“I’m from Microsoft, and you’re blocking our servers.”

Last night I received a call to my landline, a heavily Indian-accented voice stating “I am from Microsoft. Your computer is sending many errors and blocking our servers. Today the amount of errors has intensified, so we decided to take the initiative and contact you directly”. I was intrigued; I run Linux Mint, and rarely boot into Windows (I certainly hadn’t that day). I told him this, and he helpfully corrected my English; “it’s Lih-nux, not Lie-nux”, and then told me I must have a Windows running somewhere. Maybe I had a rare Linux trojan that was somehow booting up the Windows partition in the background and using it to DDOS Microsoft by sending repeated error reports?

I dutifully restarted and booted into Windows. I asked him how he got my landline, and he replied that I had ‘registered’ it with Microsoft when setting up the computer. How prescient of me, considering that I had installed Windows well before moving to this house and getting the current number. I asked him my name, and he responded with the name attached to the number in the phonebook, one not used anywhere in my Windows registration; maybe he was just trying to be polite?

By this time Windows had finished booting. Hey told me to hit win+r (run hotkey), and type eventmgr into the run dialogue. I followed his instructions, clicking first on Custom Views then on Administrative Events, and there were over 13,000 ‘errors’ logged there! I told him this, and he was quite shocked too, stating that this was a new ‘record’ for them. Which explains why the ‘Microsoft Servers’, despite being able to handle errors reports coming in from over a billion computers running Windows, are unable to handle a few thousand error reports coming from a single PC over what looks like the course of weeks (I didn’t raise the possibility to him that these were internal errors, and not error reports sent to Microsoft, as I didn’t wish to hurt his feelings).

He told me to open up a command prompt and spelled out a command for me to type, assoc, and I dutifully obeyed. This spilled out a list of what appeared to be registry entries. He told me to take a look at the third last and pay attention to the line containing CLSID, something like “ZFSendToTarget=CLSID{SomeStringOfDigitsAndLetters}”. He then explained patiently how only my computer and Microsoft have access to that number, and proceeded to read his copy out to me, which was identical to mine, and assured me that this proved he was genuinely from Microsoft.

Figuring I was clearly hooked, he then moved on to the crux of his brilliant plan. He instructed me to type an url into the run prompt, “freepcupdate.com”. I opened the website in a secure browser, to be greeted with a poorly formatted page with ‘MicroSoft’ as the heading and a poorly drawn arrow further down pointing to a large green ‘update’ button. He told me to click the button, and, figuring I had wasted enough of his time and completed my spambaiting duty, I promptly hung up the phone. He called again, and I politely told him to stop calling, and hung up. He called again, and told me in a threatening voice that “We are disconnecting your computer!”. Disconnected from what? He called yet again, and I remembered that, for reasons that now escape me, I happen to have a large singing bowl lying about the house. It’s basically a bowl-shaped gong, like a smaller version of the image at the bottom of this post. I fetched the bowl, answered the phone, and then placed the handset inside the bowl. I then proceeded to strike the bowl repeatedly until it was resonating a note (somewhat ironically, it was tuned to F#) loud enough to be just on the threshold of causing pain. I left the handset in there until the sound had died down, then hung up the phone. Needless to say, he didn’t call again.

http://upload.wikimedia.org/wikipedia/commons/thumb/7/74/Rin_gong_at_Kiyomizu-dera,_Kyoto.JPG/300px-Rin_gong_at_Kiyomizu-dera,_Kyoto.JPG
Singing Bowl (a bit larger than mine), courtesy of Wikipedia.

About these ads
This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to “I’m from Microsoft, and you’re blocking our servers.”

  1. Hahah, this was great. I got an identical call a couple of months ago and played dumb, hitting “Windows+R” many times and telling him nothing was coming up, before I finally mentioned that I was running Linux at the time. You’d think they would take that as a good warning that they need to move on and find a new mark.

    • logicchains says:

      Haha, nice. I’ve no idea know why they’re so persistent; maybe they take it as a challenge, and want to be able to brag to their co-workers “I scammed a Linux user”?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s