[ale] Older parent friendly desktop WM

Alex Carver agcarver+ale at acarver.net
Thu Oct 2 23:09:16 EDT 2014


The charges, in theory, are being reversed by the company.  I'm still
trying to sort out the initial vector but it looked like it was an email
that looked legitimate and claimed to be a Microsoft support affiliate
(something that Microsoft already denies on their own website).  The
first leads to a second company and down the rabbit hole we go.

That first company's email/ad said you could download a "free" program
to helpfully analyze the computer for problems.  Then it popped up a
very official (meaning OS-like) window that said problems were found, to
fix he had to pay $40.  So my dad paid.  It then did some churning at
which point it said there were additional problems and he needed to call
a toll-free number.

So he called that number which went to a second company also claiming to
be an affiliate.  They had my dad go through various machinations to
eventually enable Remote Desktop after which they remoted in and started
showing him all sorts of things.  Doing some remote forensics, I
discovered they had wiped all the system logs (security, audit,
application, and the powershell log) at the beginning of the call and
several times during the call.  Some of the windows that were displayed
were actually fake images with lots of red text meant to cause fear.
They were doctored versions of things like the "Programs and Features"
control panel in Windows 7 except with extra columns and red
highlighting.  The agent on the other end said the computer had not been
updated in over 5 years (false, it had performed an update only two days
prior to the call).  They could fix all these problems and ensure that
updates would continue properly and uninterrupted for the low price of
$349 per year.  My dad paid the fee.  No work was performed (other than
an additional log wipe).  The last update on the machine stayed two days
prior to the call.  However, they proceeded to show him another screen
which showed fresh updates and then asked him to start up a browser
visit several pages ***INCLUDING HIS BANK WEB SITE AND TEST HIS
LOGIN***.  One of the activities that they couldn't erase from the logs
was a message about an attempt to stop a McAfee virus scanner (he uses a
different one that they didn't notice so the attempt errored out).

Doing a search for the company shows that even Microsoft is aware of
them.  They have changed their name at least once in the past two years.
 No work is ever performed on the machines, just a charge of $349 plus
some software sitting on the machine that does unknown things (probably
keylogging given the bank request).  Even the uninstaller is cumbersome.
 Most programs simply ask, "Are you sure?  This is going to erase the
program" and then provide you with an OK button.  This program pops up a
huge dialog box advertisement that basically says "Wait, don't go.  Call
us and we'll help you out." then gives a number and a button to call or
go to the website.  There is no "no thanks" button, you have to close
the dialog box with the upper-right close button.  Only then does the
uninstallation proceed.

It was an awful scam from the beginning and he feels very sheepish for
falling for it without even pausing five minutes to give me a call.  My
mom has already given him a bit of what-for because he didn't call me.
However, I caught it quickly because I happened to call them the same
day just a few hours later.  Every single thing he mentioned in the
story was a massive red flag that screamed "scam".

I have no idea if the charges will get reversed or if he'll have to
dispute them.  Both companies sent back emails claiming they would do
this.  It's an unfortunate grey area since he did technically authorize
the charges by giving over the credit card number.  But the lack of any
work plus attempts to compromise the machine would put it in the theft
and vandalism category.

In the mean time I had him replace all of his passwords, do a couple
forced virus scans (I'm going to attempt a remote clamav scan later),
and lock everything up.  Fortunately only a week before I had taught him
how to use GnuPG on Windows to encrypt some of his more sensitive files
(including a password list since he had trouble remembering so many
passwords -- I switched him to KeePass for that).  If they had gotten to
that list or some of his sensitive documents, it would have been a much
bigger problem.


So back to the question, my reasoning now is to give them an interface
that is comfortable and reasonably familiar, has more control over user
versus administrator rights, is a bit harder to inflict damage (hard to
install a Windows keylogger program on a Linux machine) and would give
me a bit of an easier time doing remote maintenance.  This won't happen
right away, I would need to be there to do the initial setup.  But it's
planning ahead and they both seemed slightly interested in using it over
Windows at some point.

On 2014-10-02 15:53, Michael Trausch wrote:
> I've been had once or twice before. But if I clicked the button to authorize the charge, and I got what was promised, then I would never charge back. Maybe I am missing something here, but it sounds like the person got ripped off somewhat, legally.
> 
> Just because it's immoral and unethical practice to sell free shit to people for high prices doesn't make it chargeback-worthy. We live in a society where people like me are scared to deal with mass customers for fear that despite operating legitimately, we may have to deal with chargebacks and the like, even in the case where the chargeback's root cause is embarassment or buyer's remorse.
> 
> Of course, if you didn't get what was advertised for the money, then a chargeback is always OK. But that seems to be the first thing people do generally these days and is one reason why I am leery to have an online storefront or similar. Most banks chargeback policies suck (and they're almost always hidden in the fine print).
> 
> Sent from my iPad
> 
>> On Oct 2, 2014, at 5:59 PM, Bob Toxen <transam at VerySecureLinux.com> wrote:
>>
>> Hopefully, you had your Dad dispute the credit card charge as fraud and
>> unauthorized with his bank!  There's no paper trail so this is easy and
>> it was UNauthorized fraud.
>>
>> Bob
>>
>>> On Sun, Sep 28, 2014 at 01:14:35PM -0700, Alex Carver wrote:
>>> I need some suggestions on a lightweight desktop WM that would be
>>> friendly to my parents that are used to Windows.  My dad just got
>>> scammed by one of these "driver update" scareware companies (it was a
>>> pop-up ad) that charge high dollar amounts for installing free software.
>>>
>>> I think it's probably time to shift them over to Linux, isolate them
>>> from administrative functions, but leave the system looking friendly.
>>>
>>> Ubuntu might be a bit too much and too heavy for their laptop.  I tend
>>> to use fluxbox but that's a bit too minimal. :)
>>> _______________________________________________
>>> Ale mailing list
>>> Ale at ale.org
>>> http://mail.ale.org/mailman/listinfo/ale
>>> See JOBS, ANNOUNCE and SCHOOLS lists at
>>> http://mail.ale.org/mailman/listinfo
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> http://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
> 
> 



More information about the Ale mailing list