Phishing Index: Microsoft Tech Support

Phishing Index > Vishing Index > Microsoft Tech Support

The "Microsoft Tech Support" phishing over the phone (vishing) scam is a fatal scam that crooks use. This is the scene when "X" gets infected. (Note: I have never gotten this type of call, but I know about it.) Italic text is the crook speaking.

X got a phone call. He picks it up. "Hello, Microsoft Tech Support. There's a sneaky virus on Microsoft computers. I wanna check if you have one."

X gets freaked out. "Okay. 1876 Artesian Avenue, Chicago."

"Okay. When are you available? I have some other appointments today."
"3:00."
"KK. When I come, then you need to fill out a payment form. Okay?"
"Um, okay."
"Great. See you at 3!"

The crook hangs up. Too late. X knew what was coming.

Tick, tick, the clock goes. The grandfather clock chimes every hour. Then, the grandfather clock chimes three times. The doorbell rings. X hears a knock. "I'm not answering," he whispered to himself.

And on the story goes...

The crook can steal, damage your computer(s), and mess up your whole house.
......

Reveton Virus

The Reveton Virus operates on the Citadel software platform. The virus directs you to a drive-by website, and once you leave, you will get a message that freezes you computer that says it is from the FBI and says that you have violated US law about copyright infringement. No more accessing the computer. At the top of the screen is a message saying that to release the message, you have to pay a fine. THIS IS A FRAUD. This is where life or "death" come in. Now, I suggest you take the computer for a visit to a computer professional.

"First: Don't panic. (Fear is the mind killer.)
If asked to enter a form of payment, credit card, or personal information into any web window you did not specifically request, do not do so.
If you have already paid (or somehow manage to bypass the lock), you’re not out the woods yet. There may still be malware running on your computer that can impact your privacy or security. Contact a Geek Squad Agent through our Online Support website, by phone at 1-800 GEEK SQUAD, or at a Geek Squad Precinct in a Best Buy store near you."

From GeekSquad

This is the scene:

"So you’re sitting there, innocently using your computer, when a window flashes on the screen, bearing the logo of the FBI. You’ve been locked out of your computer for breaking some not-too-specifically-identified copyright law. The solution on the screen? Pay a fine to the “FBI” to “unlock” your computer and use it again."

FROM GEEKSQUAD

DNSChanger: Saved?

DNSChanger is said to be down, as rogue DNS servers are shut down. However, the DNSChanger English website is down, but I took note of a website that still may be able to detect DNSChanger. It's German. You can access it via the DCWG website, but be sure! If you are infected, you actually may see a message saying that you are not.

Anyways... *zip!* just watch out for ads, viruses, and other suspicious malware.

Internet Servers Going Dark

Tomorrow, to fix up this DNSChanger, on Monday, July 9, the FBI is shutting down internet servers.

Please review the two blogs about DNSChanger.

This reroutes legitimate DNS to a rogue DNS server operated by a criminal, and the criminal is a "personal spyware" and sees the activity.

If your main like is on the Internet and you don't have much else you like to do, then entertain yourself in another way! You can read a book, even play a game, or perhaps writing documents!

Again, refer the the DNSChanger detector website, and the provided link is here.

Green: Not Infected

Red: Infected

You can check the DNS servers that you are using by referring to the two of my blogs.

Antivirus Systems

Hi. The blog is back, and the Technology Safety Blog will guide you to the antivirus systems. My family uses all top 3 of my point of view (and on users).

There are a lot out there, and what do you know? Someone might be creating one!

However, some are bad, some are good. I highly recommend AVG. It has lots of scans, such as an anti-root kit scan, a simple virus-spyware-malware scan, and so on.

AVG also doesn't take up much space on your computer. Just don't trust its ratings about Zwinky. It's a virus, I clicked it when I was 3 on my COMPAC, and my mom told me something, and I told my cousin not to play it.

If you don't choose AVG, or want a second antivirus, I recommend Avast! Antivirus. It's technically good, but it still can't beat AVG for me! We used it on one of our older computers, as AVG was on my "Papaya", really the papaya Aspire One Acer computer. The older computer got... cranky.

If you want a third layer, or not Avast! or AVG, I choose Avira AntiVir. My cousin and her family uses it (oh, and that's my other cousin), and... it works... okay. It's the oldest, but newer than the COMPAC and Toshiba.

Anyways...

worry about DNSChanger!

[DISCLAIMER: MY COPY OF ZWINKY WAS MALICIOUS]

New Windows Instructions and Rogue DNS Servers

Hi! Back with the Technology Blog, the DNSChanger is going hot now. I could tell, some people rushing to disconnect, maybe someone wiping out their hard drive, you might not know that you might not be infected by DNSChanger, but another virus or malware such as a redirecting virus (not DNSChanger).

There are two ways to figure out Windows instructions, but I'll tell you the limits first. The limits are:

85.255.112.0 through 85.225.127.255

67.2010.0.0 through 67.210.15.255

93.188.160.0 through 93.188.167.255

77.67.83.0 through 77.67.83.255

213.109.64.0 through 213.109.79.255

64.28.176.0 through 64.28.191.255

If you have these, please note that you may be infected by DNSChanger.

For windows, the complex way is to launch the Command Prompt, under Accessories under Programs in the start window, or search Command Prompt in the search bar.

Type cmd.exe.

Type ipconfig /all

Look for the entry: DNS Servers...

and check your DNS servers for the rogue DNS servers. To make it more convenient, I'm going to list them down here.

85.255.112.0 through 85.225.127.255

67.2010.0.0 through 67.210.15.255

93.188.160.0 through 93.188.167.255

77.67.83.0 through 77.67.83.255

213.109.64.0 through 213.109.79.255

64.28.176.0 through 64.28.191.255

The other way is quite simple, though you have to make sure that you're correct.

Click on Start, then My Network Places.

Select Network Connections, then click the active connection. Make sure you are not connected to another in-range, especially if you live in an apartment.

Click Support > Details and see the DNS servers. Again, take note and see if any of those DNS Servers are rogue.

Until next time...

be aware!

Ways To See the Catastrophic DNSChanger: Affected?

Ways to see to catastrophic DNSChanger

The easiest way is to go to here. If there is a green background, you are not infected. If it is red, then you are infected.

I won't get directed there, right? You will arrive there.

The second way is harder. I provide only Apple instructions, but you shouldn't have trouble on the Windows, as this is Network–DNS. Right?

On Apple computers, launch System Preferences. Click Network, then click Advanced. Click DNS, and see if your DNS servers are one of these limits:

(coming later)

DNSChanger

This is a brief guide.

You might be infected with a malware called DNSChanger.

DNSChanger directs you to fraudulent websites, or a rogue DNS. A group of hackers, 6 Estonians and 1 Russians ran this across the internet.

See a future blog to find out one way to figure out if you are affected.

Find a website that tells you if you have the malware.

Note: Internet servers are shutting down on Monday, July 9 for the (something, I don't want them to check up) to do something (again).