Jan. 20, 2015, 10:19 a.m.

The Problem with Implicit Trust

Recently I was involved in a very unnerving experience. And it made me realize that there is a fundamental weakness in some of our layers of protection from Bad Things. In specific, if an implicit trust relationship exists between yourself and someone else, information fed to you by that person will most likely be much less critically scrutinized for malevolence, opening up a loophole for a malicious party to do their Evil Deeds.

I recently tried to register QuickBooks, but it failed with some nondescript error message. Following an unproductive google search, I asked a work colleague to call QuickBooks support and ask them for assistance. A day later I received a response that QuickBooks advised there were some issues in QB 2014 and they would like me to call back. I did not think too much of this at the time, and called Christie at 1-888-700-2789. Initially someone else answered the phone and said she would call me back. She did not, so I called again, and was put through to this Christie. She asked me if she could call me back. That was strange but I agreed. The caller ID showed 000123456 and Anonymous - very strange.

She asked if she could get a remote session on the server, to which I agreed. She used https://www.fastsupport.com/ - an affiliation with Go2Meeting from Citrix - nothing too shady. Once she was on the machine she basically ignored the registration issue I showed her - instead, she went straight to Event Viewer and created a filter to show me many QuickBooks related errors. She insisted that she needed to resolve these errors before QuickBooks can be registered. I countered by stating it made no sense, as registration does not depend on company files. She countered by arguing the 2014 company files will become corrupt if opened in 2015 while there are unresolved errors. I needed to leave for another meeting at this time so I asked her to reschedule this session for the next day. She offered to keep on working by fixing all these errors while I am away. I said, "I don't think so".

Next day she called me, we resumed the online screen sharing session. This time she informed me it would be $199 for the incident. I said I expected this to be resolved under our support agreement with QuickBooks - she said we had no support. But even without receiving payment, she insisted on showing me what she wanted to fix. She went into Uninstall Programs - which I asked her to leave alone. She then went to My Computer and started browsing C:\Program Files (x86) and tried to move that folder somewhere else. It was at this time that I killed her remote access immediately, and asked her if she is really from QuickBooks or if she is a scammer. Needless to say, she dropped the call.

The root of the problem in why it took me more than 30 minutes to figure out she was a scammer, is because I received the number to call from a trusted source. Trust in this case implies someone you implicitly accept would do the right thing when it comes to something like calling QuickBooks support. Since I was the one placing the call, which I received from this trusted source, I had no reason to suspect anything. Coupled with personality traits, trying to be polite, it took 30 minutes to figure out she was not the person I assumed her to be.

The mistake is very human and very hard to avoid, especially as long as you try to trust those around you to do the Right Thing. Without that trust, life is next to impossible, and you will be very lonely and overworked. The moral of this story is to be very vigilant regarding everything, especially assuming some stranger you are communicating with over a remote link is indeed who you think they are.

Or, I guess I could just be very daft and should have seen this immediately. All the signs of a scammer were there:

  1. Suggestions that QuickBooks 2014 has a major issue, that it is unstable and requires additional components to be installed, and that our QuickBooks 2014 company files are at risk - I dismissed this statement from my colleague as typical non technical ignorance and that she misunderstood what QuickBooks really said.
  2. Christie always calling me back, never staying long on the listed number
  3. Showing Event Viewer errors and claiming they need to be fixed - this is classical scammer behaviour
  4. Messing about in locations on your computer where they should not be, avoiding the original reason you called
  5. Not being able to answer your specific questions when you challenge their assessments
  6. Willing to work without having received any payment yet - the trick here is typically to break your system even more so that they HAVE to fix it - at a price.
  7. Offering to continue working on the issues without my presence - this is a BIG no-no for IT support practices.

Also, once I ran a google search for 1-888-700-2789 I found this link: http://intuit-quickbooks-support.com/plan-and-pricing.html which confirmed my suspicions.