Busted scammer resorts to death threats

Foiled tech support scammer threatens to kill his skeptical target

Image of tech support guy courtesy of ShutterstockWhen his phone rang and he began to listen to the crook on the other end, Jakob Dulisse wasn’t fooled for an instant by the “Microsoft tech support” scam.

The con artist claimed to be calling from California.

But when Dulisse stayed on the phone, calling the person a thief and a scammer, it turned a lot more vicious than most of those calls do, with the crook threatening that he had Dulisse’s address and would send assassins to kill him.

The call grew homicidal after Dulisse accused the scammer of trying to install malware on his computer that would steal banking information, passwords, and PayPal credentials.

You can listen to excerpts of the call, which Dulisse recorded, at CBC News.

Beyond what’s in that excerpt, Dulisse – of Nelson, British Columbia – told the news outlet that the caller threatened him about “Anglo people” getting treated like stew ingredients when in India:

He started getting kind of nasty and angry.

He admitted that he was in India ... and then he said, 'If you come to India, you know what we do to Anglo people?' I said, 'No.' 

He said, 'We cut them up in little pieces and throw them in the river.

The scammer claimed to know Dulisse’s full name and address, telling him he would send someone to his home to kill him.

Dulisse said the threats, albeit chilling, sounded more like a ploy to get him to cooperate, rather than something to take seriously:

He was still trying to get me to do what he was trying to do with my computer. He was actually threatening me as a tactic.

Fake tech support scams like this one net criminals lots of cash from victims who believe they’re talking to legitimate tech support representatives.

The scams follow a fairly standard pattern: victims get a call out of the blue from a scammer posing as a technician, either from Microsoft, another company or an affiliated support firm.

The crooks then persuade their victim to check out alerts on their machine, usually via a standard, built-in tool such as the Event Viewer in Windows.

There, the target views alerts that are actually perfectly normal, trivial error messages, but which the lying huckster claims are serious signs of horrific malware infection.

The caller may also try to get their target to grant remote access to their machine, so the scammer can demonstrate the made-up “danger”.

From there, the victims are pressured into allowing installation of software, usually free security tools but occasionally malware, and then have to pay for the tools and assistance – a pricey prospect that can bleed them of anywhere from £35 to £150 (roughly $60-$250).

It may be tempting to waste scammers’ time by pretending to go along with their ploys.

Granted, doing so can provide a fascinating look into how social engineering works in these support desk scams.

But we urge you to refrain. It’s far safer to just get off the call as soon as possible.

Bear in mind that Dulisse isn’t the first to have been threatened when these phony tech support calls turn nasty.

One such case was when New Zealander Sean Flintoff answered the phone at night.

When he resisted the call from a “computer support” guy from “Windows”, the caller threatened to rape his wife – even though Flintoff was recording the call.

Maybe the crooks are relying on customer lists illegally acquired from other call centres. Even if the scammers are cold-calling by just flipping through the phone book, that still means they know your address – not a comforting thought.

Nothing good can come from playing with crooks. You have nothing to gain.

Or, in the words of Sophos’s Paul Ducklin, don’t buy. Don’t try. Don’t reply. Just get off the phone ASAP!

As Sophos Senior Technology Consultant Sean Richmond noted in a Sophos podcast about avoiding fake support calls, if you manage to get a number to call a scammer back, you can report it with a call to the authorities.

(Audio player above not working? Download the MP3, or listen on Soundcloud.)

Here are some places to report scammers:

  • In Australia: The Australian Competition & Consumer Commission’s SCAMwatch.
  • In the UK: ActionFraud, the UK’s national fraud and internet crime reporting centre.
  • In the US: the Internet Crime Complaint Center, at IC3.

Image of tech support courtesy of Shutterstock.