• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Compromised IP Scam?

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    Compromised IP Scam?

    I bought my missus a new laptop and an Office 365 subscription.

    She logs onto Microsoft and enters the product key. The site says there's a problem: ring this number.

    The bloke on the number says he can't see what's wrong so can he take control of her pc?

    He then says our 'IP address is compromised'. She calls me and I say to him I've no idea what he's talking about and anyway it's our business not Microsoft's. He runs something and the last line says something about a Nigerian problem. He won't activate the key so I tell him I'll have to get my money back from PC World.

    Surely this is a scam but the phone number came from the Microsoft web site.

    How and why could you 'compromise' and IP address?
    "Don't part with your illusions; when they are gone you may still exist, but you have ceased to live" Mark Twain

    #2
    Check the website she logged on to, also check the phone number she rang.
    …Maybe we ain’t that young anymore

    Comment


      #3
      The phone number 08000148050 looks a bit dodgy. Maybe it's from a mis-typed URL.
      "Don't part with your illusions; when they are gone you may still exist, but you have ceased to live" Mark Twain

      Comment


        #4
        Originally posted by Cirrus View Post
        The phone number 08000148050 looks a bit dodgy. Maybe it's from a mis-typed URL.
        http://findwhocallsyou.com/08000148050

        Looks like a mistyped URL.
        …Maybe we ain’t that young anymore

        Comment


          #5
          Worrying that she let him take control of the PC.
          There have been various, read different, Microsoft type scams over the years where they have asked for this.

          He didn't install anything on there, did he?

          Interesting article re. the mis typed URL

          https://nakedsecurity.sophos.com/typosquatting/
          Last edited by MrMarkyMark; 22 August 2016, 13:31.
          The Chunt of Chunts.

          Comment


            #6
            I'm right in thinking you can't 'compromise' an IP address? You couldn't hijack traffic to Nigeria because it would be on the wrong subnet? You can't spoof an IP address because the Internet would direct responses back to the pukka IP address always so you'd never achieve anything?
            "Don't part with your illusions; when they are gone you may still exist, but you have ceased to live" Mark Twain

            Comment


              #7
              Originally posted by Cirrus View Post
              I'm right in thinking you can't 'compromise' an IP address? You couldn't hijack traffic to Nigeria because it would be on the wrong subnet? You can't spoof an IP address because the Internet would direct responses back to the pukka IP address always so you'd never achieve anything?
              IP spoofing is technically possible. Although it depends on a careful and qualified definition of what's meant by that the first place!

              However everything you described screams "scam". If the laptop is new then it would make sense to simply wipe and re-install it, or return it for the vendor to do the same.

              Comment


                #8
                Originally posted by Contreras View Post
                IP spoofing is technically possible. Although it depends on a careful and qualified definition of what's meant by that the first place!
                Surely spoofing is pretending the address the connection initiates from is different from what it really is. However if you're connecting to microsoft that could be redirected to a different IP. The easiest way would be to change the DNS server the PC is using to one that gives out deliberately false IPs, and the user would probably never know.
                Will work inside IR35. Or for food.

                Comment


                  #9
                  This may be of interest

                  https://blog.malwarebytes.com/cyberc...chrome-tricks/

                  Not so much an ip hack as a chrome browser hack
                  merely at clientco for the entertainment

                  Comment


                    #10
                    Originally posted by Contreras View Post
                    IP spoofing is technically possible. Although it depends on a careful and qualified definition of what's meant by that the first place!

                    However everything you described screams "scam". If the laptop is new then it would make sense to simply wipe and re-install it, or return it for the vendor to do the same.
                    ^ This. Reinstall the OS from the rescue disk and start again.

                    Then I would buy and install these:

                    https://www.malwarebytes.com/antiexploit/
                    https://www.malwarebytes.com/antimalware/

                    Comment

                    Working...
                    X