Warning: Spoof calls from "Microsoft Hotline"
Posted: Wed Aug 12, 2020 10:44 am
Today I got another call from someone claiming they're the Microsoft hotline and my PC sends errors. They'll use (usually faked) national numbers from your country but speak english with a horrible accent.
You can expect if a company like Microsoft calls you, they use a native or at least trained speaker of your language. Also they don't call you unless YOU have them contacted before.
This time they claimed to have an ID of my Windows PC, so I told them to tell me that ID so I know they're real and no fake. They dictated me some numbers (888DCA60-FC0A-11CF-8F0F) and told me where I can find that number on my PC (open a CMD box, type "assoc <Enter>").
I first checked what this command does: it lists every file extention association your Windows installation knows.
Close to the end there is the line ZFSendToTarget=CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - the callers told me the first number packs are identical to those they dictated to me, so that's my PC's license number.
A quick Google search revealed this whole line is in the association list (and it's identical) on every single Windows PC, so definitively NOT linked to a license or PC ID.
Also, in the results were some articles with warnings about fake Support Hotline calls using that ID as proof.
When I told the caller I found an article from 2012 about the exact same numbers they gave me and they cannot trick me to hand out any CC numbers or install software based on that, they just hang up. Without saying goodbye
.
Anyway, be warned: even after at least 8 years this is still used for tricking people to buy some sort of cleanup software or install malware which can be removed after buying another software pack.
Whatever they trick you to do, they're just after your credit card details.
Normally it's advised just to hung up if such calls come in but that doesn't prevent these guys from calling you again at a later time.
I hope by telling them they cannot trick me into doing stuff (because I cross-google what they tell me), they have taken my number from their "potential victim" lists.
You can expect if a company like Microsoft calls you, they use a native or at least trained speaker of your language. Also they don't call you unless YOU have them contacted before.
This time they claimed to have an ID of my Windows PC, so I told them to tell me that ID so I know they're real and no fake. They dictated me some numbers (888DCA60-FC0A-11CF-8F0F) and told me where I can find that number on my PC (open a CMD box, type "assoc <Enter>").
I first checked what this command does: it lists every file extention association your Windows installation knows.
Close to the end there is the line ZFSendToTarget=CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - the callers told me the first number packs are identical to those they dictated to me, so that's my PC's license number.
A quick Google search revealed this whole line is in the association list (and it's identical) on every single Windows PC, so definitively NOT linked to a license or PC ID.
Also, in the results were some articles with warnings about fake Support Hotline calls using that ID as proof.
When I told the caller I found an article from 2012 about the exact same numbers they gave me and they cannot trick me to hand out any CC numbers or install software based on that, they just hang up. Without saying goodbye
.Anyway, be warned: even after at least 8 years this is still used for tricking people to buy some sort of cleanup software or install malware which can be removed after buying another software pack.
Whatever they trick you to do, they're just after your credit card details.
Normally it's advised just to hung up if such calls come in but that doesn't prevent these guys from calling you again at a later time.
I hope by telling them they cannot trick me into doing stuff (because I cross-google what they tell me), they have taken my number from their "potential victim" lists.
.
if it's too obvious.