Today I had the most interesting experience – someone attempted to “hack” my PC by phone. Around 3PM I got a call from “9-1227″ who claimed they were from my “PC Support Department” who informed me that my PC was running slow due to “corrupt files” and that they could help me diagnose and fix the problem. The caller got me to open “Event Viewer” (I had to lie about where I was clicking since he assumed I was using XP) and then informed me that every “error” and “warning” inside there was a record of a corrupt file and that my PC was dying.
This is where the fun started as he thought he had an idiot user on the phone and told me he would connect me to his senior tech who would help me solve the problem. At this point I started capturing the RTP from my phone. Here’s the audio from that call transcoded from G729 to MP3. If you listen to the call, you will hear how I play dumb for the entire time while he attempts to get me to go to “logmein123.com” and enter a code to let the repair person “fix” my PC. I let them connect to an XP VM I had lying around for a few minutes and they started to download some spyware application, so I killed the VM when the download was about 50% complete. They then called me back several times to try to get me to reconnect, but I explained that I was having internet issues and kept getting “Page Cannot be Displayed” to waste more of their time. In the end, I think they spent close to an hour trying to get me to let them on my PC.
What amazes me is that the value of hijacking a single PC is worth an hour of some random hackers time – I’ve never heard of this type of scam before and I’m sure that if I was an average PC user who wasn’t technically savvy I might believe that someone from the “support department” of the “PC company” was calling to help speed up my PC. So if you have any non-technical users in your life alert them to this new trend before they let some random person access their PC.
PS – logmein.com – you need an abuse department.
1 Comment for Phishing by Phone
Leave a comment!
You must be logged in to post a comment.