'Your PC may be infected!' Inside the shady world of antivirus telemarketing

[Venustus]

Scotty Zifka was looking for a sales job. He started one in late May at a company called EZ Tech Support, a small inbound call center in an older building in northeast Portland, Oregon.
Of the hundreds of TED talks available online, many are geared toward helping people view life in a new
The first day of Zifka’s unpaid training involved listening in on sales calls. But within three hours, Zifka felt something wasn’t quite right.

“Everything about it was so weird,” he recalled.

The company’s 15 agents answer calls from people who’ve seen a pop-up message saying their computer may be having problems, and advising them to call a number, which rings at the offices of EZ Tech Support.

The agents are instructed to stick to a 13-page script. They ask callers whether they have an antivirus program installed. If they do, Zifka said, callers are usually told that whatever they’re using isn’t a “full-time real spectrum virus protection program.”

But the agents have a solution: callers can purchase an antivirus program calledDefender Pro Antivirus, from Bling Software.

Further Reading

 

[aztony]

This type of thing doesn't surprise me. Even so-called reputable anti-virus vendors are seemingly resorting to ripping off their customers. I spend a bit of time perusing the Avast forum, because I use the program and like to know what issues users are experiencing. One common, but persistent complaint many avast (free) users have posted is that when they call the support line, no matter the nature of the complaint, they are being pressured to purchase maintenance plans at $300 a pop to do nothing the free forum help could not assist in rectifying. Avast mods try to distance themselves from this deplorable exploiting of their user base by stating that it is not Avast doing it, but some 3rd party company Avast contracted with. But the irony is avast still continues to do business with them

 

[OokamiCreed]

This type of thing doesn't surprise me. Even so-called reputable anti-virus vendors are seemingly resorting to ripping off their customers. I spend a bit of time perusing the Avast forum, because I use the program and like to know what issues users are experiencing. One common, but persistent complaint many avast (free) users have posted is that when they call the support line, no matter the nature of the complaint, they are being pressured to purchase maintenance plans at $300 a pop to do nothing the free forum help could not assist in rectifying. Avast mods try to distance themselves from this deplorable exploiting of their user base by stating that it is not Avast doing it, but some 3rd party company Avast contracted with. But the irony is avast still continues to do business with them

It's stuff like this that I feel the need to keep testing every AV known to man, and still find every since one... EVERY single one always has some terrible downside (to me anyway). A lot of great AV's like Bitdefender do not give you that much control but has excellent protection with it's signatures, web blocking, zero day detection modules, etc. AV's like Emsisoft have great protection, give you control, but not enough like they used to. Everything is being dumbed down, and so is some AV's ability to defend the user as a result.

Seems every AV is going to hell. As of right now, I personally believe that online threats are winning. AV's are one of those things where there shouldn't be competition. Protecting the end user is really something you shouldn't be making billions off of and if all of them cooperated with each other, there would be huge mutual benefits.

If this happened, it would come down to what AV engine you like/runs well with your configuration, etc, personal tastes of look in the GUI, and trusting that AV to not abuse the data they pull from you. You wouldn't have to worry about what AV's detect this or that. Zero day would still be important but signatures would catch pretty much everything. Then maybe AV's can actually say they catch 95% of the threats instead of lying to gain money. Haven't seen a single AV tell you on their site that they are inferior to another in any other way. They all lie. Each has their own strength and since most do not cooperate with each other, the fact remains that an AV in the US will detect a US based threats way better than an AV in say China or the UK, etc and vice versa.

But the agents have a solution: callers can purchase an antivirus program calledDefender Pro Antivirus, from Bling Software.

Further Reading

Thanks for sharing this article I feel like it's probably one of those PC Pitstop (or PC S***stop as I like to call it). Real engine and signatures, etc, crap AV that will probably harm you more than do any good. I find this part interesting in the article.

The product uses a well-known antivirus engine licensed by a reputable company called Cyren. Marx said his analysts tested a trial version downloaded from Defender’s Pro website. It was effective at detecting malware but also “really buggy,” he said via email.

“After an update, for example, it repeatedly crashed,” he said.

Cyren is NOT well known... most people probably don't even know it exist, let alone know if they have used it's engine or not. I've heard of it myself and never actually tested an AV that used it and I have tested every AV. Even the shady ones. (I use the word "every" lightly here, it's impossible for me to know the name of every AV out there, let alone get a hold of it).

It crashes? Well what did you expect from a new company that just popped into existence... will probably test this one myself at some point. I don't trust AV testing groups.

 

[Venustus]

It's stuff like this that I feel the need to keep testing every AV known to man, and still find every since one... EVERY single one always has some terrible downside (to me anyway). A lot of great AV's like Bitdefender do not give you that much control but has excellent protection with it's signatures, web blocking, zero day detection modules, etc. AV's like Emsisoft have great protection, give you control, but not enough like they used to. Everything is being dumbed down, and so is some AV's ability to defend the user as a result.

Seems every AV is going to hell. As of right now, I personally believe that online threats are winning. AV's are one of those things where there shouldn't be competition. Protecting the end user is really something you shouldn't be making billions off of and if all of them cooperated with each other, there would be huge mutual benefits.

If this happened, it would come down to what AV engine you like/runs well with your configuration, etc, personal tastes of look in the GUI, and trusting that AV to not abuse the data they pull from you. You wouldn't have to worry about what AV's detect this or that. Zero day would still be important but signatures would catch pretty much everything. Then maybe AV's can actually say they catch 95% of the threats instead of lying to gain money. Haven't seen a single AV tell you on their site that they are inferior to another in any other way. They all lie. Each has their own strength and since most do not cooperate with each other, the fact remains that an AV in the US will detect a US based threats way better than an AV in say China or the UK, etc and vice versa.



Thanks for sharing this article I feel like it's probably one of those PC Pitstop (or PC S***stop as I like to call it). Real engine and signatures, etc, crap AV that will probably harm you more than do any good. I find this part interesting in the article.



Cyren is NOT well known... most people probably don't even know it exist, let alone know if they have used it's engine or not. I've heard of it myself and never actually tested an AV that used it and I have tested every AV. Even the shady ones. (I use the word "every" lightly here, it's impossible for me to know the name of every AV out there, let alone get a hold of it).

It crashes? Well what did you expect from a new company that just popped into existence... will probably test this one myself at some point. I don't trust AV testing groups.

A very eloquent reply!!
Cheers!!

 

[ifacedown]

AV's like Emsisoft have great protection, give you control, but not enough like they used to.

Hello. Why have you said this about Emsisoft? I have always thought that Emsi is improving? Where exactly do they downgrade?

 

[OokamiCreed]

Hello. Why have you said this about Emsisoft? I have always thought that Emsi is improving? Where exactly do they downgrade?

Advanced settings. That is why I said "control".

 

[jamescv7]

Stopzilla, MyFreeAntivirus and others to name it may not always impossible to bring an attention for advertisement; those companies may deny those allegiations but the truth which they hide it and using smoke screen to encourage users.

+ As always badge like Microsoft Silver or Gold partner may become an instrument to notify that users should choose that product, when it fact majority of other AV are already accredited.

 

[Gritsonamission]

Right after I installed Win10, my Edge got a pop up. It said something like, "You're infected. Call windows right away. Here's the number." It wouldn't let me do anything else w/ Edge. So, like a dumb-dumb, I called the number. He didn't even say who I was calling. When I asked, he said he was with Microsoft. He wanted access to my computer. Since I had JUST installed Win10, there was no personal info to be had (I'd backed up to another computer, and wiped everything first), so I gave remote access. He pulled up two reports (I think one was a registry report?), used a bunch of jargon, and tried to tell me that taking my computer to anyone here in town would jun me 4-5 hundred dollars, but for a small fee of 300 bucks, he could fix the problem. He wanted my credit card info. I lied, said I'd have to ask the husband, and got off the phone. He NEVER told me that my Edge would not work, if I didn't get it serviced. So, I work for a couple of hours trying to make the pop up go away (me, with my limited knowledge). I call a friend ('cause life is like a game show ), but he's clueless. The husband is telling me how we'll have to wipe it all, and reinstall. I go in and restore to a previous date, and I'm fine, save having to put a couple files back. I wasn't sure, until now, if it was a scam, but it just didn't feel right. I mean, if ya' want me to trust you and your company, you'll actually answer my questions ("This is just what we do. I get calls like this every day. computer-jargon. Jargon, Jargon... Acronym, Jargon. Reassuring statement."), and you'll speak slower when you state your company name and your own name/ID number--not try to make me feel stupid. I don't want to believe this, but it seems it's happening... [sorry. got a little rant like there... but made my point.]

 

[BSuspicious]

How malware/scam 'security' software can gain access so quickly to new machines speaks very poorly of the MS paradigm. My popup blocking settings in both IE and Firefox hardly seem to do anything. If you are not a computer geek, already, your ability to differentiate legitimate warnings from your own security software, and the bogus junk that infiltrates from even casual web browsing, is likely to be minimal.
Although it takes some initial familiarizing and building your grasp of computer functions, I have built a small set of various anti-malware, all free, which together have saved my machine half a dozen times in two years. MS Security Essentials is the only MS product I use; then, Malwarebytes Anti-Malware, as well as Malwarebytes Anti-Rootkit. You have to manually scan with either, but they will update before a scan; they just aren't going to block active attacks. All are pretty simple and clear to run. Later on, you can try more advanced software, but ONLY after learning from blogsites like this regarding good vs poor options.
You did well by NOT engaging in further dialog with the scammer; lucky he did not get you to do anything real bad, but make sure your passwords are changed, and reset your remote access, as you did suggest he might have gained a means of later accessing your machine even after you restored it.
IF you get another such bogus pop-up, or suspect a problem, 1) disconnect from the internet immediately, to prevent any further compromise; 2) run in sequence, ALL of the security software you have in place, NOT whatever any pop-up tells you to run; 3) follow any instructions if malware is detected (you may briefly reconnect only long enough for the updates if needed). After, especially if malware was found, you may be told to re-boot; definitely do so, as some removal steps won't occur without reboot. Then, re-run all the security software again, to make sure nothing else slipped by.
If things really seem to be getting worse, fast, turn the computer off, unplug it, and contact a competent geek. No one can access a non-running machine, but they might still wake up a dormant one. Good luck.

 

[Gritsonamission]

Thanks a bunch for this advice! I think I will get to changing some passwords, now... Didn't realize they could have left a way to get into my computer for later. I have lots to learn. That's why I'm here.