Quantum PC Support Scam

I received a call from the folks at “Quantum PC Support”. You might know them better as the Indian PC support scammers. Apparently they “detected” some kind of malware on my PC. I’ve had this call at least ten times and I usually hang up on them or say something smart like I’m using a Mac. But this time I decided to go through the process and see how they go about “rectifying” my PC.

First they get you to go to the Windows Event Viewer. You go to Start, Run, type in eventvwr and then click OK. They get you to click on System on the left hand side. Now click on the ‘Type’ Column header to sort them. Now they get you to scroll down to the bottom so that you can see all the warnings and errors. They ask you if you are aware of what the errors are all about. I said I did not know. In reality these errors and warnings are completely normal and nothing to be worried about. But to a novice PC user they could look suspicious. They told me that these errors were caused by malware and that these were responsible for slowing my computer down. Not to worry because they have a “solution”.

The Event Viewer

The Event Viewer

At this point I was put through to another person. They must have needed someone who could seal the deal so to speak. She introduced herself as Catherine Anderson from Quantum PC Support who is based in Auckland. If I needed to contact her again, the contact number was 09 973 5669. I briefly Googled this but the company is not based in Auckland and the number is fake.

Catherine asks me which browser I use. I say I use Firefox. They want me to go to their website www.qpcs123.com . But they must want me to access this with Internet Explorer. So she tells me to go to Start, Run, type in iexplore, then click OK. This is another way to start up Internet Explorer. However, I go to their website using Firefox (the safer browser) and am presented with a box to type in an Invitation Code that she gave me over the phone. This is presumably so Catherine can get her commission.  Immediately after I enter the number and hit the Join button this box pops up.

Elisnore.ScreenConnect Client

Elisnore.ScreenConnect.Client

Here you have the option to save it or open it. They want me to open/run it. At this point I cancel out before I get in too deep.

And the conversation went a bit like this:

I have good knowledge with issues to do with computer security and there is no way that I am going to run this software you have got me to download.

Excuse me sir, what is the problem?

You want me to run this software but it has a Trojan in it and it will make computer accessible to hackers.

No sir you are wrong. You need to run this program.

No, I know what I doing. My computer is fine. It has no malware on it. I am not going to do this because it will infect my computer.

Why did you say that you did not know what all of the errors in the Event Viewer was about?

I went through the process so that I could learn more about this unethical business model so that I could blog about it and warn others.

Well if you are so smart why don’t you just Run it. You should know that nothing bad will happen”.

No thanks. So how did you know my PC had malware on it? How did you associate my IP address with my phone number?

They hung up. I had more questions to ask. But what I really want to know is why NZ landline providers are not blocking these calls. After some more Googling it turns out that Elsinore Screen Connect software probably wasn’t Trojan. However it would have allowed somebody to remotely control my PC. And once this was done anything thing could have ended up on it


Comments are closed.