Antivirus scammers posing as Microsoft were taken for a ride after a misplaced call to a security researcher.
When a group of scammers inadvertently called Sourcefire software engineer Noah Magram on his home phone, Magram decided to play along. Without revealing his expertise, he allowed them to remotely access a VMware virtual machine on his computer, while playing along and recording all of their actions.
The scammers, who pretended they were calling after Magram's computer sent Microsoft a handful of error messages, said they would rid the engineer's system of malware for a $50 subscription fee. After a fake credit card typed in by Magram was rejected, the scammers attempted to disable Windows Services on his computer to further convince the Sourcefire employee to pay up.
Malgram, who says he was surprised by the scammers' limited technical knowledge, says they promptly hung up after he eventually came clean about what he'd done.
Antivirus malware is particularly common on the Web, with some scams locking users out of infected computers and then forcing them to pay a ransom fee to regain access.
Source: Dark Reading