Got 2 messages recently from a robot that talked about a case number and left a phone number. Google was my friend, it was a fake tax agency scam.

And I also got a call from 'Windows Security office' at 2230 local time. I inquired what time zone they were in. They acknowledged it was late. I repeated with more emphasis on the TZ where they were. They gave me a clock time, no am or pm. I repeated my request and asked if it was am or pm that they were quoting. The line went dead.

The WIndows security guys have recently starting calling my cell phone. I tell them we had the windows in our home replaced and they were recently cleaned, so there's no problem. They sputter "I mean Windows on your computer!" Then I tell them their parents would be ashamed of them for doing this and I hang up....

[QUOTE=richs;454288]The WIndows security guys have recently starting calling my cell phone. I tell them we had the windows in our home replaced and they were recently cleaned, so there's no problem. They sputter "I mean Windows on your computer!" Then I tell them their parents would be ashamed of them for doing this and I hang up....[/QUOTE]

Dagnabit! Some people have all the luck. I've only gotten robocalls with recorded messages from these guys. I find them amusing, since I don't currently have any computers using any MS OS's.

I've also gotten recorded messages with the voice of a woman (from India, it sounded like) informing me that "IRS is filing lawsuit against you." Yeah, right. There are a number of obvious reasons(*) it's a fake, and it's depressing how many people fall for this stuff and give away their money anyway.

(*) Just to give three, off the top of my head:

1) The IRS doesn't work that way. If they have a problem with your tax payments, the first thing they'll do is send you a letter.

2) Lawsuits don't work that way. If you are being sued, you get served with papers. The lawsuit can't proceed until it can be proven that you've been served. (This is a legal protection, against somebody being able to sue you and win a judgement against you without your knowledge, thus denying you the right to contest the suit. Of course, prospective defendants sometimes try to stop the case from proceeding by avoiding being served.)

3) Numbers for calling the IRS generally end in 1040. The one on the robocall didn't.

[QUOTE=Dr Sardonicus;454295]1) The IRS doesn't work that way. If they have a problem with your tax payments, the first thing they'll do is send you a letter.[/QUOTE]Maybe. It depends upon what country you are referring to.[QUOTE=Dr Sardonicus;454295]2) Lawsuits don't work that way. If you are being sued, you get served with papers. The lawsuit can't proceed until it can be proven that you've been served. (This is a legal protection, against somebody being able to sue you and win a judgement against you without your knowledge, thus denying you the right to contest the suit. Of course, prospective defendants sometimes try to stop the case from proceeding by avoiding being served.)[/QUOTE]Maybe. It depends upon what country you are referring to.[QUOTE=Dr Sardonicus;454295]3) Numbers for calling the IRS generally end in 1040. The one on the robocall didn't.[/QUOTE]Maybe. It depends upon what country you are referring to.

There are other countries in the world. Some offer better legal methods, some offer worse legal methods. :rolleyes:

A week ago, I joined the "[URL="https://en.wikipedia.org/wiki/Sucker_list"]sucker list[/URL]" too. I mean the one related to Windows security, because I was a member of other such lists for years, especially forex related. After I lost few thousand dollars in my beginning years trying to get rich from forex, they called me periodically (real call, real person) for some more years, trying to [URL="https://en.wikipedia.org/wiki/Reloading_scam"]reload[/URL] me, or trying to sell me trading tips or convince me to use this or that forex broker. Meantime I learned, and I also changed the broker few times, one reason being exactly the fact that my real telephone number given to the broker became known to such guys, and I also made some good/lucky trades to recover my loses and move to the plus side. The scammers gave up after a while, actually I did not get such a call in the last 4-5 years, but also didn't trade much from 2011 or so, only sporadically, and mainly negative - if you do not keep the touch, you lose the ability.

Well, end of February I was in Adelaide, Australia, to install my daughter in Flinders, and one thing I did there, beside of totally emptying all my pockets for school and dorm related expenses, was to download some books that were recommended as helpful reading material for uni's lectures/courses. That kind of books you buy by weight and they cost 50 dollars per kilogram, or equivalent, 250 dollars per book :smile:, and the professor is co-author and/or gets his/her commission from how many books are sold.

Well, don't tell me the bullshit about copyright there, you should already know my opinion (from another topic here on the forum) for scientific/college teaching books. Mostly are financially supported by their institutions (you pay for them in tuition, etc) or governments (you pay for them in taxes) in countries where education is free. And I get specially fussy when the content of the book itself is available on (or even partially copied from) wikipedia, but in some different order, and the book adds some exercises, etc, which the teachers will ask you to solve by giving you only a number and a page, therefore the book is needed, so they force you to buy it, and you have to carry 10 kilograms with you every day for 2 or 3 subjects/courses. Whatever.

It however seems that the "national censorship" of the internet in Australia is "better" than Thailand, in the sense that I had some trouble accessing torrent and warez sites from "my underground Asian friends" and I had to go endless rounding ways to be able to find and download the books (two of them I am still looking for the last editions, I only got former editions, or last edition but an "international" edition, when the required, for example for biology, was last edition for the "Australian focus" - no idea what the difference may be, I assume that for one tenth of the book they talk about kangaroos, instead of cows, but the rest of the book where they talk about cells and fungi should be the same...)

Well... there is no unbreakable fence in the world, at least not yet, until Trump will build his one between US and Mexico, so at the end I was "chaining out", jumping from one server to the other, and looking for the books on torrent sites, getting into click wars, and all the process.. You know how it is. Or you may not know...

Somewhere in this process I got a robot voice telling me that my windows' security is compromised and I am spreading a virus to this and that, therefore the access to this and that application/web page/resource/whatever is blocked, and I have to call this or that number to fix it. It was an Australian number.

Grrr...

After I closed the window, the voice was still playing, and it was also still playing after I closed all firefox windows.

Grrr...

I got a bit worried at first, because first of all I didn't know what the local provider's "catching" abilities would be, then I know the copyright law in Australia is not enforced in the same way as in Asian countries (i.e. not at all), and there was a lot of churn and porn sites I was accessing (you know how it is with those warez people) and in top of all, I was using the laptop from job (I didn't take a private laptop with me, because it was mandatory to take the one from the job, to finish other tasks, and I am nerd, but not so nerd to travel with two laptops; also, I could not use a third party computer as that was lacking all the security and security-killing tools I need and I have installed already on the private/job toys).

I got a bit more worried after I closed ALL windows and closable tasks and the message was continuing to play. You should see the faces of my daughter and wife, they imagined themselves in the jail already :smile: After I put the headphones on (I always carry a pair of wired headphones in my pocket, especially when I travel by plane, I use them for my phone too, for example to learn some new German words on duoligo.com, or for other activities where I need sound and I do not want to disturb the people around me), their faces become normal again, but it took a while...

Then I got really worried when I logged out completely and the message was still playing in the headphones. This laptop (a Dell Latitude) has a lot of "bios thingies" inside, related to security and theft protection. You can control it remote if it gets stolen, etc (and the thief can not do anything about, complete re-format and reinstalling of the OS, or even erasing the bios flash won't "solve" this "issue" - you need radical measures like replacing components or cutting PCB tracks), you can login to it remotely and record sound and take camera pictures with it remotely even if no OS is running (I always have its camera covered with a sticker and I physically unsoldered its microphone, call it paranoia). Therefore, well..., I started imagining all kind of scenarios, where some good guy (good in sense of professional) on watch caught me digging on child porn sites and the police will ring the door in the next minutes.

Well, false hopes of celebrity... After a bit more digging I found a service called "firefox.exe" (I was browsing from firefox) on the task list, which was there even after all firefox windows were closed, and all processes removed/killed, which had no window attached. After killing it, the sound stopped. Nothing dangerous, just a sound player, continuously playing a wave, like when you access youtube or so. Note that restarting the computer is not recommended in these situations - if an attacker indeed succeeded to install some bad crap into your computer, most of the times this crap will [B][U]need[/U][/B] a restart to full-function. So, try to avoid restarting.

Now, I know how one of the web pages I accessed launched a popup (it wasn't blocked, if you do not get into the click war, you do not get the download link, because the download link is hidden in heaps of porn, crap, etc) then launched a sound player into that popup, hided itself and its window, but for the hack of me, I don't have any freaking idea how it installed itself as a service. For this it would need some rights in the local security policy which my current user at that time didn't have.

I still have the sound file (saved from the "temporary internet files" folder) an mp3 which was repeated continuously, and I may call that number in the future just for curiosity what can happen if I do. However, not soon, because I am now back in Thailand and I won't pay an international call just to satisfy my curiosity, even internet call.

But I have to bow to them, for few minutes they got the crap out of me... :smile:

Disable JS. Problem solved. No more pop-ups or drive-by-downloads or other bovine faeces.

It boggles my mind to think that people actually put up with the crap that websites foist upon their browsers via JS.

We know your "js-related" phobia. But no popups, no war clicks, no war-clicks no useful links. You didn't navigate hacker's sites much... Other people [URL="https://youtu.be/lymVJuvAoJ8?t=49"]play starcraft for money[/URL] (we love these guys!), other make a living from winning click wars.. We are quite good in both, but not so good to win starcraft championships or make money winning war clicks... But the process is the same.. It is called "strategy" :razz:

Here is a classic from the FBI Director:

[CODE]JAMES B. COMEY JR
EXECUTIVE DIRECTOR
FEDERAL BUREAU OF INVESTIGATION FBI.WASHINGTON DC.
ANTI TERRORIST AND MONITORY CRIMES DIVISION.
FBI SEEKING TO WIRETAP INTERNET

Good Day,

We believe this notification meets you in a very good present state of mind
and health. We the Federal bureau of investigation (FBI) Washington, DC in
conjunction with some other relevant Investigation Agencies here in the United
states of America have recently been informed through our Global intelligence
monitoring network that you presently have a transaction going on with the
Central Bank of Nigeria (CBN) as regards to your over-due contract/inheritance
payment which was fully endorsed in your favor accordingly. We will found a
way to fix a schedule for you to come to our head-quarter in Washington DC to
enable us advise you on what to do, but meanwhile you are further advised to
be contacting us via email for now because we are having various
investigations that we are working on now. Keep everything regarding to your
transaction confidential for security reasons and note that we have not
informed the local FBI department in your state regarding this matter because
we want to keep everything secret until your fund is received by you to
satisfy the requirements of the law.

It might interest you to know that we have taken out time in screening through
this project as stipulated on our protocol of operation and have finally
confirmed that your contract payment is 100% genuine and hitch free from all
facet and of which you have the lawful right to claim your fund without any
further delay. Having said all this, we will further advise that you go ahead
in dealing with the Central Bank office accordingly as we will be monitoring
all their services with you as well as your correspondence at all level. In
addendum, also be informed that we recently had a meeting with the Director of
the CBN Remittance department Mr. Tunde Lemo in charge of funds transfer in
Central Bank of Nigeria, in the person of Mr. Tunde Lemo along with some of
the top officials of the Ministry regarding your case and they made us to
understand that your file has been held in abase depending on when you
personally come for the claim. They also told us that the only problem they
are facing right now is that some unscrupulous element are using this project
as an avenue to scam innocent people off their hard earned money by
impersonating the Executive Governor and the Central Bank office.

We were also made to understand that a lady with name Mrs. Janet White from
ARIZONA has already contacted them and also presented to them all the
necessary documentations evidencing your claim purported to have been signed
personally by you prior to the release of your contract fund valued at about
US$10,000,000.00 (Ten Million united states dollars), but the Central Bank
office did the wise thing by insisting on hearing from you personally before
the go ahead on wiring your fund to the Bank information which was forwarded
to them by the above named Lady, that was the main reason why they contacted
us so as to assist them in making the investigations. They further informed us
that we should warn our dear citizens who must have been informed of the
contract payment which was awarded to them from the Central Bank of Nigeria,
to be very careful prior to these irregularities so that they don't fall
victim to this ugly circumstance. And should in case you are already dealing
with anybody or office claiming to be from the Central Bank of Nigeria, you
are further advised to STOP further contact with them in your best interest
and then contact immediately the real office of the Central Bank of Nigeria
(CBN) only with the below information accordingly:

NAME: MR. TUNDE LEMO
OFFICE ADDRESS: Central Bank of Nigeria, Central Business
District, Cadastral Zone, Abuja,
Federal Capital Territory, Nigeria.
Email: ddmorgan42@gmail.com

NOTE: In your best interest, any message that doesn't come from the above
official email address and phone numbers should not be replied to and should
be disregarded accordingly for security reasons. Meanwhile, we will advise
that you contact the Central Bank office immediately with the above email
address and request that they attend to you payment file as directed so as to
enable you receive your contract fund accordingly. Ensure you follow all their
procedure as may be required by them as that will further help hasten up the
whole procedures as regards to the transfer of your fund to you as designated.
Also have in mind that the Central Bank of Nigeria equally have their own
protocol of operation as stipulated on their banking terms, so delay could be
very dangerous. Once again, we will advise that you contact them with the
above email address and make sure you forward to them all the necessary
information which they may require from you prior to the release of your fund
to you.

All modalities has already been worked out even before you were contacted and
note that we will be monitoring all your dealings with them as you proceed so
you don't have anything to worry about. All we require from you henceforth is
an update so as to enable us be on track with you and the Central Bank of
Nigeria. Without wasting much time, will want you to contact them immediately
with the above email address so as to enable them attend to your case
accordingly without any further delay as time is already running out. Should
in case you need any more information in regards to this notification, feel
free to get back to us so that we can brief you more as we are here to guide
you during and after this project has been completely perfected and you have
received your contract fund as stated. Thank you very much for your
anticipated co-operation in advance as we earnestly await your urgent response
to this matter.

Best Regards,
James B. Comey JR
Anti-Terrorist and Monitory Crimes Division
FBI Headquarters in Washington, D.C.
Federal Bureau of Investigation
J. Edgar Hoover Building
935 Pennsylvania Avenue,
NW Washington, D.C. 20535-00 USA
This email is intended for the named recipient(s) only
Its contents are confidential and may only be retained by the named recipient(s) and may only be copied or disclosed with the prior consent of Independent Transport Associates Limited. If you are not the intended recipient, please discard this email and notify the sender as quickly as possible. This email and any attached files have been scanned for the presence of computer viruses. However, you are advised that you open any attachments at your own risk. Please note that electronic mail may be monitored in accordance with the Telecommunications (Lawful Business Practices)(Interception of Communications) Regulations 2000.
Independent Transport Associates Limited (ITAL) is a company registered in England and Wales. Registered number: 04784751
Address: First Floor, Unit 2, Block A, Petersfield Office Park, Bedford Road, Petersfield, Hampshire. GU32 3QF[/CODE]

Not much of a lure on this one...

[quote]
[b]From:[/b] Mrs.Loretta Sanchez <"cado."@circus.ocn.ne.jp>
[b]Reply-to:[/b] "Mrs.Loretta Sanchez" <gtbankings36@gmail.com>
[b]Subject:[/b] ATM Visa Card Valued at [COLOR="Red"]$4.5 USD[/COLOR]

Attention:

We officially want to inform you that an ATM Visa Card Valued at $4.5USD only has been accredited in your favor by the Benin ATM
Card Organization, Republic of Benin. The ATM Card has a daily withdrawal limit of $20,000.00 USD Per Day from any ATM Card machine
in your country. You are advised to contact Mr. DALE VICKERY via this email for claim processing:

Dr. William Peter
Director GT Bank PLC
Benin Republic in West Africa
Telephone: +229 98710451
E-mail [email]gtbankings36@gmail.com[/email]
------------------------------------------------
Mr DALE VICKERY
Chairman of Heirs ATM CARDDepartment GTB BANK
Email: [email]dvickery1953@gmail.com[/email]
call or text +229 97 933 578


Note: If you wanted your Funds to be received through ATM CARD Contact Mr DALE VICKERY But if Online Bank transfer Contact Dr. William Peter and also for the awarded fund ($4.5 USD) to your personal bank account OR delivering of your ATM Card to your contact address. Please provide the following details for processing Immediately

(1) Your Full Name=============
(2) Cell Phone Number======
(3) Current Home Address========
(4) Fax Number================
(5) Country====================
(6) City======================
(7) Nearest Airport ==============
(8) Next Of Kin Name===========
(9) Next Email Address==========
(10) NEXT CELL PHONE=======
(11) Yoour Occupation =====
(12)ANNUAL INCOME==============

Payment Mode:

1) Delivery of ATM Visa Card by courier : Yes/No
2) Bank to bank Transfer: Yes/No

Once again congratulation.

Regards,
Mrs.Loretta Sanchez
[/quote]

I guess they forgot the "M".

[QUOTE=mdettweiler;457911]Not much of a lure on this one...[/QUOTE]
Yeah, the main problem is that the email comes from cado@....
To be more realistic, it should have come from cado_nfs@....