unique to my computer. It is found on most if not all windows computer of the world, regardless of the version. So this company is making us believe that they know something from our computer while they actually use information availaible on all computer....
This is a real scam! Be really careful about these call! Do not hesitate to follow the links provided above for more information.
I hope this help someone!
Comments
Sylvain (not verified)
Fri, 12/06/2013 - 08:59
Permalink
Thanks! I just got called
Thanks! I just got called today from the same company and same thing happened! Very happy I found your post while taking to them and I hand up! I'm in the Montreal area.
Wouter Stals (not verified)
Tue, 04/08/2014 - 07:24
Permalink
Thank you so much for this information!
Thanks a lot for putting this info on the web.
I just got called by a guy who told me he worked at Microsoft and according to him I had malicious junkware on my pc which needed to be fixed by a technician taking over my pc. He was very friendly and winning my trust, although his English was very bad (very heavy Hindi accent).
Luckily I took my time to google this: "clsid asked by phone" and immediately I stumble upon this website. So I started reading to him and when the word scam feel, he hung up :-/
Thanks a lot for giving me lifesaving info on the click!!!!
Wouter from Belgium
Shanni Lomms (not verified)
Sat, 02/01/2014 - 17:44
Permalink
scammer looking to steel your password
Now that I have read this page I want to let you in on yesterdays four hour deal. I recognized the voice from India, around the Bombay area as for the time I sent there a few years ago. First off Windows does not call you. Next They do not use oversea's for technical data help. Now for the fun part. I ask him to repeat close to all his words and then telling him he was breaking up fading out and in when I could hear him fine. I as the same question twenty times how he got my phone number. Here is how I have it in my maiden name spell wrong to catch this from happening. I am on Time Warner service RR Turbo with six computers on at the same time. Not linked on three of them so I can surf for his address. The phone number indicated he was in Key West on one link and Kansas City on another. By asking him to repeat everything and with a slow I didn't get that I played this for close to two hours. Blessed with several majic jacks I called the FCC on one phone and gave them the information, quick as flash they said just hang up. Not me I wanted some fun too! I have been re copping from a knee replacement and noting else on TV this was good entertainment. At a couple of time he would comment to someone in Hindi hope this sucker is loaded. I knew I had to put on some help. I said hold the phone the house keeper and the yardman are wanting paid. This I laid the phone down for almost forty five minutes and was not expecting to have him on the phone when I came back online. Blow my knickers off he was still there. So for the next hour I pulled and tugged his wanting my computer number. I Google the number he was wanting to have me believe was my computer number and it showed scammer. After linking the phone to several recording unit I started again to get him to tell me where he was. Here I really wanted to use the rest room so I laid this out "you are informed never to call this number again listed on the DO NOT CALL List, never did I know that so many cuss words could be said by one person and yes some in HINDI. When he stopped I said feel better now? click was the response
Cora Z. Prather (not verified)
Wed, 02/05/2014 - 15:15
Permalink
Add new comment | Steve Roy
Hello there! This post couldn't be written any better! Reading this post reminds me
of my old room mate! He always kept talking about this.
I will forward this write-up to him. Pretty sure he will have a good read.
Thanks for sharing!
Mason (not verified)
Sun, 02/23/2014 - 21:31
Permalink
thanks
just recieved a call from them and this was the first thing i found so thanks a lot :)
really greatful
Joe (not verified)
Tue, 02/25/2014 - 12:55
Permalink
Thanks
I just received a similar call and found this page while he was talking to me and trying to sell me on this "CLSID" crap... This was really helpful as I was almost prone to beleive them because I just reinstalled windows on my laptop because of all the bugs and error messages I was getting. And a few days later I had to call microsoft to validate my copy of Windows 7. Therefore I thought they were responding to that call I made to them, but when I found this page I realized that it was all just a scam that was well timed and I almost fell for it.... Thanks for putting this out there so others won't fall for this trick!!!
Kate (not verified)
Tue, 03/11/2014 - 23:03
Permalink
They are calling Australia too
Thanks for this post. I am from Australia and just received a call along those lines. I constantly asked him how I would know that he was legitimately from Windows. He kept telling me that he could prove where he was from once I matched the CLS ID he gave me to the one on my computer. I didn't even know what a CLS ID was! He told me he would wait on the line while I googled it. I found your post and when the CLS ID matched the same one you had listed on your post, I told the caller that I had reason to believe his call related to a phone scam and I was not continuing the call. So thanks again.
Mike (not verified)
Mon, 03/17/2014 - 04:33
Permalink
Australia too - Telstra immitating
Same as above and very convincing as impersonating Telstra employees quoting websites and phone numbers. Also when questioned even handed me over to so called Supervisor, he even gave phone number to call. Got to Application View Logs looking at errors but then decided to call our own internet provider and get clarity from them before proceeding further.
They indicated that it was a scam and tried to trace phone number but kept ringing out.
No data given to them.
Debra (not verified)
Wed, 04/02/2014 - 13:14
Permalink
I was a fool
In November 2012, I got a call from some "Microsoft technician" named Sam that had an Indian (from India) accent. He told me that my computer had reported a Trojan and if I didn't do something about it my computer would stop working. I had just updated my Windows, so I thought my computer while updating had transmitted something from the "trojan". Well, I fell for it being an idiot and allowed him access to my computer. He then told me it was $299.00 to fix it and install antivirus software so that it would not happen again. Not knowing any better I paid with my debit card. The next week I had charges from England on my debit card. Luckily, I had protection on the card and the bank called me before paying because the charges where unusual. I canceled the card. In February 2014, I got a call from “Microsoft” saying that I was going to get my $299.00 refunded to me. Again this moron let the “technician” in her computer to fill out the refund slip. Well, as I started to fill in all my information I saw that it was the payee section. Immediately, I realized that something was wrong and told him to get out of my computer and when he did I hung up. The helpful “technician” in that short time changed my administrative password so that I could not get into my computer. I deserved this for being so stupid. I took my computer to Best Buy where the technicians there were able to save most of my documents. Guess what, someone still calls. I Googled the phone number once and all the results said scam. I started reading about the scams and learned a lot. I played stupid with them the last time they called but not let them into my computer. My questions were like: What school did you go to? How long have you worked for Microsoft? Show me the errors. Could you repeat that again? When I asked how many people fell for this his reply was “piss off”. Now that number is blocked on my phone but there are others. When they call, if I am bored, I’ll play around to upset their day. Now I try to educate everyone I know that these people exist and what they are up to.
william damonski (not verified)
Wed, 04/16/2014 - 17:31
Permalink
comments
hi this is william and i also got a call from a company , named as sunmeet pcsupport ,but as all you are saying in comments that this is a scam, but when i move on to that process i found that these guys are awesome they did same process but they make my dead pc up and running and i have opt a 1 year plan and these guys are still providing me tech support above my expectations . my computer is running very fast and i am very happy, so i only can say that all tech support people can not be a scam there are some who are still providing best tech support ........ and this message is to sunmeet pcsupport - guys you are awesome.....
Ali Black (not verified)
Wed, 12/03/2014 - 00:22
Permalink
Well William, you must
Well William, you must therefore be one of the scammers. Once again trying to convince people that this is not a scam.
DON'T buy it folks, IT IS A SCAM. And these people will take whatever they can from you in the blink of an eye.
Leehar (not verified)
Sat, 04/19/2014 - 05:05
Permalink
Wow, just had the same thing
Wow, just had the same thing happen to me. An Indian guy calls claiming to be from 'Windows Technical Department' in Cape Town. Said I've been hacked from 6 different locations, by people using my cls id. Says he wants to help me fix the problem in case the pc is used for cyber-crime and the police may contact me...
I've had these guys contact both my parents about the same issue, so I thought I'd take him at face-value and at least hear him out.
He starts by asking me if I see the 'C for Charlie, T for Tango, R for Roger, L for Lazy' key on the bottom left of my keyboard, then the windows button next to it.
Then press Windows + R to open run.
type 'C for Charlie...' (cmd) and type in assoc.
Look for the CLS id, and he recites the id to me, to prove that he's from a legitimate party (Meanwhile, this is the same 888DCA60-FC0A-11CF-8F0F-00C04FD7D062 string that apparently all computers have). And he asks me to write this down as well!
Throughout the conversation, I've been asking him how I can verify he's actually who he says he is.
He says this is the ID thats been registered to our name. I ask him if he's saying the hackers are using the same id to control my pc, couldn't they also have these details at their disposal? He obviously diverts the issue, but I try stay on him like a dog with a bone! I ask him why they're contacting me on a weekend, I thought IT support staff only work on weekdays ;)
He tries to defend himself. Says "You're not listening to me", "Please listen to what I'm saying", "Just follow what I'm telling you to do".
So I do, continue listening to him, he takes me to 'run' again, makes me type out "http://ccwhs.yolasite.com/" (again with the whole 'C for Charlie" business for each letter! Guess these guys really don't want me to get confused and go to the wrong location!)
Asks me if I can see "Welcome To Windows Help And Support" which 'obviously' proves he's from Windows Help & Support. Not!
Asks me to click "Welcome to Windows Server 1", which I can actually see is a link to download a file from AMMY (ammyy aa_v3).
Now I can see this is finally getting to dodgy territory (of actually changing the state of my PC), so I google the app, and finally get to this http://www.welivesecurity.com/2012/08/24/ammyy-warning-against-tech-supp... near the bottom of the search page to confirm it's a scam.
I learn that the App is a "remote desktop sharing and PC remote control software that can be used for remote access", and finally decide the jokes gone long enough and hang up on him.
Unfortunately, the dude does have some personal info; surname, phone number, previous address (another warning bell!), so he calls back immediately, which is disturbing to say the least.
I explain the facts of life to him, that I know their game, and while he still tries to give some excuses ("Why aren't you letting me speak?"), eventually he realises the jig is up, and hangs up. Unfortunately that probably means he's on to some easier marks, but hopefully thats the end of my contact with these tech support that have enough info to seem reasonable, but thankfully can't stand the test of the information age (aka Google)! (Albeit the information age is the whole reason the information is up there for public consumption in the first place!)
Nonetheless, Interesting to see these tech support guys have graduated to our little corner of the world in South Africa!
Monty Burns (not verified)
Mon, 05/12/2014 - 12:54
Permalink
Being in IT for several years
Being in IT for several years it really angers me that these crooks are making a living at ripping people off and obvioulsy there are a lot of people out there that fall for this scam. The thing that REALLY angers me is how, like you stated above, the guys get all pushy and defiant when they think that God forbid, you don't want them to steal your money. A lot of people like myself just like to toy with these idiots but it's sad that there are a lot of older people and those new to this type of thing that get crooked. I know they are not all the same but these kind of people sure make a bad name for their nationality as well as pretty much 100% of these calls are from the same people.
Tom Queirolo (not verified)
Fri, 08/08/2014 - 16:04
Permalink
Scam
I was contacted by these guys this morning. I had been contacted many times before but when I told them I knew they were not on the up and up they stopped calling. This morning they used the CSLID part. after a few minutes I told him I was tired and hung up. He called me back ant told me what a MF'er I was for wasting his time and he called me a few other choice words and hung up. I don't know how to stop these guys but they sure showed their unprofessional side. Maybe put them on mute ant let them ramble on.
Thanks for your time
Tom
Tom Massie (not verified)
Fri, 04/25/2014 - 03:58
Permalink
Thanks for this! Same thing,
Thanks for this! Same thing, Indian accent. I was suspicious so I took their number, which began with +46, so I asked, what country is that? They said they were in California. I called them back and it was in fact a Swedish number. They went through the CLSID routine. However, since I was calling on Skype from a non-Microsoft computer I asked them how they knew who I was. They replied that they knew I was in Belgium. Also I questioned why they would spend all this time on someone with an obsolete Windows computer when it was impossible to get Microsoft on the phone to solve technical questions.
Finally I told them I would do some more research before trusting them and running the "eventvwr" routine which they told me to.
I found your website, which completely confirmed my suspicions! They are obviously active in calling numbers in Belgium at the moment.
Great work!
Tom
Steve Roy
Fri, 04/25/2014 - 09:05
Permalink
I'm happy this post is useful to many people....
Wow!
This is the post on my blog that has gotten the most comments. I'm happy you share your story too!
Keep the comments coming! Hopefully, people will get smarter and not get into their trap!
Cheers,
Steve
Ken (not verified)
Tue, 06/03/2014 - 01:21
Permalink
Same thing continuing in Australia
Got to the assoc and CLSID and got sick of the female crook. Told her she lied to me three times. 1. CLSID did not mean Customer Licence Service ID. 2. CLSID was not unique. Same on every Windows computer. 3. Was trying to tell her she was NOT from Telstra when she hung up on me.
I get really cranky about the mongrel acts these people perpetrate particularly on the elderly.
Still cleaning up a customer's computer after a hacker had Remote Control.
Lets keep educating users
Ken
Carol (not verified)
Tue, 06/10/2014 - 13:24
Permalink
I just got one of these calls
I was just called by a person named Steve Lawson, who didn't sound like Steve Lawson, but he said his Microsoft Id# is 4107 and that I could call him back at 1-323-647-4977, he also gave me my computers clsid # it is the exact same # as in the post. I did not open my computer for him. I also did not look up any sites while he was on the phone, I asked for a call back #. The number he gave me was the number I listed above, but he called me from a cell phone # 323-213-7689. Why cant they catch these people and stop this scam?
Jenny (not verified)
Tue, 04/29/2014 - 05:38
Permalink
thanks for sharing - today it was me....
I'm thankful you posted this as I, too, got very worried when he knew my CLSID code correctly and I wondered if this was a security risk for me now. fortunately I found your blog. he tried to win my trust with checking that I'm older than 18 (which is a joke). when I asked his name he called himself Leonardo Rodriguez and the phone number was 0098 464 74849, which appears to be a cell phone from Iran. And this would also match his accent quite well. Funny: Although he pretended to call from California - where it must have been 4 am - he said he was on the evening shift...
Now I just hope I won't have to pay for the call...
stay alert, people!
cheers,
Jenny
Guido (not verified)
Thu, 05/01/2014 - 01:25
Permalink
They just called me in Germany ...
Hi guys, also a big "thank you" from me to you as today at 8.30 AM local time (11.30 PM in "California") I (located in Germany) just received the very same call by the Hindi guy. I stopped the phone call when I was asked to type in "assoc" as I did not know what this means and was afraid to send any hidden information to this unknown guy pretending to call from Microsoft service. I assumed that this may have to do something with the end of Windows XP support by Microsoft. But due to your information this has been going on for a longer time. So thanks again for all participating in this blog sharing information with each other. I will post this as well into my German online community to see whether more calls have been made to Germany today (my guess).
Take care and have a nice day nevertheless.
Cheers,
Guido.
blivis (not verified)
Fri, 05/09/2014 - 14:06
Permalink
got two calls today
i let the caller to go on with his scam while i was surfing the web and reaching this posting.
while he was trying to convince me to do some staff with my computer i asked him to go to this site by giving him the address and after convincing him that the CLSID that he is waving about is generic.
after few seconds while he was reading this post by himself he hanged-up!!!
THANKS Steve!
Johnc (not verified)
Thu, 05/22/2014 - 00:38
Permalink
From aus
Got one of thise calls in Australia, a heavy indian/paki voice.
He asked me to do the run function and type eventvwr, from there i asked how they knew i was having trouble, and apparently my computer is subscribed to their service, rubbish, crap and more rubbish.
Tried to play his game but after a minute told the fool i am a system administrator for a telco, told to F... Off and hung up on the numbnut.
Maybe next time will try and act dumb and play him through, whilst logged into a Vm on the other side of the world.
Perhaps might tell them i am running windows 3.11 instead, see what happens.
sean (not verified)
Fri, 06/13/2014 - 04:57
Permalink
Just happened here in Ireland
Just happened here in Ireland too, Indian accent guy pretending to be microsort, wanted me to do "teamviewer" this is a remote access to computer program. I did not contact him nor do microsoft have my number so i was on guard from the start. So i asked the simplest question. Which i know from previous dealings with microsoft use there own remote access tool, i asked why wont you use microsoft's own remote access tool. He changed tact. Asked me to open/run a "prefetch" Knowing this is only a boot system program i complied. He asked do i know any of these programs i said of course these are my boot programs. So he changed tact, "ok shut that down and try this" he tried few different of these run type codes, i just played along after about 3 of them i got bored. At this point i stopped playing and i said look your not microsoft and i probably know more about computers than you. He tried to speak again. I politely said this phone call is over now and hung up.... I do advise, delaying tactics(misquoting what he says, slowing him down) and searching what he is asking you to do. For your own knowledge base.... DO NOT ALLOW any remote access program to run on your computer ever.
Mark Johnson (not verified)
Sat, 06/14/2014 - 14:31
Permalink
CLSID SCAM
They called me today (again an Indian subcontinent accent) and got quite aggressive when I said that they were taking nonsense. I asked the same "Just who exactly are you?" questions that Steve asked above; but I got less comprehensive answers. I also asked what action the guy expected me to take, though he wouldn't be drawn until I had admitted that I had a problem - which I didn't. Each time that I hung up, he called back - eventually threatening to "block" my Windows license and stop my PCs working. I pointed out that the CLSID line he was quoting was not a unique identifier of either my PC or any software install, but he kept insisting that he and others had "information from my computer". I replied that he wasn't making sense. I wanted him to actually say it, though I got bored before he did; but I assume that he wanted control of my PC in order to "fix" my "problem". The individual that called me was pretty ineffective and sounded desperate - perhaps he only gets paid for those he successfully cons. Rather than wheedling his way in as a potential Samaritan, he was aggressive, hounding and insulting ("I can tell that you don't know much about your PC") After six calls, I disconnected my landline for an hour and they haven't called back. I didn't mind leading him on to get more info, but the only safe response to calls like this is to (1) Give no information, and confirm nothing that they say, and (2) Never give control of your PC to anyone that you don't know well enough to trust. Thanks Steve, regards Mark.
Dakota (not verified)
Thu, 06/26/2014 - 20:57
Permalink
Thanks so much!
Thanks so much!
My mother got this call today, and what with her being terrible with computers she insisted i come over to help. I was immediately suspicious when he couldn't tell me the make, or model of her computer, and VERY worried when he couldnt even give me her correct address
After showing me the CLSID i googled and found this page
I then (pretending i knew more than i do) told him that i knew the number wasn't unique and that this was a scam. He then told me "f*** you" in clearer English than anything else he had said, and hung up the phone
Thanks a ton
Steve Roy
Wed, 07/02/2014 - 09:38
Permalink
Yesterday, 10PM....
Well, they called me again last night! 10PM!!!! I can tell you the call did not last long.
Grrrr! So fed up with these guys!
Keep the comments coming! Glad this help!.
hobiman (not verified)
Tue, 07/08/2014 - 16:03
Permalink
clsid scam
Had phone call this evening in England from "Microsoft" saying my computer had been compromised by hackers and must be fixed otherwise my licence key will be cancelled. I know this is crap but went along with it. Did command prompt and ASSOC to find CLSID which he confirmed then, to prove that they had sent me many warnings, asked me to look at EVENTVWR to find hundreds of errors & warnings which are normal operating gliches, nothing to do with Warnings from Microsoft. Next step would be to log onto a website address which he would tell me. That was enough, I told him he was a liar, didn't work for MS and was running a scam. He said the conversation was being recorded and he would report me to his supervisor so I told him where to shove it. What is significant is that he had my name and telephone number but my previous address of 5 years ago. Just goes to show that your personal data can be held and sold abroad for years to these criminals.
Werner Hofer (not verified)
Sat, 07/19/2014 - 05:53
Permalink
Phone Scam - Windows Customer Support and CLSID
Thank's I just got called!
Body:
Thanks! I just got called today from the same company and same thing happened! Very happy I found your post while taking to them. I'm from Austria. I didn't execute exe- command and cutted off telephone line! 06.19.2014
sam (not verified)
Sat, 07/19/2014 - 15:29
Permalink
I had an almost identical experience.
My wife told me these people had called a few times. Not being very knowledgeable, she thought maybe it was legit, but always told them to call back.
Today I answered the phone, and knew it was a scam as soon as the guy told me in his thick Indian accent that his name was Adam, and his last name was Smith. I told him he should probably choose a better name or try to call much older people. I thought I made it pretty obvious that I knew it was a scam, but he persisted so I decided to humor him.
The story went pretty much as above, except I got as far as being directed to www.myinstantsupport.com, and a link to 'Connect to Technical Support' which was really just a link to download a TeamViewer executable. I was tempted to follow through completely on a windows virtual machine, but didn't really feel like rendering my current one unusable. They asked for my teamviewer ID and password so they could connect and help me remove all these 'malwares' that were corrupting my software (no specific software mentioned, of course).
I was using a good amount of profanity, but not really in a hostile way. I was really surprised they remained on the call so long. I think I got passed around to 3 different guys. Ultimately I told them I wasn't going to be proving them any information, and was told that they would pass all my information on to Microsoft so they could do some verification and ensure I'm running a legit copy of windows. I was told to expect a letter from Microsoft soon. I guess that was their last ditch scare tactic, and then he told me I could "hang on him". I presume they're not supposed to terminate calls themselves, but I just sat there silently until he did.
I relayed the story to my wife, and even showed her this web page, and she is still asking me to run some virus scans on our computers just in case it was real!
Bubbles (not verified)
Fri, 07/25/2014 - 05:37
Permalink
My turn
Hi, this post is great. Just got "the call" second night in a row at 10pm. Told him I didn't believe him and that I knew it was a scam, he trotted out the same bs about the clsid insisting that would prove his bona fidi, which I said, it didn't and that was before I knew about it not being unique. I then said Microsoft don't make unsolicited calls, his response, I'm not from Microsoft; I'm from Windows ! Clearly he isn't from either or he would know, Microsoft is the company and Windows is one Microsoft product, an operating system. I then asked him about the error that was supposedly throwing a red alert he couldn't tell me, but did ask me to turn my computer on, which of course it already was, I made up some cock and bull story about it being my husband's work computer and I refused to make any changes to it, next thing. The call was disconnected ! Funny that
Marilyn (not verified)
Tue, 08/19/2014 - 14:03
Permalink
Windows "Help"
I also received the call. I let him go through his whole spiel and then said, "Hey, who put the Windows program on my Mac?" He hung up.
Hahahaha
Rikke van Berk (not verified)
Thu, 09/04/2014 - 05:52
Permalink
CLSID spam
Hi Steve and others. Just received a similar call in the Netehrlands here. I followed the discussion to a s5tep where I was instrructed to dowload a file form a webite
https://secure.logmeinrescue.com/Customer/Code.aspx
Meanwhile I found your blog on the internet, showing an identical CLSID, which was claimed to be the proof that this was the unique code known by Windows only.
Thanks for your blog it made it easy to debunk the guys.
Tina (not verified)
Fri, 09/05/2014 - 12:35
Permalink
CLSID Crap
I got the call today! They went on how they were from the windows computer repair department. I asked if it was Microsoft and they repeated from the 'windows repair department'. and they were notified that my computer was sending out malicious viruses to all computers via the internet.
They very poorly walked me through cmd prompts, to let me know that they new my CLSID.....then wanted me to tell them my errors in my event logs, all the way to the point where they wanted to have a special technician connect to my computer. Wasted a lot of there time!!! Told them that I am a programmer. I then blew a police whistle in the phone. I just hope others will not fall for their crap......
Tina (not verified)
Fri, 09/05/2014 - 12:35
Permalink
CLSID Crap
I got the call today! They went on how they were from the windows computer repair department. I asked if it was Microsoft and they repeated from the 'windows repair department'. and they were notified that my computer was sending out malicious viruses to all computers via the internet.
They very poorly walked me through cmd prompts, to let me know that they new my CLSID.....then wanted me to tell them my errors in my event logs, all the way to the point where they wanted to have a special technician connect to my computer. Wasted a lot of there time!!! Told them that I am a programmer. I then blew a police whistle in the phone. I just hope others will not fall for their crap......
Ritam108 (not verified)
Fri, 09/05/2014 - 17:40
Permalink
same CLSID, but I strung him out
I got a phone call again from "All Phone Tech Support Co" In Nyc (right) and they successively put 3 Tech Support scammers on the line and I string them out. But I love jamming their radar by saying first thing "Where do I send the money?" (wanting for them to give up where they are really calling from). but of course they just want you to invoke TEamviewer and then they get on and steal your vital info.....
If they weren't so stupid, they might fool someone and their accents are so thick. They are as convincing as a Nigerian email scam..... too bad there aren't enough good-paying jobs for people so that they dont have to resort to scamming
Now here is an idea for advanced techies: could we put a VM Ware product, say install XP on a Windows machine, and put on malicious software which would destroy their computers? (probably not, b/c when they used TeamViewer, they could discover that I was using VMWare.
Anyone can comment on how to scam the scammers, other than wasting their time?
awareness synonym (not verified)
Wed, 10/22/2014 - 01:28
Permalink
Add new comment | Steve Roy
Amazing things here. I am very glad to look your post. Thanks a
lot and I am looking forward to touch you. Will you please drop me a
e-mail?
Commuter (not verified)
Fri, 09/12/2014 - 12:50
Permalink
Made a Terroristic Threat to Me
I received a call from "Windows" today. Knowing it was a scam, I played along just to take up their time.
After pointing out that there "proof" doesn't mean anything they kept trying. When I had enough, I told them
"Just a minute, there is someone at the door" and set the phone down.
After about 10 minutes, I picked up the phone to find that he had hung up. A few minutes after hanging up he called back, and using his best english yet, he was insulting my manhood and telling me what I could do to myself. This went on for a while.
I asked who is this?
Frank Howard.
Where are you calling from?
Pakistan. I am a terrorist. There is a bomb in your house. There are 4 bombs.
Oh Yea, What is my address?
There is a bomb in your house you better leave.
He hung up.
I reported this to the BBB and a local TV station so, hopefully, they can get the word out to people who may be more trusting than me.
John (not verified)
Sat, 09/20/2014 - 14:32
Permalink
I just had this happen last
I just had this happen last night , Sept. 19. I thought it was a scam and did not know till I read this post that the CLSID is on all our XP computers. I strung the guy and his partner out for an hour trying to get them to prove they were really from Microsoft. I eventually hung up on them as we got into our profanity laced rants. Now I feel better. I wonder what would happen if I gave them control?
CA (not verified)
Tue, 09/23/2014 - 07:08
Permalink
I got the very insistent calls yesterday
Glad to know the CLS ID is not unique. I knew it was a scam, as why would Microsoft monitor your computer and protect you from problems for free, but I had some time to kill so I played along for a while, I figure wasting their time could only help prevent the scam from continuing. The manager was even more insistent than the initial caller. Does anyone know the purpose of this scam are they trying to infect your computer or sell you something? It seems like a lot of effort to go through just to put a virus on someone's computer.
Rasa McClure (not verified)
Mon, 10/06/2014 - 00:43
Permalink
Many thanks
I have received a call this morning. Guy did have Indian accent but it was not heave, so could easily pass for someone who immigrated into English speaking country.
While talking to him I googled CLS and found your post. Thank you a lot!!!
JT (not verified)
Fri, 10/10/2014 - 20:10
Permalink
Kept them going for 50+ minutes
I got called this evening. Led them on for almost an hour. Great fun. They got so frustrated!
Shams Karim (not verified)
Thu, 10/16/2014 - 16:10
Permalink
I got the phone call today,
I got the phone call today, asking me my clsid. I asked where she was calling from, she replied Ottawa (Canada Capital), I asked if she was Canadian she replied yes. I asked her if she drive, the answer was yes. I asked her if you drive west of Ottawa to Toronto how long it will take for her to arrive to Toronto, she hung up one me. I received a similar call few months ago, this caller was from India, In a nut shell, she become my overseas girl friend. She was trying to sell some software, that's all. Ask questions , like what is his/her licence plate number, weather, current time, distance from one city to another..... It's truly a scam ...
Marianna (not verified)
Mon, 11/17/2014 - 16:02
Permalink
I laughed so hard! Spilled my hot tea all over.
You are brilliant I wish I thought of it.
P. Klein (not verified)
Mon, 10/20/2014 - 07:28
Permalink
They have moved on to calling France now
It is our turn in France, and the story is pretty much the same as above, but I was unfamiliar with this scam, so wanted to see where it went. In the beginning I questioned him about how Microsoft had my name and number, but he just repeated with annoyed urgency that I have errors that need fixed, and told me my name. So he has a phone book, I should be convinced?
I went along with everything he told me, including the CLSID, and then on to support.me. Then I knew the scam. He wanted me to enter the number, but didn't bother explaining that this was to connect remotely, which I would never allow. I could go along with him no further, soI refused, and by this time I had enough to Google the keywords to find what he was trying to do.
When I refused to put in the numbers, he became angry and insistent that I had to fix my computer. Then I decided to tell him it was a scam, and I would not consider entering the numbers. He yelled "shut up! shut up!" I decided I had had enough, told him "f*** you" and hung up.
About two hours later, I got a call from a woman with an even more difficult accent who was instead from "computer service support". I told her I had already spoken to her colleague about the scam , and I wasn't interested, and hung up without waiting for a response. Hopefully they don't keep calling.
P. Klein (not verified)
Mon, 10/20/2014 - 08:54
Permalink
I just thought of a great torment
If they call me back again, I am going to play along until I get to the CLSID, and after he reads it out, I am going to tell him it is wrong. No matter how much he argues, I am going to insist it is wrong, and not even close. I will read out a fake number. In order to prove I am a liar, he will have to admit it is the same on every Windows computer.
I'm almost hoping they call back now.
Marianna (not verified)
Mon, 11/17/2014 - 15:59
Permalink
OMG, that's a great idea.
I approve and if I get a second call I will defiantly try the same thing. :)
Ray (not verified)
Wed, 11/05/2014 - 00:17
Permalink
Phone scam threat from tech support
I lead the guy from England on for over an hour but would not down load the remote access software from anydesk.com.
He insisted, that if I did not do as he asked, he would remove the cls ID code from my computer and Microsoft would not give it back for 5 years. I could then not use my computer for 5 years. The removal would happen an hour after we hung up if I did not follow his instructions. He also said I was not a smart man for not believing him. Nothing would happen to my computer, he said, if I did what he ask me to do. When I told him Microsoft does not make threats over the phone at 10:00 PM, he insisted that it was the people that had put the virus on the computer that were making the treat and that Microsoft was just doing what they had to do to protect themselves from letting this spread.
He made sure I knew the event errors are hard to remove. He had me hit the delete key and right click to see if the log entry could be removed when I was looking at the error log. When I ask if the removal would cost me anything, he said that it would depend on what the technician would find.
Even telling him I was a computer technician did not seem to phase him.
The Network Access Protocol, NAT, is not supposed to be running on a home computer. The fact that it was not running was why I was suppose to be concerned and why I should believe he had my best interest at heart.
It sickens me to think these guys are making money on unsuspecting people. He was very persuasive, at times, even to me a computer technician. I can see how someone, not knowing much about computers, could easily be convinced he was for real.
How do we stop these guys?
Amanda Lewis (not verified)
Sat, 11/08/2014 - 03:16
Permalink
They are in the UK now ...
They are in the UK now. I have just hung up on 'PC experts' with the same story, same 'ID Licence number'. They called me on the landline which I never put on purchase documents so I asked them to call me back on my mobile. When they asked me for the number I knew they were not for real as they should have had it if they were associated with the company I had purchased the PC from.
Please continue to get the message spread as I found it a very harrowing experience.
Marianna (not verified)
Mon, 11/17/2014 - 15:54
Permalink
I am in Texas and got the same call!
I am in Texas and today I got the call from a phone # 918509251076 (which is not a US number) from an "American" named Sally who was defiantly not a Sally or an American. While she was on the phone telling me I got a virus all I wanted to know was how did she get my cell phone # which is on the DO NOT CALL LIST here in the US. She said well when you buy a computer your CSL ID is registered to your phone number. (BULLSHIT). She started to get an attitude with me 2 minutes in the conversation because all I wanted to know was how she got my number. I told her I wanted her to take me off her list immediately. She had the audacity to tell me no. So I told her I am on the DO NOT CALL LIST in the US and I don't have a problem suing her for calling me. All she kept saying is "if you don't believe me just follow my instructions and you will see that I have your exact CSL ID number." While she was trying to make me follow her instructions (which I was never going to do), I was searching about their company on Google. Thanks to you I knew it was a scam but had more information to fight her off. :) I knew what she was saying was a scam because I work for the largest antivirus company here in the US and I have tight security on my computer (the best of the best because let's be honest I get it for free :)). I told her not to ever call me again and she said "You are not listening to me, I will call you again tomorrow." I swear to God, I wish she does call me tomorrow because I will record the conversation and take it to our lawyers at my office.
I am still shocked and worried about this scam. If this called happened to my parents they would freak out and try everything to get it "fixed." I hope enough people read this and research before handing their CC over to these assholes.
Claude Thibault (not verified)
Wed, 11/26/2014 - 07:48
Permalink
I just got a call too...she went on and on and on...I got had...
Hi,
Whoever started this page about this scam, THANKS.
I just got a call this company stating pretty much the same hard-to-believe claims that my computer was taken over by hackers in other countries etc etc etc.
Nonetheless I got HAD...I installed anydesk - like the indian-accent lady wanted - and they (there was a technician using anydesk on my computer) showed me all the damage with msconfig, etc, etc...
Anyway the lady went on and on and on and on, I just go fed up and physically disconnected my internet connection not believing anything anymore and hung up.
I litterally disconnected everything from my computer, rebooted the computer, erased anydesk and that was the end of that...
Pages