Scamming the BBC

The BBC’s Rory Cellan-Jones had a conversation with a cold-call scammer who rang him to tell him he had virus problems: he taped the conversation and subsequently talked about it and played some of it back in a slot on the BBC’s “Today” programme, as recorded here. I particularly enjoyed the scammer’s indignation when he realized that he’d been giving careful instructions to a Mac user on how to be scammed by a Windows-specific trick. Quite right too, having his time wasted when he could have been scamming a real victim. It sounds as if he was almost as angry as the scammer I provoked into promising me I’d be dead soon.

It sounds as if the scammer was using the CLSID trick, where he tries to persuade you that he knows something specific to your computer by telling you how to find a specific number. In fact, that same number is not specific to your system: many millions of Windows systems have exactly the same number, as I described in some detail here. For your information, the entry they want you to look at it is this one:

ZFSendToTarget=CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}

However, Cellan-Jones’ advice is sound: if someone rings to tell you that your PC is infected, put the phone down before they have the chance to lead you down the garden path to a CLSID or similar red herring. 

Unfortunately, this isn’t the only social engineering hook they use, however. For example, they’ll sometimes ask you whether you’re having problems with your computer running slow (don’t we all?!?), and then offer to help you track down the problem.

David Harley CITP FBCS CISSP
Small Blue-Green World/AVIEN
ESET Senior Research Fellow