just got a phone call my computer was infected so played along right up to the point where this p...

[G+_Rud Dog]

just got a phone call my computer was infected so played along right up to the point where this person wanted me to enter the following in my run command:

.u.u.usuremofree.com

Of course I did not enter this just wrote it down to share. I am aware this is happening as reviewed on security shows but never had the call. Does anyone know what the url allows them to do?

[G+_Seth Leedy]

Either take control through an exploit, or simply download a file for them to remote control to "fix" your issue. Often leaving a remote desktop installed as well.

[G+_Rud Dog]

Thanks, what I found interesting was the .u.u.u dot com entry at the run command didn't know you could run browser url, if that what it is, from the run command.

[G+_Rud Dog]

Just tried http://msn.com and indeed it works slick aren't they?

[G+_Ben Reese]

Ha. I bet .u.u.u was supposed to be www.

 

Its unlikely though that the website alone would infect your system. Not that it couldn't, just not likely. I'm sure there was some remote access software on that site they wanted you to install.

 

Regardless. Well done not complying! Why can't these sites be DDOSed instead of GRC?

[G+_Seth Leedy]

Whenever I get these calls, I put my IT skills to work, just like this guy wrote: https://plus.google.com/+ChrisBlasko/posts/GzCuzTyUXNq

[G+_Rud Dog]

He was so careful make sure I was getting each and every word or letter correctly "dot u as in ultra ....etc. Was finding it difficult to stop from laughing but it was their turn to feel a waste of time be it even so little as was dealt them. 

[G+_Rud Dog]

Seth Leedy That had me enjoying handing them the stick brown side first.

[G+_Black Merc]

Run that command on a honeypot VM and see what happens.

[G+_Monte Bourque]

What they generally get you to do is go to the run command and get you to open up the error logs, which of course will show errors. Those errors by the way are normal. The uninitiated will now believe the person on the phone that their computer is infected.... Then the next step is to go to a site not unlike the one you posted to download remote access software, in which they kindly guide you through. They then take control of your pc, and threaten to delete stuff unless you pay them what they want.

[G+_Rud Dog]

Black Merc End the suspense what happens?

[G+_Rud Dog]

And they are so friendly if only tech support was as helpful and patient at the hackers.

[G+_Ben Reese]

I'd visit the site, but can't seem to figure out exactly what it is. The closest thing I could think of is suremote.com and it's for sale.

[G+_Ben Reese]

As for honey pots... Search the YouTubes. There are a few who have conned the cons. Even heard one story of a guy using a zero-day exploit he found in the remote control software to take control of the callers PC... That would make for a fun support call!!

[G+_Rud Dog]

If one thing good came of this it seems my phone screening has been reduced by a few calls guess these guys are persistent.