Pages

Friday 3 July 2020

Day 109 of self-isolation - A scammer is spanked

A scammer is spanked

I got a phone call from Mark at Microsoft Department. They've billed me for £299, do I want to cancel this? "Yes please," and the game was afoot.

We did some preliminary stuff - it wouldn't do to be too eager to fall for their scam. So I asked them which credit card this was on, and, obviously, they wouldn't tell me, because "this is a recorded line".

So then we got down to the meat of the scam. He talked me though going to their web site www.eonlinerefund.com. I did a whois on that, and it's based in West Bengal, India. No surprise there.

At their web site, there were several remote control possibilities, "Remote PC", "Anyplace", "Supremo" and others. He told me to click on Remote PC, which I did. A few clicks later, he gave me their code number to use. Bingo! Perfect. So we continued, and then I told him that my computer rebooted. So he talked me though going to "Remote PC" again, same effect. So he tried Anyplace. Similar problem. And then Anydesk. And guess what - rebooted again.

At that point, he became suspicious, and accused me of wasting his time. Well, yes. About two hours, altogether. But I didn't admit it, and went into a long riff about how he had called me, and he was rebooting my computer, and I want my £299 back, and I'm going to tell my credit card company, and just as I stopped to take breath, he hung up on me.

But it doesn't end there.

I phoned "Remote PC". I soon got through to someone who was also a security professional, and I told him what had happened, including that nine digit code number, which will allow the Remote PC people to track down who it is (I also told him the IP address of the web site, and the fact that the whois identified it as West Bengal).

He took the whole thing very seriously - no-ne wants their software to be used by a scammer. I think they've had a few reports of this before, but even if they hadn't, everyone knows that this is going on. The difference in this case, was that nine digit code number. I do believe that they will take action.

I also suggestedd that, once they hae the culprits identified, that they contact the other companies whose remote access software is being used for scamming.

It's nice to do my bit in closing down these criminals.


5 comments:

  1. I will report this to the cybercrime cell in india. w

    ReplyDelete
  2. He called me today. I pretended to follow his instructions. He asked me what I could see on the screen. I said "overpayment scams work by getting you to refund the scammer" He swore and hung up. Must say his swearing isn't quite in the same league as mine.

    ReplyDelete
  3. I got this call just now - it was an automated message to say my Amazon Prime sub was due. I don't have a sub, so I pressed 1 to speak to an Indian gent, who asked me to go onto the eonline.com refund site. I googled it and found your blog, and told him to F** Off.

    ReplyDelete
  4. I'm delighted that my blog helped you

    ReplyDelete