I had a great experience today. I received a phone call from someone purporting to be from Microsoft Support, who was calling because my machine was infected with viruses.
When he started down that line, I knew where this was going, so I spun up a virtual machine with Vagrant.
Here’s a rough transcription (from memory and cutting out gems like, “look for the Windows key, it looks like four little flags”)
“Support” guy: I’m calling from Microsoft support. Your computer is infected with viruses and has been alerting us.
Me: Oh no! How can I we check that?
“Support” guy: I’ll walk you through checking for these error messages.
“Support” guy: Press the Windows key and the “R” key at the same time. What do you see?
Me: I see a little box pop up in the lower left hand corner
“Support” guy: In the Windows box, type “eventvwr” and press return (which launches the Event Viewer)
Me: (I type eventvwr into the run window.)
“Support” guy: Can you read back what you typed in?
Me: “e” “v” “e” “n” “t” “v” “w” “r”
“Support” guy: OK, press enter.
“Support” guy: On the main page of the Event Viewer, look at the summaries of the types of event log entries.
“Support” guy: In the Event Viewer, expand Windows Logs and click on Application.
“Support” guy: Scroll until you see an error.
“Support” guy: These error messages were warnings from Microsoft about viruses on your computer.
Me: On no! I didn’t know that..
“Support” guy: Next, on the right hand side of the Event Viewer, there is an option to “Filter Current Log”, click on that. What do you see?
Me: (I describe the error log filtering box)
“Support” guy: Select “Errors”, “Warnings”, and “Critical” and click OK.
“Support” guy: What do you see? Those are all attempts from us to warn you about viruses on your system. These are why I’m calling you right now.
Me: Oh wow.
“Support” guy: Right click on one of the errors. Do you see a “Delete” option? No? That’s because the error is so critical, you can’t delete it.
“Support” guy: I’m going to connect you to our “certified” Windows engineer. We’ll remotely connect to your machine and help you fix the problem.
Me: Thank you!
“Support” guy: Press Windows + R again. Delete the “eventvwr” and now type “www.infosys.net” and press Enter
Me: Ok, I did.
“Support” guy: Do you see a Home link? And the fourth item is “Suporte”? Click on that.
Me: Ok, I’m on that page.
“Support” guy: Click on the download button for TeamViewer.
Me: Ok, I’m downloading it. It’s done.
“Support” guy: Run TeamViewer and give me the code and password.
“Support” guy: Now I’m going to transfer you to our “certified” Windows engineer.
“Engineer” guy: Hi, I’m connected to your computer and going to try to help you.
“Engineer” guy: So, you see all the errors in the error log? That was us trying to warn you about your viruses. Why didn’t you respond?
Me: I didn’t know about them. I’ve never seen that before
“Engineer” guy: What anti-virus are you using?
Me: Just the built in Microsoft stuff.
“Engineer” guy: (He then opened a command prompt and ran the “tree” command which printed out a long scrolling list of files and directories)
“Engineer” guy: (After that ran for a bit, he broke the execution and quick pasted a line of text that said “system error… system warranty expired”)
“Engineer” guy: What message did the command output?
Me: It says something about the system warranty being expired or missing.
**“Engineer” guy: Why haven’t you paid for your system warranty? **
Me: (At this point, I acted indignant) I did pay. Look it shows that I’m running a genuine copy of Windows!
“Engineer” guy: No, the system warranty is different. You didn’t pay for that!
Me: (I launched into a rant about why buying extended warranties was stupid, just to waste more of their time. After about 5 minutes of that, I took a breath.)
Me: Oh, and by the way, you guys are full of crap. I’m a systems administrator and a damn good one and everything you’ve said is a scam. (Then, I didn’t hear anything from the “engineer” again.)
“Support” guy: Why would you waste our time like that?
Me: Why would you waste mine with your scam?
At that point, we went back to our own regularly scheduled days.
Thanks for the laugh anonymous scammer guys!