I am able to escape scams and cons most of the time, but last week I got suckered in half-way into a phone con. I then had to entirely re-establish my computer from scratch – thus losing quite a bit of time.
Why? I managed to give access to India conmen into my computer.
I've later found that these people have been doing such things from a pretty long time. They clearly have not been caught.
In brief, this is what happened:
1. I was told over phone (by a person claiming to be from Telstra) that my computer has been hacked and is sending out bad information into the internet which is causing trouble to Telstra, so they need to fix it else they have to shut down my internet connection. I asked for the name of the caller. He was Indian sounding, but gave his name as Henry Jones. OK. I noted it down.
2. They said they'd show me that I had a severe problem. I was asked to run "eventvwr" (windows/run). When the program opened, I was asked to go into "windows log" > "application". They showed me one event which had an "error" message. I clicked on it (and took a screenshot, attached – click for larger image below)
I clicked the 'error' and found this indecipherable information:
3. I assumed that "Telstra" were right, and that someone had indeed hacked into my computer. So I asked them what was the solution. They said they need me to run the following command: www.pcresolutions.com. That opened my browser and I went to a company website that showed some numbers. They asked me to click "OK", at which a software was downloaded on my computer (AA_V3.3.EXE – it is still with me on my computer) and they got control over my computer.
4. They then showed me that I had over 500 errors. They moved around quickly and showed me a page according to which my Windows version is not genuine. That was absolute nonsense, since I knew this was a fully genuine version. I asked to speak with their supervisor. A person came on (very quickly) and gave the name Ethen Brown, Sr. Technician (another male voice, from India).
5. He said I had to get the remedy from Microsoft, by purchasing genuine software for $5. A screen would presumably come up on my computer and I'd have to provide my credit card details. I was not satisfied so asked for their supervisor. The person (once again Indian) said his name was Gulla. By now I knew this was a con. I said I'm happy for Telstra to cut off my internet, so I can pursue this separately.
6. I then powered down my computer. At this foul abuse was showered on me (in Hindi). I was then asked whether I understand Hindi. I said that's none of their business and put down the phone.
7. The person called back in a minute and abused me further. I put down the phone. During the entire call I heard a lot of active voices on the phone while this was going on.
When I restarted my computer, I was unable to get in. A weird screen came up requiring a password. Clearly, they had hacked my computer.
Fortunately, I store my program files entirely separate to my data files. I therefore re-installed Windows in another partition in a separate part of my 2-disk (each 2TB) system. Took me around 2 hours to re-establish most key programs.
I'll report this blog post to Telstra and to the Police for their information. I'm also storing the downloaded software on my computer in case any authority wishes to investigate further. They should (hopefully) also be able to trace the source of origin of the phone call. Clearly some place in north India, most likely in the NCR.
This seems to be kind of CRIMINAL call centre operating from NCR in India – a gang that hacks into people's computers and steals their credit cards.
MY REPORT TO TELSTRA. Very hard to contact these guys, so I've provided a report on their FB page:
I've decided to not waste time reporting to the police, given my previous experience with them. In this case, since I've not been directly defrauded, they probably won't even start any investigation.
Telstra's quick response:
Im sorry to hear that you had to go through this experience.
This is certainly a known scam that is circulating at the moment. They have been very active and we are getting many reports of this. We are doing all we can to try and stop these Scam Artists.
For guidance on how to handle these types of calls (Do & Don't s) I have included the following link: http://bit.ly/QHFSC4
I would recommend you speak to our Unwelcomed calls Team. You can contact them on 1800805996. They can assist you with this issue, and you can log a report against them.
If you receive a Telstra/BigPond-branded scam:
Check our phishing scam: http://go.telstra.com.au/…/warning-bigpond-telstra…
Visit Telstra's Internet and Cyber-Safety page to learn more about protecting yourself: http://www.telstra.com.au/abouttelstra/advice/internet/
Report it to Telstra via the BigPond Misuse of Service webform:https://service.telstra.com.au/…/Report_misuse_of_service
You can also lodge this via Scamwatch to see if it is a known scam:https://www.scamwatch.gov.au/…/index.phtml/tag/reportascam
As always, if you are a not sure if it is a genuine Telstra call, its always best to contact us yourself before you give them any personal information or accept any "dubious" sounding offers.
Regards – Tom
Further advice from a reader (I've forwarded this to CBI)
CBI Cyber Crime Cell:
Superintendent of Police,
Cyber Crime Investigation Cell
Central Bureau of Investigation,
5th Floor, Block No.3,
New Delhi – 3
Web site: http://cbi.nic.in