Image by lamont_cranston via Flickr

There is a Anti-Virus phone scam doing the rounds in Bendigo/Australia, and it is kind of a good one.  I got a call yesterday so I thought I should post the details to provide lolz to those who know and info to those who wouldn’t.

I was home working on stuff for class, when I received a call from a software security company, with an instantly forgettable name, but a Indian accented operator.  I was told that they had detected that my computer had some malicious software on it.  I looked around at the 4 computers that I was working with and asked which one.(Side Note: I have 6 running in the house that I use, with Win XP, Win 7, Snow Leopard, Ubuntu 10,04, and FreeNas.  Not to mention my Server 2008 test servers.)

This stumped her for a second but then the operator asked me to go to a Window machine.  Again I quizzed “which one?”, but it seemed that any one would do.  You might think that I should be hanging up at this point, but I had time and curiosity was getting the better of me.  She was my first Scam call, and I was going to play along to the end.

I was pretty confident that my systems were clean, so what was the harm...  Once I was at the keyboard I was asked to hit “Ctrl” and “R” buttons which brings up the Run box, and then type in “prefetch”.  This brought up a win explorer window showing the contents of the prefetch folder.  Once I had done this and let the operator know that I was looking at lots of files, I was told that they were all malware and viruses.

I LOL’ed, the operator hung up.  I think to keep the call going I should have gasped in horror, and begged her to fix it.  Then she would have offered me a deal on some anti-virus/anti-malware software for the over the phone credit card payment of “insert reasonable sum here”.

It is a good scam.  Show any user the contents of a system folder on a computer, and call the files malicious and you will be pulling the files out of the trash in no time.  People are scared of what they don’t know and in the IT world there is a lot we don’t know.  The same would happen if you opened the bonnet on a car and said “there’s your problem, too many wires”.

With all the hype over cyber attacks, viruses, teenagers, and spy-ware it is no wonder that this kind of social engineering attack would work.  The only real way to not be caught by the scam is to know about it, or be a IT professional.  I’m sure that if they had chosen to pick on the washing machine or that thing you cook things in, the scam may have been effective.  But you have to wonder if they rang 50 numbers for the day and spoke with 30 people, fooled 6 (1 in 5 Sales principle) and charged $49 or $79 sale, that's a nice profit, especially if you have a call centre at your disposal.

This is not a new scam if you do some searching, there are a number of posts going back a few years.  So maybe it’s starting the rounds again, so please get your own tech person that you trust and use them.

Jason Remnant

...if it isn’t Broken, just run “prefetch”.