Two quick comments before I start – first, this is not fiction. Second, nothing was taken from me, so I’m fine.
Yesterday I received a scam call. They did a good job and I can see how an average person can be fooled. Truthfully, when you hear about these things you ask how people can be so ignorant to fall for it, but these people are experts and now I know…
I typically do not answer calls unless I know the caller, but I was having difficulty with my work VPN, a difficulty which I was 90% convinced was on my end, not work’s end, so people had to call me instead of using work’s IM feature. So, yeah, I answered a call without knowing who was calling.
A female automated voice said something like, “This is an important call from your Internet provider, Comcast. We have detected an issue with your Internet connection. Please dial one to be connected with a technician.”
OK, I was having Internet issues, so must be legit, right? I dialed “1”.
A voice came on. “This is Comcast. We have detected suspicious activity on your Internet connection. Please verify your first and last name.”
“OK, Mr. McDonald, your name and phone number match our records. We have discovered suspicious activity at the connection at,” he gave an old address – my Internet was moved to the new location two years ago. “We need to take action immediately. This activity has gotten past our firewall and we either need to clear the issue on your end or cut you off from the Internet.”
“I’m sorry, but if you are seeing activity at that address it is not me.” (First inaccuracy I noted.)
“I understand, sir. That is the issue that I was calling about. You have moved your account to a new location but someone has gained the records of the old location and has….”
A lot of what he was saying was very hard to understand. I asked him to repeat three or four times. Hmm, maybe five times.
Stupid me, by the time I understood that he was saying someone had made charges to my account and we needed to verify, I had half forgotten what the call was originally about.
“Thank you,” I said when I understood. “Please send an email to my account on record. I will clear this up today.”
“I am sorry sir, if we don’t resolve this now I will have to terminate your Internet as soon as the call is complete. I am sorry, this is Comcast policy for these types of issues.”
I should have hung up then, because it is NOT Comcast policy.
“What do I need to do?”
“We have some forms you need to verify. I will remote into your computer and you can verify them and we are set.”
“I wasn’t born yesterday, you do not need to remote into my computer. I did not initiate this call! How do I know this is Comcast? I don’t. You can put a gun to my head and I will not let you into my computer!” (Yes, I did say that ;) ). I do not know why I did not hang up immediately!
“I understand, sir, but we use a method to remote in that only Comcast can use, since we know your equipment. Anybody else out there cannot remote in like this. It is easy to verify.”
It is true, Comcast does know the router IP and MAC address of the router and can get in. I have called them and had a tech remote in. A window pops up and I can accept or deny.
But I was still suspicious.
“Great, I’m sure you can, but send me an email. This was an unsolicited call. I am not going to give you the farm on your word.”
He said something unintelligible again.
This went back and forth a few times. At one time he said, “By company policy I am only supposed to spend two minutes on a call with a customer and I have already exceeded that. We have thousands of calls to make as this botnet your computer is part of has infected many customers. You are taking valuable time that is making the situation worse. It is imperative that it be cleared immediately or the DHS will shut down Comcast.”
More me saying this is BS – why I didn’t just hang up is beyond me! I have read that if they feel they are not making progress they try to make the “customer” feel guilty. And he changed what it was about for at least the third time!
“Sir, one last chance and then I disconnect your service. Go to your computer and I will initiate a chat. Only Comcast can do that. You acknowledge the chat and I will clean the offending malware from your computer. This is something only Comcast can do.”
He said that about 30 times – only Comcast can remote into my computer. In ways, if it is what he says, it could be correct.
“OK, I am at my computer, initiate your chat.”
“Fine. Open up your browser. In the address bar, type,” he started reading letters, one at a time.
I put in the letters into Google to check what he was really asking me to do. He wanted me to download not remote desktop software, but remote control software, so he can go in take over my computer 100%!
“Fine. the software is downloaded and installed.” I lied.
“OK, sir, what is the ID number the software you just ran so that I can start the session.”
I laughed, said “F__k you” and hung up. Yep, only Comcast can do it. Yep, using publicly available remote control software that the customer downloads and gives the “technician” the code to enter is now somehow only usable by someone from Comcast. Yep. After hanging up I wished I had played along for a while longer and then ripped into him. Oh well….
I did so much wrong on the call, but they are good. I think all of those unintelligible times were purposeful to make me forget what had gone on before, like clearing the chalkboard. It was only afterwards that I realized that the story had changed almost a half a dozen times!
OK just a quick FYI –
If you didn’t initiate the call, give them no information and no access, no matter how convincing.
If someone says they can’t send an email, “We don’t work that way,” hang up immediate – They do work that way!
If there is an immediate need, tell them that you will call the service number on the public Internet site. Get a case number. If no case number, it’s bogus. If they tell you it doesn’t work that way, it’s bogus. If they agree, go to the web site, don’t trust a number they give you. It has to be a publicly accessible number that can be verified.
They will never, ever have you download third party software!! Never!!
A tech can remote in, but they will not ask for any information from you. They will pop up. Even so, make sure they do not have “control” and make sure there is no admit rights. And only do it if you initiated the call to a verifiable number.
Listen for changing stories.
Ask them to verify things, like the serial number of your modem/router (they have it).
Listen for old or outdated information.
If you hesitate, they will try to make you feel guilty. A real technician apologizes for your time, doesn’t tell you that you are using theirs!
The number they are calling from is spoofed – don’t try calling back because the person at the other end is a victim as well.
Anyway, it was scary how close it was. And yes, I was suspicious from the first minute. Yes, from the beginning I caught quite a few mistakes. Yes, I do security for a living! And yet they were close.
So they called back about five times in the next few minutes. Every time was from a different spoofed number! I didn’t answer, though I do wish I did and yelled at the guy for a few minutes…
Anyway, it is a dangerous world out there. Be careful.