I occasionally get a call that I suspect originated in India

[G+_William Burlingame]

I occasionally get a call that I suspect originated in India.  I’m told they are Microsoft Windows technical support and they’ve noticed that my computer is transmitting data that indicates my computer is infected with malware. They use a name that makes you think that actually are calling on behalf of Microsoft, but use a variant of the Microsoft name.  I’ve handled these calls several ways that includes hanging up and leading them on.  I’ve never got to the place where I gave them remote access to my computer.  I was wondering if I installed a virtual machine and gave them access to the virtual machine, is there a way they could get access outside the virtual machine?  I was thinking about setting up several virtual machines with different operating systems that include not only Windows, but variants of Linux. 

[G+_Nick Barlow]

Microsoft will NEVER call you out of the blue. Just hang up or have fun with them and act like you are doing whatever they are asking then before you give out any information act like your computer is starting to smoke and tell them "great now my computer is fried, it is your fault now I want to know how you plan on paying me for this computer you just destroyed!"

[G+_Jim Sauber]

I have gotten these calls too this is a scam. You should hang up on them. On second thought, if you have the time keep them tied up as long as possible to reduce the number of other people they can ripoff.

[G+_Russ Hall]

Don't do like my friend and let them remote in to your machine!

[G+_William Burlingame]

If you read my post, I think you would realize I know it's a scam, but I'd like to play around with them by using something like VirtualBox if I can do it safely. I assume they want to put some malware onto your computer and either sell you something to clean it up or to steal sensitive data.  If they load it onto a virtual computer, I should be able to dump it later.  My question is, can they reach outside the virtual machine?

[G+_Travis Hershberger]

A windows vm with nothing else on it is perfect for this sort of thing.  Keep a clone around for after they mess it up for you.

[G+_William Burlingame]

Travis Hershberger, thanks.  That's what I wanted to know.  I'm retired and I sometimes I have nothing better to do than to play games with scammers.  I'd just delete that instance of the OS when done and set up a new one.  I wouldn't put any personal data in the vm. I have copies of Win 8.1, Win 7, XP  and Win 2K. It should be interesting to have them remote into Win 2K if it will support the remote they use.

[G+_Fr. Robert Ballecer, SJ]

William Burlingame a properly setup VM will have NO visibility of the system on which it actually exists. 

 

Unfortunately, they just give you a site to access which installs the malware. It's not all that dramatic. :( 

 

(I know... I tried.) 

[G+_Fr. Robert Ballecer, SJ]

Folks... I'm gonna step in here because I think some of us have misread Mr. William Burlingame 's post.

 

He "KNOWS" that this is a scam. 

 

He's just trying to figure out the best way to waste their time... perhaps with a Virtual Machine that he could mistreat in order to let the scamster think they have control over his computer.

 

It wouldn't really work... not the way we want it to, but it's a good idea if you're into scambaiting. :)

[G+_Jim Sauber]

Apologize William. Yes, wasting their time is good to save others. Steve Gibson talked about a VMware virus, but if it were me, I would doubt that this scam used it. So a virtual device should be safe. Sounds like a good time. Maybe record the discussion for internet entertainment.

[G+_William Burlingame]

Fr. Robert Ballecer, SJ "It wouldn't really work... not the way we want it to..."

  I don't understand why it wouldn't work.  Would I be putting myself at risk or is just a waste of time? On one of those calls I had a few months ago, I was able to get the person to start swearing at me. Thanks Padre for intervening.

[G+_Jason Perry]

Is it possible to pull data from them in this process or are they just getting you to do all the work?

 

I lead them on once, I told them this can't be right I am running nine Ubuntu. The response was well Microsoft owns them to they own all of them. When their directions didn't work he decided to ask one of his coworkers what Ubuntu was and how do I get him to install the malware.

 

Oh and my guy was from South Africa. When I hung up on him he called me back and forgot to use the spoofed number line.

[G+_William Burlingame]

Jason Perry, I assumed they had a higher level of technical skill  than that.  

[G+_Timothy Waters]

Only if you could reverse load a custom malware as they remote into your system.