We recently tried to assist a client who was caught by a world-wide scam. This is the first we’ve heard of this scam hitting in Delaware. It includes the telephone version of spear-phishing.

Bottom line: do NOT trust any unsolicited calls about your computer being infected with a virus. University of Delaware folks, check with your departmental tech support or with the IT Support Center (http://www.udel.edu/it/help/request/, consult@udel.edu, or 302-831-6000) if you have questions about computer viruses.

Here’s what happened. (Names redacted so as not to even hint at who the victim is, particularly when you see how gullible he has been.)

Two weekends ago, one of our clients received a phone call from someone who identified himself as an employee at a special Microsoft approved partner in New Delhi, India. The caller told our client that his computer had polymorphic viruses and that the only way he could get rid of them was to pay them $250 to log in remotely from New Delhi and clean the computer. Our client fell for the pitch, paid the money, and gave the caller access to his computer.

When our client told us about this event after the fact, we told him that this didn’t sound kosher at all. We went to McAfee’s site and downloaded several of their free antivirus utilities, burnt them to CD, gave him the CD, and told him the sequence to run the utilities. We also told him to install McAfee or Norton antivirus immediately after having run the McAfee utilities.

Our client did not disconnect his computer from the network before he started running the McAfee utilities. As soon as he started running the McAfee Stinger utility, he got another call from New Delhi, India. Clearly, the scam involved installing spyware that alerted the scammers to the attempt to really clean the computer.

This time, the caller claimed that his company was not only a Microsoft Partner, but also a McAfee and Norton Partner. The caller assured him that the only way to truly and finally get the polymorphic viruses off his computers was to pay $250 per computer, plus $75 to have them install Norton Antivirus remotely. He paid them $575. He saw them take over his computers, installing and running things remotely off of his Verizon FiOS connection. He said they spent over three hours to remove over 22,000 things from two of his computers.

Clearly our client was overly gullible and should now contact his credit card company and the police to report the fraud.

This kind of scam has been reported elsewhere. Three examples:

What is particularly troubling is that, as the Blackpool Gazette story indicates, these scammers often target certain geographical areas (area codes). If this is the first example of this scam we’ve heard of in Delaware, will others in Delaware receive similar calls?