Example Scam

Introduction

"Good Day Sir/Maam; My name is Bruce and I am calling you today from Microsoft. We have been told by your computer that your system is compromised, and we are here to help you diagnose and Fix the issues."

The beginning of the Scam they try to start out as a normal kind of support call. In some cases you can hear their coworkers behind them and its usually a loud situation for they do not use Cubicles like normal companies to separate the staff from each other.

Download One of Many Remote Access Programs

"I need you to go and hit the Windows Key and R at the same time. You will get a command window. (They make do this or have you open a web browser instead) Can you go to www.anydesk.com and when you go there can you see the download now button?"

Thank you for downloading this program. Can you install this program and once it starts can you let us know. Now that the program is loaded and running can you please provide me with the ADDRESS and Password that you see on the screen."

Once they have access to the PC you might hear "We are going to pass this call to our Tech department and they will help you further." They might claim that once your mouse is moving that its the AI support system looking into your computer to find issues.

Event Viewer

One Windows Program that scammers will run is called Event Viewer. This program lists all the Systems running on the PC. Some of these events are OFFLINE and they are Meant to be offline but they will say that all the services that are offline are hackers shutting these features down. When these events are always offline after they have been run at one point.

Activating your Webcam

One thing the scammer may do is once you cant see your screen they might activate a Webcam to see if your at the PC and possibly to get a picture of you which they might later use. In some cases you can see a light on the camera to indicate its running.

Command Prompt

Once they are connected to your computer one of the things they will do or they might have you do this so that you do not believe they have access to your computer.

Two Commands they will run on at this stage are DIR and NETSTAT. We will describe these two commands in another section. They will use these programs to try and have you believe that you are either infected with Viruses or That your PC is Hacked. Now If you use a Mac Computer you are less likely to get a virus but times are changing and this statement might no longer be valid.

Bank Account and Email Account

Once they have convinced you that your compromised, they will have you check your bank account and have you Jot down your balances. They might also have you login to your email to try and get an idea if you do a lot of online shopping.

This is where the damage is done when they have access to your bank account. Once they see the amount of money and style of accounts you have this is where they can see what kind of money they can get from you. If they see they cannot get a lot of money out of you, they might tell you your safe and they will disconnect and hang up on you.

NEVER GIVE ANYONE YOUR ONE TIME PASSWORD OR OTP. SCAMMERS WILL DO THIS TO GAIN ACCESS TO YOUR ACCOUNTS AND THEN LOCK YOU OUT OF THEM. BY THE TIME YOU GET CONTROL BACK IT MIGHT BE TOO LATE.

Refund Form - Google Form

One of the tools that they implement is a Google Form or some type of online form that they have you fill out. This sends them a record of your information that they can use at a later date. This form is usually monitored by the head of the scamming operation. WE REPORT THESE WHEN WE GET THEM.

Command Prompt Refund Form

Now what usually happens is they will have you use a Command Prompt. This is where you and them enter the information of your refund.

They will have you enter your name, Banking Institution, Refund amount.

While you are entering the refund amount, they might turn off your control to the computer and they might enter a few more zeros to your refund amount. So if you were supposed to get $349.00, they might actually have it that you entered $34,900. Then they will try to get you to return that money.

Back to your Bank

Here they have you go to your bank and as soon as you login to your bank they will blank out your screen and the Magic happens. They will Transfer the money from your Savings account to your Checking Account. Then they will INSPECT the webpage of your bank account and they will alter it so that the transfer is Not From your Accounts but from their Deposit to your account. Then they will alter your Savings Account to show they never touched that account. They do this to show you that you got money that doesn't belong to you. Now the Scam starts .... How to get their "money" back from you.

In some cases you will get to experience very bad Acting. They will act like they will lose their job because they gave you too much money. And now they try to get it back from you.

The Next Step

Now they will try to determine how to get this money from you. They cannot just remove the money from the account. So you need to send this money back to them in one form or another.

Wire Transfer (Domestic or International)
Gift Cards - They will either have you go to a store or Amazon to buy and send them gift cards.
Bitcoin - Have you remove cash from your Bank and go to an ATM machine that will take your money and put it on a Bitcoin Wallet. This wallet will then be transferred to other accounts.
Money Mule - This is a person either a victim or part of the scam. They will connect the money then they will launder this money back to the scammers.

Depending on which process they convince you to use in some cases it is hard to track your money and get it back.

What Happens Next?

Once the scam is done, depending on the type of scam they did and if they were successful in gaining money from you. They will either leave you alone and you may never hear from them again or you will be constantly targeted by them to get more money from you down the road.