James Wiseman

And I was out! Dammit!

“We have noticed from our logs that you have been downloading lots of viruses”

My wife took the call, and politely declined, which is more than they deserved. I’ve got a nice counter-scam dreamed up as well (see This Post for my thoughts on this).

So, to all the criminals responsible for perpetrating the scam that are this. Please ring back, I REALLY want technical support, as my event viewer has lots of errors, and my prefetch folder is full of viruses!

Help!

Other Articles

I don’t know, and I’d like to.

I noticed a suspicious entry in my visitor logs from an IP in Calcutta looking at the last Scam post –  ’Scamming the Scammers’. My suspicions were confirmed when the IP linked back to one of the websites quoted by the fraudsters (http://onlinepccare.com/) . See this entry: http://www.robtex.com/cnet/203.200.180.html.

So it looks like the criminals are reading this. HELLO, Criminals!

After looking around a bit more, I found a forum post (http://www.dslreports.com/forum/r22222049-Scam-Supportonclickcom-scareware-scam~start=140) that lists a few more to be wary of:

www.supportonclick.com
www.onlinepccare.com
www.techmyhelp.com
www.comantra.net
www.gogreenpc.net
www.techisonline.com
www.techonsupport.com
www.fixonclick123.com
www.virtualpcdoctor.com
www.loginforcare.com
www.systemrecure.com

An Australian website has taken also  to recording info regarding this (http://forums.whirlpool.net.au/forum-replies.cfm?t=1485775). A further link from here to an article containing a response from Microsoft Australia is also an interesting read: (http://www.smh.com.au/technology/security/pay-up-or-your-pcs-toast-20100630-zm8i.html).

The Guardian, UK, carry an article linking OnlinePCCare.com to a company called Pecon Software based in – you’ve guess it – Calcutta  (or Kolkata if you’d prefer). Their customer relationship manager, Vikas Gupta strenuously denies any involvement and states that he has an email from Mahesh Shah, head of Pecon Software, in which he is told that the company has terminated its contract with “around 30 employees in last two years

It is interesting to note that Pecon Software still have a link on their front page to the (now shut-down) supportonclick.com through an employee login link.

So I guess it’s important to know who is actually accepting money for this, i.e. to which company is the money on the credit card being paid to? Or, put it another way, what is the name of the company that appears on the credit card receipt?

Any info, post here.

Other Articles

As part of my continuing efforts to give prominence to this scam, I thought I’d provide a quick update. The Scam Tag on this blog contains the full list of posts regarding this.

Charles Arthur is continuing to investigate this  has recently covered this in a Blog posting: Those ‘PC virus’ phone call scams: the unanswered questions.

One of the unanswered questions that he highlights is how exactly are they getting this information? Several people have intimated that they give out spam-trap contact details whenever they are asked to provide them, so maybe this is a good long-term strategy to attempt to wheedle out the scammers.

Take this example. I am fortunate enough to have my own domain name (JamesWiseman.com). My email account is set up such that all mails sent to @JamesWiseman.com will end up in the same mailbox. So, think of a word, put it in front of @JamesWiseman.com, send me an email, and I will get it.

So, when I sign up for SomeService.com, the email address I give is ‘someservice@jameswiseman.com’. For anything that needs a credit card, or requests more sensitive information, I use something more obscure, but, nevertheless still identifies the company to whom I originally gave the address.

Obviously, not everyone has their own domain, but for email this can be overcome by signing up to multiple GMail or Hotmail accounts (hassle, granted). And what about physical address details? Well, if you never intend to receive mail, then you can always fake it, for example (again using the SomeService company name):

James Wiseman,
22 SomeService Road,
Gondor,
Middle Earth

But what if you do want to receive mail? Well, just pretend you have given your house a personalised name (like those ‘quaint’ Dunroamin house names you sometimes see)

So, your address might look like

James Wiseman,
SomeService,
999 My Real Road Name,
My Real Town
MY8 8PC

Granted, this isn’t going to obtain results quickly, but could well make it more difficult in the long run for scammers to operate effectively.

Other Articles

Because DEC25 = OCT31

Boom Boom!

Sorry, couldn’t resist that. What are the chances of those two dates coinciding in that way?

Its a bit like the the other one that goes:

“There’s only 10 types of people in the World. Those that understand binary and those that don’t.”

Which, is maybe even cleverer, as it can be told by either type of person and still make sense.

Anyway, here’s hoping you’ll forgive me for this nonsense!

Firefox lets you turn of browser history recording, and so does Internet Explorer. There are many reasons for doing this, and not all for hiding activity that spouses, partners or employers might disapprove of!

For example, you might be browsing from a publically accessible computer that may be host to anyone. You may also want to prevent the inevitable build-up of information about you that invariably happens when your browsing history is recorded.

So how do we do this?

First, shut down Chrome completely and then locate where it stores it’s user data:

On Vista, this is:  C:\Users\<User Name>\AppData\Local\Google\Chrome\User Data
On XP, this is: C:\Documents and Settings\<User Name>\Local Settings\Application Data\Google\Chrome\User Data

1. Browse the “Default” folder and delete all the files whose names start with ‘History’.

2. Restart Chrome so they are created again, but do not navigate to any sites. Now close Chrome again.

3. Now, make all the “History” files read-only.

4. Start using Chrome again.

This should prevent Chrome from recording your browser history. Be aware that it does cause Chrome to crash on occasions, specifically when you download item and try to close the browser. Since you were trying to close the browser anyway, this is not critical.

Not a perfect solution, and I would be interested in any better ones

On my keyboard there is a double-quotes (“) symbol above the ’2′ on the ’2′ key. Similarly, on the single-quotes key (‘), there is an @ symbol above the quote (‘). Both of these indicate that, were I to press them in conjunction with the shift key, I would get the alternate as expected.

And yet, when I do shift-2 I get an @, and when I do shift-quote (‘) I get a double-quote (“). Which actually makes a lot of sense (putting the two quote-types on a single key), unless you have learned it the other way.

Am I making sense? Probably not, but anyway…

The is, apparently, a difference between the British and American way of doing things.  I wanted to change it, and help was at hand here: http://uk.answers.yahoo.com/question/index?qid=20090721134000AA6YhSa. The instructions are reproduced below to save you having to click the link:

In XP:

1. Click the Start->Control Panel menu item.

2. Click Date, Time, Language and Regional Options.

3. Click Add Other Languages.

4. Click the Details button.

5. If the language you want isn’t in the list, use the Add button to add it.

6. Click on a language you want to delete and click the Remove button to get rid of it. Repeat as necessary.

In Windows Vista:

1. Click the Start->Control Panel item.

2. Under Clock, Language and Region, click Change Keyboards or other Input methods.

3. Click the Change Keyboard button.

4. Continue with Step 5, above.

But, But, But

But then I got the same problem in Visual Studio.  Here’s how to fix it (thanks to this post http://bytes.com/topic/net/answers/851956-visual-studio-keybaord-settings):

In Visual Studio:

• Click “Tools” menu -> Options
• Check “Show all Settings”
• Environment -> International Settings
• Click on the drop down box (there was only one language listed here for me: “English”)
• Restart Visual Studio

Hope that helps.

There are still plenty of reports coming in on the Microsoft Support Telephone Scam since I wrote the original article. A good repository for people’s experiences can be found here: http://www.digitaltoast.co.uk/supportonclick-systemrecure-scam.

A number of people have been conned into letting the scammers in to control their PC. Firstly let me say that there is no shame in this whatsoever. It’s a convincing scam, playing on the fears of people, and hooking in even the most suspicious.

Secondly, don’t panic. There are a number of things you can do to safeguard yourself.

One of the respondents, Chrisalisuk gave some useful advice, which I’ll reproduce here:

For anyone who’s interested on the technical side of this – I run a small IT company and have had a couple of calls from puzzled customers who have been “caught out” by these pond lifers; mercifully, no money has changed hands, but I did have one guy who asked me to go and check security on his machine AFTER the “fix”.

I found evidence of iobit.com installation – “advanced system registry cleaner” plus a folder and a number of registry keys referring to logmein rescue. The folder was in the windows folder, called “LMI2.tmp”. Rather frighteningly, logmein rescue can now be set for reconnection WITHOUT user permission – so there is a RATHER LARGE security problem RIGHT THERE!

Some interesting stuff in the LMI2 folder! – the virtualpcdoctor registration for logmein. A quick call to logmein has blocked one small revenue stream for them at any rate! The guys there were happy to listen and help, and had prior knowledge of the scenario – they asked me to mail the relevant logs, and thanked me greatly for my time.

Chrisalisuk was also kind enough to give some advice as to what to do:

…if you look at the posting IMMEDIATELY before yours, you’ll find that I mentioned the lmi2.tmp folder nestling in the wndows folder – look for that. If you find AND DELETE it, you SHOULD be OK. If you aren’t confident doing this, I suggest that a factory reinstall is your best option “just to be sure” – unless you have a trusted local company that can have a look. Whichever way, it will probably cost you money, but you gain experience – which is priceless. Don’t feel bad – these bastards are GOOD at what they do (con and extortion). Live and learn!

Let’s look at this. A factory reinstall is quite draconian, but will fix the problem for sure. But, it’s quite simple to look for the lmi2.tmp file. Click on the Windows menu (normally this will be in the bottom-left of your screen). Under this you will see an option labelled ‘Search’ or ‘Find’. Go here and type in lmi2.tmp and perform the search.

If it finds something, click on the item and then hit the ‘Delete’ button. Gone…

Oh, and change ALL your passwords – REGARDLESS. I would also place a stop on ANY credit/debit cards you have EVER used on the internet on that machine (the companies will understand). Better that, than a negative bank balance.

One last thing – report the scums to the bizzies. It makes you feel as though you’ve done SOMETHING to get back at them, and hey – somebody just MIGHT do something about the problem if enough pieces of paper land on their desk.

Yeah, this is hassle, but I’d certainly recommend doing it. If nothing else, it will give you peace of mind.

One thing I would also add is to perform a full and comprehensive virus scan on you PC. If you have more than one virus scanner, then use both. Run any anti-spyware/malware tools you have as well. I’ve also heard good reports about Hitman Pro which seemingly downloads quickly and runs effortlessly.

Do all this, and you’ll have nothing to worry about. And, most importantly, tell everyone you know, and do it face-to-face or over the phone if you can. Some people are generally suspicious of email chains that warn of impending doom in some way.

UPDATE

The Guardian newspaper seem to be onto this. This commented was posted on the Digital Toast forum above on 29/06/2010:

If anyone has been caught by this scam, or knows someone who has, then I’d be grateful if you could tell me the name of the company *whose name appears on your credit card*. It’s clear this company uses loads of different sites and different names, but I suspect it’s the same one (or ones?) behind it. Email me please atcharles.arthur@guardian.co.uk

Charles Arthur, editor, Technology, The Guardian

Other Articles

If you have received a call anything like this, first Off: DON’T DO ANYTHING THEY ASK.

If you are nervous, hang up. Sometimes they stay the other end waiting, so leave the phone for 15 minutes. You can unplug your router if you are in any doubt as to whether they are conencted remotely to your machine.

Next: then go to this site: http://www.digitaltoast.co.uk/supportonclick-systemrecure-scam

This came to my attention yesterday when I was contacted by a family friend who had recieved a cold call from “Windows Technical Support” and had proceeded to claim their machine was corrupt and virus-ridden.

I’ll embellish this article a little later, but just wanted to post something initially that could show up on search engines.

In the mean time, here’s a list of things NOT to do:

1. Don’t do anything they ask.
2. Don’t go to any website they request you access
3. Don’t let them access your PC remotely (you will be prompted before this happens)
4. Don’t give them any money

You might also like to try

1. Wasting their time by playing stupid
2. Recording the conversation
3. Do a Google search for key phrases they are using
4. Report it somewhere – even if it’s just leaving comments on a web page.

Generally if you do an internet search, you will come up with tons of results confirming that THIS IS A SCAM: Here are a few more links:

http://www.networkworld.com/news/2009/081009-windows-event-viewer-phishing-scam.html

http://www.computerhq.co.uk/content/warning-fake-tech-support-call-scam-windows-xp-service-provider

http://www.pcproblem.co.uk/?p=49

http://forums.moneysavingexpert.com/showthread.php?t=1424731

UPDATE

The Guardian newspaper seem to be onto this. This commented was posted on the Digital Toast forum above on 29/06/2010:

If anyone has been caught by this scam, or knows someone who has, then I’d be grateful if you could tell me the name of the company *whose name appears on your credit card*. It’s clear this company uses loads of different sites and different names, but I suspect it’s the same one (or ones?) behind it. Email me please at charles.arthur@guardian.co.uk

Charles Arthur, editor, Technology, The Guardian

Other Articles

It occurred to me the other day how often I was needing to perform a ‘Paste Special’ operation to ensure the format of the pasted text was not carried across. I did a little straw-poll and found that it was most of the time.

I’d select ‘Home’ in the ribbon, drop down ‘Paste’ and select ‘Paste Special’. Latterly I found out about the ctl-alt-v shortcut, but I still found it annoying that having to do this.

So I searched around, and found exactly what I wanted on Roel van Lisdonk’s Blog. Roel assures us that this works in Microsoft Word 2010; I’ve tried it with 2007 and it also works.

We can configure Word to ignore formatting by changing some options. Start by clicking on the Office Button:

Then click the ‘Word Options’ button. When the dialog loads, click on ‘Advanced’ in the left pane:

.

The section you want is ‘Cut, copy and paste’

I changed the option ‘Pasting from other programs’ to ‘Keep Text Only’, but you are free to play around with these as you see fit.

It’s the 5th May 2010, and today is the first birthday of my little boy, Sam.

Happy Birthday!

He’s quite a handful, but I can’t remember being happier than when we’re together as a family. He’s already quite a character and has a great sense of humour already!

And if tomorrow morning you could agree with me that 5:20am is not an acceptable time to wake up, then I think we can be best friends!

Love,

Dad

I’m a couple of weeks into writing this blog now and i’m still trying to tame WordPress.

Most of the taming has been around the post editor which doesn’t lend itself well to code writing and publishing.

I’ll be investigating the opportunities offered by plugins in the near future as I reckon I can halve the time it takes to write a post.

I’m currently writing this on my phone in bed to see how WordPress handles is and it seems ok.

How does it look to you?

Outstanding.

A colleague at work sent me this after an Icelandic volcano halted all UK flights

http://www.flightradar24.com/

This tracks the flight path of all planes that are fitted with the ADS-B transponder