ESP Logo
 Elliott Sound Products Scams & Ripoffs 

Scams & Ripoffs #11 - #12

Copyright © 2005 - Rod Elliott (ESP)
Page Created 07 March 2005, Updated April 2018

HomeMain Index HomeSpam, Scam & Security Index HomeMain Scam Index
11.0 - Microsoft (Or Any Local Major/ Minor Telecommunications Provider)

The phone rings, and the voice at the other end says s/he's from Microsoft (or a major ISP (internet service provider) in your region).  Apparently, their servers have detected that your computer has a virus, possibly several, and they want to help you to fix the 'problem'.

You have two choices - either hang up straight away, or you may choose to have some fun at their expense.  Because they know that people are (rightfully) wary, they need a way to convince you that they know the details of your PC.  Of course, you may well be using Linux or a Mac - I've told several 'Microsoft' people that it's odd that they would call me because I use Linux - that always confuses them .  I've also led several on for a while, letting them think they have a live target.  Their ultimate disappointment is almost worth the time spent.

One of the things they will ask you to do is open a command prompt (they will helpfully explain what to do), and type the command 'assoc' at the command line.  A long way down the list is the string they are after - it's actually the association that lets you send a file to a zipped 'folder' (directory), but most people don't know this.  The string itself?  It looks like this ...

	.zfsendtotarget=CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}

In 'Windows-speak', that's a class identifier, and it looks as if it should be unique.  That's exactly what the scammers want you to believe - that it is unique.  At this stage, it doesn't take much imagination to realise that it is common to all Windows-7 machines, and it appears to be the same for Win-8 and Win-10 as well.  I don't propose to go through the whole spiel they will use, and a very simple way to track down a vast amount of info on this particular scam is to run a search of the CLSID shown above (or click the link below).

By telling you the contents of the CLSID string, they hope that you will be convinced that they actually do have information about your PC.  For a laugh, you can always ask them to tell you your machine's IP (internet protocol) address, which is a block of digits that looks something like 222.333.444.555 and uniquely identifies your machine on the Net.  To see your IP address, click What Is My IP Address and the site will show you.  This address is allocated by your ISP when you connect to the Net.  It may change from time to time, but this is normal.  If the scammers really know anything about your machine, they must have this info.  They will tell you that they can't reveal this for 'security reasons' or some such drivel when you ask.  This is not for any security reason (every website you visit must know you IP address so the info can be sent back to your machine).  It's simply because they don't know it - they are scammers, and not very sophisticated.

Note that many IP addresses may now shown in the IPV6 format (e.g. 2001:0db8:85a3:0000:0000:8a2e:0370:7334), which is being rolled out because the 'pool' of V4 IP addresses is pretty much depleted.

Click the class ID CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062} to launch a Google search.  It goes without saying that should you let them have access to your computer (NEVER DOWNLOAD ANYTHING THEY ASK YOU TO ! and NEVER ALLOW REMOTE ACCESS TO YOUR PC !).  You will either end up with a real virus, or you'll be asked to pay for them to 'remove' the virus (one or more) from your machine.  If you don't pay, they may simply 'brick' your PC and you'll lose everything.

While the scammers are generally low-paid call-centre workers, the scam itself is fairly sophisticated.  The scammers will spend a lot of time with you if they think they have a real sucker target.  However, no matter how plausible they sound, neither Microsoft nor any major (or minor) ISP will call people out of the blue to tell them their machine has a virus or any other supposed 'problem'.

12.0 - Trade Mark Fake Invoices

This is a new one (April 2018) that I'd not experienced before.  Most trade mark information is freely available if one knows where to look, and these thieving bastards take advantage.  The 'invoice' shown below offers to renew my trade mark for more than 3 times the actual cost.  Needless to say, they are nothing but stinking scammers, and I have reported them to the ACCC (Australian Competition and Consumer Commission) and IP Australia, the official government registrar for patents and trade marks.

IP-Fraud

If you have a patent or trade mark and you get a similar letter, look at it very carefully to make sure it's the real thing.  This isn't - it's a blatant ripoff.  Beware of these slimy toads and the many like them.  ALWAYS check that the letter comes from the relevant agency (In this case, the Australian Government).  Should anything along similar lines cross your desk, make sure that you alert the relevant authorities so they can update their databases to help protect others from falling victim to this thievery.  Note poor grammar and non-Australian currency descriptor ("The renewal fee for the 10-year is AUD 1350").

This so-called 'AU Intellectual Property Office' is a sham in every significant respect, and they deserve nothing more than our disgust at the blatant attempt to defraud people.  It operates from a small business centre in Victoria (Australia), and does not appear to be a registered company, despite the 'Pty. Ltd.' (proprietary limited).  As expected of slimy toads such as these, they do not appear to be registered for GST, and their website contains little that's actually useful.  They say ...

AU Intellectual Property Office is a full service private company within the intellectual property area.  We provide renewals of trademarks and patents all over the world.  Our staff will be glad to assist you in any IP matter.  Our goal at AU Intellectual Property Office is to protect the IP rights and assets of our clients and to provide the best solutions to maintain their intellectual property rights.

It looks like the entire 'enterprise' was set up purely to scam people who fail to look at invoices closely.  In many cases, invoices are treated as the 'real thing' by many businesses and companies, and an office clerk is unlikely to recognise that it is a fraud and take action.  Quite obviously, when they claim they will protect your IP rights, the sole reason is for them to make a disproportionate profit at the expense of anyone who fails to recognise their correspondence as a scam.  The entire operation looks very low-key and is shonky in the extreme.  This particular degenerate (or degenerates) started 'business' in November 2017, but will hopefully be shut down fairly quickly.

12.1 - Trade Mark Fake Invoices (#2)

This is another new one (May 2018) that's almost identical to the one described above.  This 'new' one demonstrates some fairly spectacular incompetence and outright lack of attention to detail (of any kind).  Strangely, the 'invoice' is printed on good quality paper, but no-one could be bothered spell checking (see 'Regisrtration Date') and the barcode is completely bogus.  I have a barcode reader, and it doesn't register as being valid.  "Patent & Trademark Organisation Pty. Ltd." shows up on the ASIC (Australian Securities & Investments Commission) website, but the address is different from those on the 'invoice' and reply paid envelope (they allegedly reside at three different locations, none of which is likely to be valid).

They are in either Sydney or Melbourne, the address on the 'invoice' shows a Sydney address, their phone number is in Queensland, the FAX number is in Victoria.  A 'whois' search indicates these scumbags are in the US, but in reality they could be anywhere.  The registrar info says that both domains (as described above and here) are located in Phoenix, AZ in the USA, and it's likely that the two are run by the same pack of arse hole(s).

IP-Fraud #2

Absolutely no-one in Australia states an amount (claimed to be) owing in the way seen above (1285 AUD).  At least the previous example used conventional currency in the 'Filing Fees' table, but that also used non-standard currency descriptors elsewhere.  The 'business model' (i.e. thieving pig model) is the same as the previous example - send out an invoice in the hope that someone is silly enough to pay it.

The one thing I don't understand is how these mongrels are permitted to keep operating.  While the way they behave is not specifically illegal (as far as I'm aware), it is obviously designed to be deceptive and to trick people into paying vastly more than necessary to protect their intellectual property.  Because it's deceptive, it contravenes Australian consumer law, and it should be possible to nail the bastards responsible and put them out of business.  They may operate outside of Australia, but they do show Australian postal addresses and business registration.  The latter can be cancelled easily.

They are leeches, they should be prosecuted.  Most are too slippery to pin down (e.g. multiple addresses) and obfuscate their operations to the maximum degree possible, while still trying to appear 'legitimate'.

HomeMain Index HomeSpam, Scam & Security Index HomeMain Scam Index

Copyright Notice. This article, including but not limited to all text and diagrams, may be freely distributed in the interests of helping to prevent fraud, scams and spam.  Please include a link to this page if you use the info elsewhere.  Note that the ESP® logo is the registered trade mark of Elliott Sound Products, and may not be reproduced without permission from Rod Elliott.
Page created and copyright © Jan 2017./ Updated April 2018 (AUIPO scam).