Phone Scam - Windows Customer Support and CLSID

I love these calls. I play along with them, until it dawns on the "technician" on the other end of the line that I'm running Linux.

If you're uncertain, ask for a number to call back and the name of the guy because you're not near your computer at the moment. They'll hang up.

We live in Switzerland and had the same phone calls in October and November, the latest one 11/27 2014, Indian accent, he claimed to call from London, but had the caller-ID suppressed. After an initial scepticism I have been more and more polite and cooperated as far as I could go without the risk of compromising my computer. I badly wanted to find out, what the goal of these probably expensive long-distance calls might be. Even though I am a Linux user I overcame my preference and booted a Windows installation, then started the event viewer exactly as he told me. So I could confirm the numerous error and warning messages we found on my computer and which he used as an evidence for the necessity of his support. The most recent one for example was a DHCP error and can easily be explained by the fact, that this PC as a DHCP client was not yet connected to my DHCP server at that time. In order to check the IT knowledge of my "supporter", I asked him, what DHCP means. He escaped into some stereotype repeated nonsense explanations. So at least, it was clear that he himself has sparse IT knowledge. I only stopped my collaboration, when he wanted me to execute some remote control tool from the internet. BTW he gave me no explanation about the suppressed phone caller ID. When I asked for his name, he said Jack Wilson, which perfectly fits his Indian accent;-) He promised to send me an email with all the details about his company, that should assure me of the trustworthiness of his intentions. If I don't want to give him my email address, ok, he said, not necessary, because he knows my email address anyway. Sure, I answered, and we said good bye.
In the most recent call from "windows technical center" the supporter was a different person and he spoke English more fluently. The conversation was more and more amicable. He really is a nice guy. I slowly started to consider the possibility, that he represented some serious startup company, badly trying to find first customers for their PC support business. If only he would come down from his fantastic explanations and stories!
Why he called just me? Because he has got my name from the computer license, which is comparable to a driving license. When I turn on my computer, my licence number is sent via "network tower", which I should be able to see from my roof top, to a satellite, then to the internet and to his company.
Why their office in London is not mentionned in "their" US company's web site, he gave me? Because it's hard to adapt the site to the frequent changes of their phone number, because the web site is maintained by the government. Yes that was the term he used.
Why I cannot call him via the mentionned web site in the states? Because it's midnight there, when my local Swiss time is 3pm. (Ok, must be in the very far West ;-) But finally he didn't gave me his UK number either.
I frankly told him, that this time I was only running Linux and unfortunately could not execute windows software. Nevertheless he guided me to several *.exe tools to be executed on my PC. Maybe that I could have done so anyway via the wine meta package, but of course I didn't wanted to do so. Then in fact he guided me to a web site with a *.deb installation for Linux, probably some neutral third party remote control or collaboration tool.
At this point, I had to confess to him, too, that all the time I only wanted to find out, was his real intentions were. He kept his really friendly attitude, but also kept his role of the favorable assistant. The only time, he hesitated was, when I told him that I am myself an engineer.
All in all, we had a long an nice talk, he gave me a few web addresses, probably belonging to some third party companies with no relations to his business at all. But I didn't found out, what all of his or their effort was aiming at. Gaining control over one more computer for a future DOS attack? Too much effort. Install a keystroke logger for spying out a password or credit card number or PIN code? Is probably no longer sufficient for compromising a financial transaction. Or are these guys after all really trying to help people with PC-Problems? Why not, maybe I am prejudiced against such selfless offers. If only you would do so without these technical phantasy stories, by which you lose all your credibility, Jack and Justin.

Same message. I asked him for the CLSID. I pretended to check my Computer and just said the numbers do not match. That confused the hell out of him and he gave up. Now you good people do not go blaming all Indians as scammers. There are more of us on the Good side. I wish I could spray Chilli pepper in the undies of these scammers(Ouch!)

Just got the usual scammer, the same CLSID, all that. I asked where his snail mail address was.
"What?" "Are you in Washington?"
"No." "Where then?"
"North Dakota." "What city?"
"Wells Fargo." I asked him what the street address was, but pretty much lost it by then. He called back 6 times in search of the "f*ckin' lady," then quit.

got a call today for this.. btw my conputer is slow and just got repaired mb and hd, and i had to do an image recovery and can't seem to update my bios. so i was not in my normal mood to call it BS!
I was suspicious, but went along for awhile... sounded bad, they can't spell verywell and probably don't live in the area.
I was about to hand over the keys.... but then told them that i was first going to check the uniqueness of the CLSID, and that's when I found out. saved by the bell!!!

got a call today for this.. btw my computer is slow and just got repaired mb and hd, and i had to do an image recovery and can't seem to update my bios. so i was not in my normal mood to call it BS!
I was suspicious, but went along for awhile... sounded bad, they can't spell verywell and probably don't live in the area.
I was about to hand over the keys.... but then told them that i was first going to check the uniqueness of the CLSID, and that's when I found out. saved by the bell!!!

Thank you for all this information!Got this phone call this morning too, in Spain. I told the lady I didnt have a PC and she called me a liar for not wanting me to open my computer. Thankful that something clicked in my head before it was too late!

I'm in Wales. Same spiel. Asian guy called "Leon". Seemed more realistic than most of the callers I get - persistent too, I put the phone down on him twice and twice he rang back. I got as far as running the cmd prompt and getting the list, then I quickly googled CLSID and got this blog. I called the guy a scammer outright and he still carried on saying if I didn't want his help than it was my responsibility. Fine by me I said and put the phone down for the third and hopefully last time.

Incidentally, I was hacked a few months back, so I was a little more inclined to listen to him. Now very annoyed.

I'm in Wales. Same spiel. Asian guy called "Leon". Seemed more realistic than most of the callers I get - persistent too, I put the phone down on him twice and twice he rang back. I got as far as running the cmd prompt and getting the list, then I quickly googled CLSID and got this blog. I called the guy a scammer outright and he still carried on saying if I didn't want his help than it was my responsibility. Fine by me I said and put the phone down for the third and hopefully last time.

Incidentally, I was hacked a few months back, so I was a little more inclined to listen to him. Now very annoyed.

Hi, thanks for putting this up, it was helpful as I just got off the phone with them as well.

Having worked in IT / software development and being fairly computer savvy, I knew immediately that this was a scam. My computer isn't sending anything, and my computer ESPECIALLY wouldn't send them my phone number so that they can call me.

So I decided to see where this led. He announced himself as "David" through a heavy indian accent, and said he was calling from "Windows Support Services". My immediate response was, "Oh, you work for Microsoft then?" and he replied "We are a partner of Microsoft", which again confirmed with me that this was a scam.

Once I was 100% sure it was not authentic, I decided to follow his instructions to see what it was he was after. He had me pull up my Windows log which will show a bunch of warnings and errors for any computer (it's just part of the computer's life) and claimed that all those errors had been sent to them, and that he would help me clear them up and get my computer working well.

He then lead me to the website www.anydesk.com, and I then asked him if that was who he worked for. He acknowledged and I thanked him for his time, but said that I have no interest, and hung up.

Wish I had stayed on and probed a little longer now that I think about it. I'm sure they'll call again.

They started out the message very friendly asking how my day was and I told them "I'm doing fine". They followed up by telling me there was malware on my computer that is sending out error messages to Microsoft Tech support telling them my computer is experiencing a lot of viruses. They proceeded to have me type assoc into my cdm and then read my CLSID off verbatim very slowly in a strong Indian accent. I told them they had the correct CLSID and the guy made my CLSID out to be some top secret thing not to be shared over the phone from my end. I believed him and he had my go to a website www.TeamViewer.com where I was told to download the trial version. After doing so I was presented with my randomly generated username and password that he asked me for. I told him my username and passcode which gave him access to my computer remotely so he was moving my mouse around and clicking on things. This set off an alarm because I obviously didn't like him having access to my private documents and such so I was careful to watch what he did.( This computer had previously been my moms and had sensitive information like a lease with credit card numbers and the closing document to our recently house purchase. My laptop had social security numbers on it which could lead to identity theft) He then said he'd transfer me to his associate who would finalize the remote virus sweep. He hung up and I was called back by his buddy who also had access to my computer and began to show my the viral downloads I had. He said that my software had been damaged and he would have to send me new software. Then he asked my age I told him 16 this caught him off guard and he asked if I had a credit or debit card I told him no that "I would have to go to a retail store to purchase said software". He hung up immediately because I was no longer worth his time. I gave him control to my computer and they knew my name without me telling them which is very unnerving. I was naive and trusted them thinking they must be legitimate and my computer may actually be infected. I now feel obligated not to use my computer ever again to avoid them gaining anymore information if they established a long term link. I brought it to geek squad right after the call finished because I was scarred they had unlimited access. The geek squad guy told me that they didn't establish a long term link but I'm thinking of trashing the computer, which granted is old, and buying a new one. We just changed all our credit card numbers and are now trying to make sure nothing is stolen that could financially jeopardize us. Please reply if you have a better understanding and if they have only that one time access or if they could have uploaded the data on my hard-drive to their computer.

Today I got the same call. They follow nearly the same procedure as described above, finally asking for a teamviewer connection. Because I am an IT person, there it ends after half an hour, they were angry. I asked them during the call to prove me the Computer is hacked. A more "expert" colleague took over the call. He let me start CMD (gave also the CLSID), but let me start the event viewer and select Custom Events. Yes, there were some not imported errors, but not related to any virus. Be careful.

Hi, I got a call like this about 7.30pm (GMT+8), so same indian guy and another guy who was supposed to be the supervisor came later. Then I did all the instructions until they told me that I had to pay 270$sg and I didnt know what to do. So I said I cant pay, they have noted my IP address and I am at a loss. I can't access my AW and theres a password before the login screen. I am devestated and was hoping for any suggestion. I really just want to get it removed, if I changed my IP address will it work? I'm sorry I'm not tech savvy...):

Same call and same MO. in the end after about 20 minutes stinging them along.

in the end, I told them send the police with a court order and I'll grant access to my computer. After threat of having me banned from the internet, all I got was click and dial tone.

7 days - 7 calls - every day at same time. I get rid of them by telling them I have an Apple usually but today the guy said they also support Apples! Very insistent but I kept him talking for 17 minutes before he hung up. Funny thing is I'm sure from his accent and phrases that he's been the one I've talked to on 3 occassions out of the 7 calls this week. :)

I got the call this evening and suspected SCAM but strung them along for quite a while until he had me look at the CLSID and I googled that and found your post. I then tied the two together with the caller and had a little fun with calling out the cam until they just hung up.

Thank you for having the info out there!

I'm 72 years old, and mostly clueless concerning computer operations. I have fielded calls like this for years, but this guy mentions a CLSID that is individual to the computer like an electronic serial #, which sounded legit, so I went along with it. He shows me all the "bad things" in the computer and tells me they must be fixed or the system will probably crash. Finally at the end he brings up the charges to renew the "license" and to fix all of the problems. I don't commit to money when I am called by anyone that I can't positively ID. So, I didn't go with the purchase of their fix. I did let them into my computer and now that I have read this website I'm worried about what info they could have taken from the computer, and how I might be able to try to stop some or all of it, and what should I be on the lookout for.

I received the call twice!!!!!!

I have received 3 calls from them so far. Two while I Was at work so I just hangup but today they called while I was at home so I was able to have a little fun. I let him run through the CLSID part and he then had me open event viewer to show all of the warnings and he proceeded to ask how those items downloaded without my approval and that he could connect in to show me more issues. He directed me to a website where he said there would be a link titled "teamviewer" I did not navigate to the site. I played along as if I was going to the site, he said I should download the file, run it and provide the teamviewer ID. I made up an id and pin he talked in circles while the ID and pin did not work. At this point there was no more fun to be had so I asked him how many people fall for his SCAM. He said no scam and that I had errors to be fixed. I explained that his proof of issues was BS and that he was trying to connect to my system to steal something, I asked what he was actually trying to get and he mentioned "so you do not want to have a secure PC". The call went downhill from there on my part causing him to hangup.

They still try and they don't even change their modus operandi!