Alleged Phone Call from Microsoft Security in Seattle to check on your computer virus
On May 4, 2012 at 7:30 EST I received a phone call from someone speaking with a heavy Asian sub-continent, accented English. He claimed to be calling from Microsoft Security. He said that Microsoft Security Monitors had detected a virus on my
computer that could destroy all my files. And he wanted to clean my computer of the virus. He asked me to type into my Internet Explorer search window "www.ammyy.com" and hit enter. I suspected a scam, or hacker. And I refused. I offered to call him back at
the number on my phone ID giving the city origin of the caller as "Seattle." The telephone number appearing for him was 206-456-0661. But he urged me not to hang up. He said he could not call me back, and I would not be able to reach him at the MS office.
Convinced that he was a fraud, I hung up and called MS in Seattle. And yes, the person I spoke to at MS said it was a scam or hacker.
May 4th, 2012 8:15pm
No company with good credit, including Microsoft, would initiate activity like this one. You can safely dismiss call like this. No need to confirm your suspition by long distance call to Microsoft HQ. Based on social engineering someone
can make use of your money in a very "grace procedure". Double check your telephone bill.
If you use Google search, there is about 14800 references pointing
to very suspicious activity.
Simple tracert gives IP = 70.38.40.185
ARIN search for 70.38.40.185 points to Russia:
Network
NetRange
70.38.40.184 - 70.38.40.191
CIDR
70.38.40.184/29
Name
IWEB-CL-T129-081CL-564
Handle
NET-70-38-40-184-1
Parent
IWEB-BLK-05 (NET-70-38-0-0-1)
Net Type
Reassigned
Origin AS
AS32613
Customer
Maxim Pro (C02114141)
Registration Date
2008-12-15
Last Updated
2010-05-14
Comments
RESTful Link
http://whois.arin.net/rest/net/NET-70-38-40-184-1
See Also
Upstream network's resource POC records.
See Also
Upstream organization's POC records.
See Also
Related delegations.
Customer
Name
Maxim Pro
Handle
C02114141
Street
ch
City
Moscow
State/Province
Postal Code
117042
Country
RU
Registration Date
2008-12-15
Last Updated
2011-11-18
Comments
RESTful Link
http://whois.arin.net/rest/customer/C02114141
See Also
Upstream network's resource POC records.
See Also
Upstream organization's POC records.
BE CAREFUL TWICE NEXT TIME. DO FAST AND SIMPLE FORENSICS LIKE ABOVE.
Regards
Milos
Free Windows Admin Tool Kit Click here and download it now
May 5th, 2012 9:17am
Oh my God! I got a call from that number 206-456-0661, too, and it was exactly the same pattern. This guy, Harris, told me I got a virus on my PC and an alert has been received by Microsoft HQ. Said that if I don't get the virus removed, it would
crash my system down and send my personal information all over the internet. Hahaha! Far from being plausible. I may not be a computer expert but I know that there's no such software that allows a computer to communicate on its own with another computer.
I did not tell Harris that I knew he was a scammer and I asked to place him on hold, to which he agreed. Then I dialed an outgoing call and transferred him to the police department. Hahaha!
May 9th, 2012 6:44am
I looked up the phone number and I found this page http://www.callercenter.com/206-456-0661.html with a lot of complaints associated with the phone number. Wow! This scammer must be
rich by now.
Free Windows Admin Tool Kit Click here and download it now
May 9th, 2012 6:49am
I also have recieved 2 phone calls, but the calls were from Ga. The heavily accented caller said I had 56000 error msgs & warnings and wanted to sell me computer protection for $400 for 10 yrs. I told him I didn't want to buy anything and
he was somewhat rude. The 2nd call the next day said they were still getting error msgs from my computer. They said they were from Windows Support.
Her's the rub tho, I discovered they installed a program on my computer AA V3 underscored. I cannot delete it, it says I don't have permission. It is also in my services section of task manager and I can't disable it there or delete it.
I am working with the Geek Squad to try and get this resolved. If anyone has a way to get rid of this I would appreciate it very much.
May 9th, 2012 7:20pm