Wikipedia:Reference desk/Archives/Computing/2022 October 24
Computing desk | ||
---|---|---|
< October 23 | << Sep | October | Nov >> | Current desk > |
Welcome to the Wikipedia Computing Reference Desk Archives |
---|
The page you are currently viewing is a transcluded archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages. |
October 24
[edit]where or who does Bmi, ascap, and other Performing Rights Organizations get their Digital monitoring information from?
[edit]where or who does Bmi, ascap, and other Performing Rights Organizations get their Digital monitoring information from? and where are bmi getting their station reporting? KQMUS (talk) 10:17, 24 October 2022 (UTC)
- Most radio stations in the United States publish their playlists in multiple formats, which can include play dates and times per song. BMI collects those to report on which songs are being played on radio. 12.116.29.106 (talk) 14:15, 25 October 2022 (UTC)
Geek Squad Spam Scam
[edit]I will try to explain what I am not asking. I have received another version of the Geek Squad spam, saying that my subscription to Geek Squad is automatically renewing itself for $499, and that I can call the phone number in the message to cancel the subscription. I am not asking whether I should call the phone number. I know that the intention of the spam is to get phone calls asking to cancel the subscription, and the person will ask for credit card information to reverse the charge on, and is trying to obtain the credit card information to abuse the credit card. I know that there are a few other risks associated with calling the number. I know that I can use the spam in the bottom of a bird cage, or to light a wood fire in a conventional fireplace. I know that I can and do report the spam to the Internet Service Provider, normally Gmail, who transmitted the spam.
My main question is whether there is any reporting mechanism for archiving reports of this spam, or of spams in general, such as NANAS was around the turn of the millennium.
My second question has to do with the Word object that contains the information that purports to be the invoice. Is there a way that I can copy the text out of the Word object so that it is consists of bytes rather than a bit map? Robert McClenon (talk) 22:21, 24 October 2022 (UTC)
- Hi Robert. You didn't say how you received the spam/scam. Most email providers have a "report spam" button somewhere. If they get enough reports from the same source they can block that email address. If you received a text, at least in the UK you can forward it to 7726 and after enough reports your phone company will block the number. Shantavira|feed me 08:25, 25 October 2022 (UTC)
- User:Shantavira - The spam was received by email. I know how to read email Internet headers and can identify the ISP that transmitted the spam to my ISP, and know how to report the spam to the abuse@ address for the ISP that sent the spam to my ISP. McClenon mobile (talk) 00:55, 26 October 2022 (UTC)
- In a Bing visual search (https://www.bing.com/images/feed) you can upload an image; it will then present any OCR'ed text in the form of character strings. --Lambiam 11:16, 25 October 2022 (UTC)
- User:Lambiam - I will try that. Thank you. Robert McClenon (talk) 00:12, 26 October 2022 (UTC)
- For what it's worth, Geek Squad is the computer related subsidiary of Best Buy. — Maile (talk) 11:21, 25 October 2022 (UTC)
- @Robert McClenon: I usually forward phishing scams like this to scams AT fraudwatchinternational.com and reportphishing AT antiphishing.org. There's also an option to contact Best Buy via live chat (the company they are phishing) at bestbuy.com, they may be interested in getting the scam shut down. Finally, since they're telling you to call a phone number, if it's not a toll-free number you can use a website like freecarrierlookup.com to identify the telecom provider for the telephone number they're telling you to call, then contact the telecom company to report abuse. When I have time on my hands I do these things. PCHS-NJROTC (Messages)Have a blessed day. 22:11, 26 October 2022 (UTC)
- User:Lambiam - That worked, not very well, but a spam isn't worth a high-quality reading. For the information of other readers who may not be familiar with this scam, it read:
What It Says
[edit]Geek SQUAD Invoice No.0009298 137
Invoice Date : 24-10-2022 Dear Consumer
Thank you for subscribing GEEK-SQUAD 360 through us. This is an invoice for your recent purchase. Your visa card linked with your GIRLK-SQUAD account has been auw-debited l'or 4SU.OU USD and your unnuul subscription has been auto-renewed successfully. customer support leant at +14805) 243-8944 Quantity iFFK SQUAD 360
Total 64SO To cancel The Subscription call at + 1(805) 243-8944
$450
Thank You
Reporting the phone number
[edit]1-805-243-8944 belongs to bandwidth.com (a VoIP provider) according to freecarrierlookup.com. I recommend reporting this abuse at their webform. PCHS-NJROTC (Messages)Have a blessed day. 22:15, 26 October 2022 (UTC)
- User:PCHS-NJROTC - Thank you. That is good general advice to look up the phone number on any email spam that has a phone number, and to report it to the provider. The form gave me two choices as to whether I was reporting SMS abuse or phone calls. I said phone calls, although I wasn't receiving phone calls. The scammer is listing the phone number to receive incoming phone calls for a fraudulent purpose. Thank you. Robert McClenon (talk) 04:49, 27 October 2022 (UTC)
Nature of the Scam
[edit]The objective of the scam is to scare the recipient into thinking that they are about to be charged $450, and to get them to call the phone number listed in the spam. When the con person who sent the spam answers, they ask what credit card you would have used for your last interaction with Geek Squad, or, in general, what credit card you would have used, so that they can back out the transaction. What they are actually trying to do is to get your credit card number so that they can misuse it. Various versions of this scam, involving phony receipts, are common, with the objective being to get a phone call to cancel the transaction, by giving them a credit card number. There never was a transaction, just a false receipt, but there will be fraudulent transactions after the spammer gets the credit card number.
It's a common email spam-scam in the United States. At present, it often has to do, as this one did, with a subscription to the Geek Squad technical maintenance service, but it can take other forms, such as a receipt for an order of electronic equipment, or an order of anything. Robert McClenon (talk) 17:05, 26 October 2022 (UTC)
- @Robert McClenon: In the U.S., you can report scams to the FTC https://reportfraud.ftc.gov/#/ RudolfRed (talk) 21:38, 26 October 2022 (UTC)
- I used to report this kind of garbage to spam@uce.gov, which was the FTC's email address for forwarding such messages, but the last time I tried that (about four years ago) I received an autoresponse that said the FTC isn't interested in it anymore because they have their own honeypots that identify most of the scams. One might try reporting to ic3.gov. PCHS-NJROTC (Messages)Have a blessed day. 22:17, 26 October 2022 (UTC)
Just a note since I watch a lot of live scambaiting content, while simply stealing a credit or debit card number is one way such scams could go, a lot of these scams are more sophisticated than that. There's a fair chance this is a classic overpsyment refund scam.
When you call the number, the scammer will tell you something like you need to fill out a form or they need to connect your computer to their robotic server to remove the software (less common with Geek Squad obviously). Either way, they'll get you to visit a website and download some virtual desktop remote access software and then provide them the cancellation/refund code i.e. the remote access number. After connecting to your computer, they may hide the screen and check out the computer and install more remote access software, or they may wait for that.
They'll eventually open an actual form either while the screen is hidden or if not they may get you to open a new tab and past a URL. This will often be a Google Form but either way although they'll undoubtedly sell the information to other scammers is still only a minor part of the scam as the most of the questions are just basic stuff like name, phone number, email with the worse generally being your bank name or perhaps the last four digits of your chequing account. So stuff scammers might be able to use for social engineering you, but not enough to enable social engineering with the bank or ID fraud. No mother's maiden name, card numbers, drivers licence numbers etc.
After you fill out and submit the form, the form and the scammer will tell you that you need to login to your bank as you'll get a prompt to accept or reject/deny the refund. After you login and there's nothing, the scammer will say the refund link expired or they need to speak to their refund manager/accounting department/someone to find out what's wrong and then say they need to connect you directly to their banking portal. At some stage they'll generally ask you to record the amount in your accounts so you can check when you got a refund.
They'll then hide you screen and do 2 things. One is if possible they'll move money around from your savings to your chequing account normally the amount they plan to steal which can be a crazy amount depending on how much you have in your account and other things e.g. ($50,000) and then using inspect element will modify the text so it says it's a refund rather than an internal transfer. (They can modify the amount too, but by moving money they ensure there's enough in that account for them to steal but also if at some stage you find out the actual balance in that account you won't realise there's something wrong.) But they'll also generally open a command prompt and pretend it's a banking portal. Mostly this is just by them typing, rarely they'll actually have a .cmd script for that.
When they reveal your screen, they'll get you to fill out some basic details in the command prompt in response to prompts they type out and tell you not to push enter since the portal will automatically accept your answers (they'll use ctrl+c so it doesn't say invalid command but there's a more important reason for this element). The key part is when it asks for an amount. Here they'll get you to enter whatever they earlier set up to steal from you. This amount may only be loosely connected to what they actually allegedly owe you as if they've decided to steal $10,000 and you're owed $450, they'll tell you you need to enter $100 as an initial test or something. While you do this, they'll add extra zeroes and then quickly end the prompt and type out that you were refunded whatever the fake amount.
They'll either wait for you to say something or if you don't they'll say they're just got a notice from their whoever that there's a problem. Here comes the fake panic in their voice and they'll start to talk about how they're worried they're going to lose their job, and will ask you to check your bank. They may close or minimise the cmd prompt for you, and reveal their earlier work, your bank account with an apparent massive refund.
Note that at any time if you ask if they can see your screen, they'll deny it and insist it's just the robotic server to the extent if they're getting you to do something and you make a mistake and they'll also insist that you do not repeat personal details e.g. the amount in your bank account or what you filled in the earlier form since it's a recorded line and perhaps monitored by the BBB or FTC (they can be very insistent on this point if you ignore them), they'll often avoid saying so and try to coax you into revealing you made a mistake e.g. by asking you to repeat what you typed; likewise if you do something which isn't what they asked. Also if you ever try to refresh your bank or navigate it they'll generally immediately hide your screen. (Even if it's only the base page, they need to cover the fake they removed money from your savings.) Sometimes they may prevent input saying it's to protect you or them from problems.
They'll generally try and convince you to "return" the money using sympathy about them losing their job etc and talks about your morality since you're clearly not a bad person and just made a simple mistake. If this doesn't work they may get nasty and say your bank will be locked and they may even zero out your balance using inspect element. Worse case they may even change your password or use software to lock your computer or in the past with syskey.
Either way if they convince you to help them, what they do varies slightly depending on the scammer and amount and I think has also changed a bit over time as methods became less successful. Some may get you to buy gift cards. Some may get you to make a wire transfer most commonly to a non US account (e.g. Thailand, Peru, China). Some may get you to withdraw the cash and send it to someone generally in the US (this person may or may not know what's going on). Some may get you to use the cash to make a bitcoin ATM deposit. Sometimes they may get you to withdraw cash and then use that to buy gift cards.
Whatever the case, they'll couch you into lying to all parties about what you're doing to avoid taxes or fees, or because them or you will get in trouble if anyone finds out; or something similar. Especially with gift cards, the amount they receive initially may not be the full amount you 'owe' (which is the amount they pretended to send minutes the supposed refund and often they'll pretend to be kind and throw in a few hundred for your trouble).
Since scam baiters never send any actual money it's less clear what happens after but from what I've heard sometimes they may continue with the same method but often they may move on to something else now that they figure they can trust you e.g. if they used gift cards which is something which basically has no cost other than the loss of the scam, they may move on to getting you to wire money (especially if to a US account) or send cash. Again from what I've heard, once they've stolen as much as they can, they or someone else may try to further scam you e.g. by pretending to be someone helping you to get your money back or just some other scam (maybe even another refund scam) since you're considered a good mark.
These are the basics that I remember, I'm sure you can find or watch many similar descriptions. There are many variations in the process, e.g. nowadays it seems fairly common for scammers to try and use Zelle to steal money often even before they done the "overpayment", some scammers will also show you a demo bank account which they say is their business bank. The key element is that they generally want it to be "your mistake" so they can use this as a guilt trip or threat although rarely they won't bother with this or more likely a scam baiter may screw it up, but they'll still go ahead.