Beware of UTH!

On this Halloween day, I am going to tell you a scary true story.

Late Wednesday night as I was getting ready to turn off the computer and head to bed, the phone rang. Startled and angry, I thought, “Who could be calling at this hour?” My caller ID offered no obvious clues. Since it was late and my husband was already in bed, I decided to answer the call so as not to let the phone continue to ring.

All week long we had received numerous unwanted calls. It’s election time and the number of annoying calls are at an all-time high. Some telemarketers and  campaigners try to fool us by using numbers from places we might be familiar with or local area codes, making us more likely to pick up the call. I was on to them, though, and hadn’t answered many unfamiliar calls all week. I was tired of the calls and decided I was going to give this person “what for.”

I picked up the phone and in my loud “angry voice” I demanded, “Why are you calling at this ungodly hour? Do you know what time it is? Leave me alone.”

The person on the other end calmly said, “Ma’am, ma’am. I need to talk to you. This is urgent.” His thick Indian accent made me suspicious. He told me he was from Urgent Tech Help and that Microsoft had asked him to contact me because our PC was being attacked by viruses. I was incredulous and told him I didn’t believe him. His voice sounded dire as he explained that they had been trying to reach me all day. That sounded plausible because I had let many calls go unanswered that day. He said I had so many viruses attacking the computer that it was causing problems for several other Microsoft customers and I needed to listen to what he said. “Your computer is on the Microsoft Blacklist,” he said. Now, the ball (or guilt) was in my court. I was “responsible” for hundreds of other computers being infected by all kinds of nasty viruses. I was the Typhoid Mary of computers.

I felt bad about yelling at him and wondered if something really was going on. Foolish me.

I believe these hacking spawn of Satan intentionally phone Baby Boomers who are not computer experts but who have a modicum of digital world knowledge. We know just enough to navigate in cyberspace and to be wary of certain things, but we aren’t savvy enough to pick up on the nuances of the I.T. world.

So, I started to get worried. Maybe my computer really was being attacked. Maybe it would totally burn out because of all the nasty viruses. I started to listen to this yahoo.

He said, ” Your computer has a Windows license and I will prove to you that I am legitimate because Microsoft gave me access to that number.” He directed me to click on a box that appeared on my computer that read “cmd.” When I did that, he said, “See that number where it says i.d.? That is your computer identification number. I will read it for you so you know I have permission from Microsoft to access your computer and get rid of the viruses.” He read the .zsendtotargetCLSID number to me and it matched what my computer said. I continued to follow his directions, clicking on boxes and x’s, sure I was doing the right thing, sure I was saving the computer world from total obliteration.

“You have McAfey. McAfey has been corrupted.”

“You have 498 viruses on your computer. This is really serious. Look.” A screen with several small red warning diamonds with the word “virus” next to them showed up. Between some of the red diamond shapes were dire-looking warning signs.

“Ma’am, do you see that? It’s a Trojan. You have a Trojan!” A yellow square that read “Trojan” popped up.

“Oh, see that? See where it says csrss.exe? That is really bad. We need to take care of that. You need network access protection. And look! It says “lc.msi” That’s big trouble!”

His warning words went on and on. Then came the savior words. He was going to help me solve this problem. He would access my computer remotely and take care of everything. I felt the relief of a damsel in distress missing the dragon’s mouth by inches. My hero!

More computer-speak, discernible to naive me but very impressive. Then he said, “In order to complete the process, we need to download either Plan Silver which gives you 5 years of protection or the plan with lifetime protection.”

Being frugal and thinking our computer might be replaced in 5 years anyway, I decided to go with Plan Silver. Up popped several fill-in boxes for my name, address, email and credit card information. Cleverly, the Satanic hacker started with the more innocuous information leaving the credit card for last. A wave of doubt crossed my mind, but I continued. I told him I was uncomfortable typing in my credit card number.

“Ma’am. Don’t worry. See here? I am typing in 1,2,3. What do you see?”

“I see three asterisks.”

“And that is what I will see when you put in the numbers on your end.”

Even though I had misgivings, I went ahead and put in my credit card number. (I am too trusting.)

My predator went on to tell me that it would take an hour to process and that a technician would call when it was done. He even gave me a technician number – 22022012, for whatever that was worth.

I asked him how much Plan Silver cost and he told me they would email me a receipt. I pressed him for the amount and he replied, “$177.78.” I wasn’t counting on that, but no matter, I was saving the cyber-world from all of the nasty viruses in my computer.

He then told me that technician Raul Watson would call me back in the morning and show me what they had done to get rid of the vile viruses. A box popped up on my screen that read:

“UTH Technical Support

11:58 CPU Information requested and sent to Technician 3 – Process list requested and sent to Technician 3”

In the morning, I saw that more text had been added in the box while I slept. “12:22 am Technician 3: Hi, are you there? 12:25 am Technician 3: We have finished our work. Our verification officer will call you and show you the things we have done in your computer. You can use your computer now.” (Boy, that hour went by fast!)

“12:49 am Unattended access is enabled from now until Fri Oct 31 2014 12:48 am. 12:52 AM Technician 3: ANTIVIRUS SCANNING INITIATED.” (Hmm. Time machine?)

“1:20 am Technician 3 has ended the session. Remote control by technician 3 stopped.”

I pictured Technician 3 taking coffee breaks and coming back to type this gobbledygook in between breaks. He may have even taken a nap.

I had to get up and go to work early in the morning (be there at 7:30) so I didn’t get much sleep that night since these yahoos kept me up. I think that is part of their ploy as well, They call late at night when you are tired and vulnerable.

I told Dennis about it in the morning and he hit the ceiling. We stopped my credit card and changed our passwords. I still have unwanted icons and am afraid to uninstall them without asking an expert first.

Dennis found a Microsoft Q&A about this scam, so I am not the first victim. My intent on telling my story is so others won’t fall for the same trick.

Raul Watson, who had neither a Spanish nor an American accent, called back and asked to speak to me. Dennis gave him an emphatic “NO!” He told “Raul” not to call back. He said if they did call back, he would report them to the FCC.  We have their number!

Trick or Treat!