Skip to main content

you have been contacted by network services

The pitch is the same.... the phone rings and the number is usually a strange 7 or 8 digit number preceded by a plus (+). When I answer there is a slight delay and the phone is now showing some other number and in my case it was 337-729-7536. The person on the other end have been both men and women, however, they have always had a distinct accent that I can only place in Pakistan or India. I do not have an extensive experience with voices, however, in one instance I was able to get the person on the other end to admit she worked in an Indian call center. I have no idea what they are actually accomplishing because it never gets that far.

During this evening's call I asked a few questions:
  • where are you located? California
  • What is the name of the company? Orange Tech In Los Angeles
When I Googled and called Orange the number had been disconnected.
  • I told the caller that I was putting the kids to sleep and that I would call back. What is your number? 866-263-2630
When I Googled this number I was only able to determine that it was a toll-free number. (866) - get a clue... There are a number of social websites that are trying to capture this information in a useful way, however, between the poor quality, over advertising, accuracy... it was just a waste.

So I called the number.  What could it hurt? They already had my number... My guess is that the number was also bullshit. The phone just rang and went unanswered.

During the pitch the caller said, repeatedly, that he was from the "Microsoft Network Department" and that he needed to perform some maintenance on my computer. Well.... there isn't a computer company on the planet that is going to do exactly that. Simply put this is a scam of epic proportions!

These "social engineers" (see Kevin Mitnik) are trying to do a number of things
  • get you to install something on your computer that in itself may contain virus-ware, malware, or even ransom-ware.
  • in addition they may simply be trying to get your credit card number and if you're unfortunate to use your debit card they may siphon your bank account dry. Which they could use to do a lot more damage to your financial standing.
  • NEVER give out your PIN.
If you think you are having trouble with your computer then do this:
  • geek squad or similar
  • any of the big box stores
  • pull out the hard drive and destroy it with a hammer; and buy a new computer
  • instead of buying a new computer start thinking about chromebook or ipad etc...
**For the time being comments are open. Please append any information or key phrases you can get and report it to your local law enforcement when applicable. Network neutrality and the cross board communication laws were never intended for this.

UPDATE:  I just got off the phone with network security services. Actually "David" hung up on me. David tried to get me to give him access to my computer via the "logmein" service. Of course there is nothing wrong with logmein as a service. I've used similar services to help family members but that's a horse of a different color. I asked David how much this was going to cost me and he said FREE. Can you hear the alarm bells yet? When I loaded the logmein login page he gave me a number. It was a simple login number that would eventually pair our computers together giving David full access to my computer.

Instead of logging in.... I put David on hold and clicked the "report abuse" link on the login page. I filled in the information and included the PIN. I also followed up with a phone call to their technical support team. The operator took my information and checked the account. He also alerted their security staff. Finally David hung up on me. I assume that he heard my conversation with logmein (because I didn't actually put him on hold) and then the line went dead.

I'm certain that if I allowed things to continue that David might have found a way to drop something on my computer that would put everything I consider important at risk.  My data and code and the same for my customers.

PS: this call came from an area code in Canada(249-713-6048). If you've ever worked in telephony then you know that the callerid information can be spoofed. What you don't know is that google is not a telephone company and as such is more likely have more info and more willing to take action.

Comments

Popular posts from this blog

Entry level cost for CoreOS+Tectonic

CoreOS and Tectonic start their pricing at 10 servers. Managed CoreOS starts at $1000 per month for those first 10 servers and Tectonic is $5000 for the same 10 servers. Annualized that is $85K or at least one employee depending on your market. As a single employee company I'd rather hire the employee. Specially since I only have 3 servers.

The pricing is biased toward the largest servers with the largest capacities; my dual core 32GB i5 IntelNuc can never be mistaken for a 96-CPU dual or quad core DELL

If CoreOS does not figure out a different barrier of entry they are going to follow the Borland path to obscurity.

UPDATE 2017-10-30: With gratitude the CoreOS team has provided updated information on their pricing, however, I stand by my conclusion that the effective cost is lower when you deploy monster machines. The cost per node of my 1 CPU Intel NUC is the same as a 96 CPU server when you get beyond 10 nodes. I'll also reiterate that while my pricing notes are not currently…

eGalax touch on default Ubuntu 14.04.2 LTS

I have not had success with the touch drivers as yet.  The touch works and evtest also seems to report events, however, I have noticed that the button click is not working and no matter what I do xinput refuses to configure the buttons correctly.  When I downgraded to ubuntu 10.04 LTS everything sort of worked... there must have been something in the kermel as 10.04 was in the 2.6 kernel and 4.04 is in the 3.x branch.

One thing ... all of the documentation pointed to the wrong website or one in Taiwanese. I was finally able to locate the drivers again: http://www.eeti.com.tw/drivers_Linux.html (it would have been nice if they provided the install instructions in text rather than PDF)
Please open the document "EETI_eGTouch_Programming_Guide" under the Guide directory, and follow the Guidline to install driver.
download the appropriate versionunzip the fileread the programming manual And from that I'm distilling to the following: execute the setup.sh answer all of the questio…

Prometheus vs Bosun

In conclusion... while Bosun(B) is still not the ideal monitoring system neither is Prometheus(P).

TL;DR;

I am running Bosun in a Docker container hosted on CoreOS. Fleet service/unit files keep it running. However in once case I have experienced at least one severe crash as a result of a disk full condition. That it is implemented as part golang, java and python is an annoyance. The MIT license is about the only good thing.

I am trying to integrate Prometheus into my pipeline but losing steam fast. The Prometheus design seems to desire that you integrate your own cache inside your application and then allow the server to scrape the data, however, if the interval between scrapes is shorter than the longest transient session of your application then you need a gateway. A place to shuttle your data that will be a little more persistent.

(1) storing the data in my application might get me started more quickly
(2) getting the server to pull the data might be more secure
(3) using a push g…