Results 1 to 2 of 2
Thread: Scam Alert - Australia
2014-09-03, 07:42 #1
- Join Date
- May 2002
- Canberra, Australian Capital Territory, Australia
- Thanked 439 Times in 362 Posts
Scam Alert - Australia
I had a phone call tonight from a scammer.
The scammer, who claimed to be from Telstra (major Australian phone/internet provider), phoned to say my PC had been hacked. As if they'd know...
Anyway, I played along with this for a while as they had me go through a series of steps from a command prompt to 'prove' it. This was despite my protests that I don't have any Telstra accounts!
The caller claimed that regardless of which network provider I'm with, all internet traffic is handled over Telstra's network and that my access was about to be terminated because is was being used by hackers.
The first step was to open a command window.
The second step was for me to input 'assoc', then have them read back to me the standard CLSID for zfsendtotarget (888DCA60-FC0A-11CF-8F0F-00C04FD7D062)
The zfsendtotarget file type is primarily associated with 'Compressed Folder SendTo Target File' by Microsoft, but the scammer said it was the hacker's registry signature or something such.
The third step was for me to input 'netstat', after which the caller assured me the 'established' connections with my local addresses and their corresponding foreign addresses were the hackers. Complete BS, of course.
Next, they then wanted me to input 'netstart teamview.com', which would ultimately have given them remote access to my PC. I terminated the call at that point.
Needless to say, my internet connection hasn't been terminated...
Last edited by macropod; 2014-09-03 at 07:51.Cheers,
[MS MVP - Word]
2014-09-03, 08:22 #2
- Join Date
- Dec 2009
- Rochdale, UK
- Thanked 178 Times in 155 Posts
That's a different approach.
Most of the scams I've heard of involve looking at the event viewer, which could look intimidating to those unfamiliar with it.