Recently I wasn’t paying attention and clicked something I shouldn’t have. I got a [update: not the Conduit virus] virus on my Windows machine and it dug in deep.
[Update 2: Called the “fake” Microsoft number a third time today just to see why commenters keep saying it is real. This time the rep told me to do a Windows+R command and enter SLUI_3 and enter my existing Windows license. (The last two days I called the rep told me the “network was down globally. Call back tomorrow.” Am I to believe they need a network to tell me to press two buttons on my keyboard? Keep in mind that everyone calling that number has the same problem, and bringing up the product key entry screen is always the obvious first step, although it didn’t work for me and I am told I have to throw away my computer (essentially) because there is no path from there unless the manufacturer will help, which it won’t.
By the way, the second day I called the same number I asked if their system had been down the day before and the supervisor told me 100% sure it was not. So…if this is real Microsoft…which I now see as possible, the other explanation is that the reps have some sort of incentive to make me go away fast so they just say the system is down unless I want to give them money. (The supervisor said they have no incentives.) — Scott]
—- older post continues here —-
It’s a clever virus. Normal antivirus and malware products can’t even see it. I lost a week of productivity. I’ve already warned my syndicate there might be a missing week of Dilbert unless I pull a rabbit out of the hat.
The virus generates a pop-up window pretending to be Microsoft. The message says you don’t have an authentic version of Windows but if you call their number they will sell you one.
Before I continue, I did verify with Microsoft that the message is fake. Microsoft never tells you to call them. And they are aware of this scam. Their tech finally got it off my machine.
I called the scammers’ phone number. They do an amazing imitation of a Microsoft call center. Apparently they studied Microsoft’s actual processes and they trained good scam actors. I pretended to be an ignorant customer for a few minutes just to draw them out. A pleasant, Indian-sounding fellow patiently answered my questions.
Did I mention I was mad because I lost a week of productivity to these assholes?
I might have done some yelling. There might have been profanity. Okay, to be honest, I was foaming at the mouth and inventing insults that even impressed me. I screamed about his criminal ways, implored him to seek honest work or kill himself to make the world a better place. I told him to fuck himself seven different styles. And I was just getting started.
And he stayed on the phone, keeping in character to the scam, trying to calm me down like a real help desk person.
I even got him to put his “supervisor” on the line so I could insult his lineage, competence, and preferences for bestiality. He took it too. This was fun!
Then I told them they had 60 seconds to tell me how to remove their virus or I would publish their phone number in a natiional blog so everyone can call and insult them.
I started counting from 60 to zero, stopping occasionally to remind him how fucked he was. He sounded a bit worried but stayed in character.
So here you go: The scammers are at 1-866-530-6599. Please call them and pretend to be a customer so you waste their time before you go off on them. Be creative. Be mean. And please yell. It’s a free pass. The number will change soon, I assume, so act quickly.
Just tell them you got a pop-up message saying you don’t have an authentic version of Windows 7 and you want to know what to do.
It’s a lot of fun. Let me know how it goes.
I also thought it would be useful to publish the phone number so search engines can find it in case anyone in the future wants to verify it as a scam.
: The virus is still on my computer. Microsoft failed to remove it after an hour of trying. I called the scammer number I posted to confirm it is the scammers not Microsoft. Part of the scam is that they tell you to Google their number and it does show as a real Microsoft number. You can confirm they are fake (but extraordinarily convincing) by asking if the message in your computer to call them is real. Microsoft never asks you to contact them. That is policy. The scam asks you to contact Microsoft to authorize Windows. ]
[Update 2: The virus (which is not the Conduit virust after all) is still on my machine. Microsoft’s tech help couldn’t get it. MalwareBytes, ADWcleaner, and Hitman 3 can’t see it. So I had to get a second monitor just to handle the fake pop-ups. I put them all on the second monitor and turn it off.
Oh, I haven’t given up. But I’m impressed at the scam because I can describe it in detail and no one but Microsoft actually believes it is real. So here’s the real published Microsoft number to check for yourself i you you like: 800-642-7676. I’ve called it twice and confirmed twice that the Windows activation message is a well-known scam that Microsoft is actively hunting down. (They know approximately where the perps live.)
Indeed the scammers do somehow have a phone number that used to belong to Microsoft. That seems confirmed. But if you ask Microsoft, they will tell you the 866-530-6599 number is scammers. The fake phone number seems to be the key to the whole scam. When I first questioned them about their credentials the first thing out of their mouths is “You can Google our phone number.” The real Microsoft goes through a more clever credentials confirmation process.
When I said I lost a week of work, I meant I couldn’t get anything done for a week. I didn’t lose files. I do back-ups, of course. Although I doubt they are actually working. I’ve backed up every computer I’ve owned and never had a backup system that worked yet.
Nor have I ever had a missing driver that Windows could find for me automatically. Some things are just placebos.]
[Update 3: As a valuable service I’m going to delete any comments after today that still suspect the scam is a real Microsoft message and I’m playing some sort of prank because anyone coming here for real information would be misled by the comments.