windows licence integration department

theblueirish

Just got a scam call looking for $5 to renew my license. Managed to keep them on for 31 minutes before they said they would call me back and hung up.

Ringing again from a different number now, will post numbers after this call.

theblueirish

five phone calls in total:
0016072315382
0017145357004
0016305295537
0016315819211
0016077399799

Things I have learned from this call:
London is 20 minutes from Ireland.
The Olympics were good last night.
You use Euros in London.
Australians have Indian accents.
The girl on the phone doesn't like donkey porn so much.
She listens to poolside ass creaming on redtube then asks "what am I doing"
When I told her fecking my dog she asks can I hurry up and finish.
She will spend ten minutes trying to connect to a made up teamviewer number.
When teamviewer doesn't work they use Ammyy.com.
She will hold for poo breaks.
She has no idea who Bill Gates is. (name on my credit card)
She will still try to argue even when you tell her you know its a scam.

theblueirish

Another call back from 0013033850493

They want to prove that this is not a scam by typing assoc into cmd prompt and telling me they know my computer registration number.
Guess what they know it, not really.

Copy from another website.

The really interesting feature, though, is the way that the scam seems to have moved on from giving you your address (which they get from a telephone directory)and a fake IP number to convince you that they can really see your system. According to Herold (and a quick google indicates that others are experiencing much the same thing) the scammer now asks you to check a CLSID.
A CLSID is a Class Identifier stored in the Windows Registry — at HKEY_CLASSES_ROOTCLSID, but I don’t recommend that you go digging into the Registry unless you really know what you’re doing. Fortunately (from the point of view of interfering with Registry entries), the scammer doesn’t need you to edit the registry to find the CLSID he’s looking for. He simply has to persuade you to run the ASSOC command. It’s easy to do: you click on the Start button, Run, type in CMD to get to the command prompt (DOS prompt) and type ASSOC. That runs through a long list of file associations, telling you (for instance) that “.xltx=Excel.Template”.
Since it’s a long file it scrolls straight to the bottom, but if you’re really interested in seeing exactly what it contains, you can get it to go through page by page by typing in “assoc | more”: however, the scammer wants you to go straight to the bottom so that you’ll see this entry:
ZFSendToTarget=CLSID{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}
That’s the CLSID on both the PCs open on my desk at the moment. Amazingly, it’s also the one that the scammer quoted to Herold. And I bet that if you have a recent version of Windows and go through the same steps you’ll find that you have it too. In other words, the scammer can’t see your CLSID or anything else on your PC, including your Event Viewer logs. Unless, of course, you fall for the scam and give him remote access with AMMYY or LetMeIn.
Event Viewer? That’s the tool he uses to persuade you that the transitory errors inevitably flagged in its logs are “evidence” of a system problem or malware infection. Of course, they’re no such thing.

syklops

How do I get them to ring me? Sounds like fun.