CSRSS.EXE is NOT a Trojan–Windows help phone scam!

Help me impede the scammers!

image

Quick Disclaimer:  Yes, there IS a virus or trojan that uses the name csrss.exe, BUT……….

There’s a phone scam going on where someone from India calls you up from out of the blue, claiming to be from Microsoft support, responding to your computer problem (which you may or may have not put in a request for help… usually not), then scamming you to give them control of your PC, where they trick you into buying fake warranties for many hundreds of dollars, while also stealing your financial information and all your passwords.  They’ll give you tons of fake evidence that your computer is infected with trojans and viruses.

Part of their success lies in the fact that while they have remote control of your PC (that you were tricked into giving them), they’ll use your PC to Google for csrss.exe then the first link in the search results claims that it is a trojan virus.  IT IS NOT!  csrss.exe is a core part of Windows.  However, it’s likely true that some trojans disguise themselves as csrss.exe.  BUT, 100% of all Windows PCs have a LEGITIMATE file called csrss.exe.  If you have the file, AND YOU DO (if you’re running Windows)!, it does not mean you have a virus or a trojan.  You absolutely have to have this file or your system will not function.

What can you do to help me impede the scammers?

This may sound self serving, admittedly, but I need you to search for csrss.exe on Google and NOT click anything except a link to this page, right here.  That will push this page up in the Google rankings.  Why?  Because when the scammers are pulling up the csrss.exe search in Google on their next victim’s PC, hopefully the victims will see THIS search result and put a stop to the scam.

If it makes you feel better, I’ll even refrain from putting any advertisements in this article.  It’s more important that we stop the scammers than I make a couple cents over a year or so (and yes, if I had an ad on this page, I’d only be getting a few pennies PER YEAR, if anything at all!)

Also, please share this article in whatever form you can to spread the word about the scam and to encourage others to do the same with the search rankings.

Have you received a similar call from these people?

Let us know in the comments.

Thank you for sharing this article.  See this image?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

My Love/Hate Relationship with Amazon.com and a serious flaw in their service

I love Amazon.com.  I love their selection.  I love their prices.  I love their return policies.  I love my Prime membership.  I love their delivery options and prices and speed.

But, Amazon.com has a nasty, horrible flaw.   And it’s horrible on multiple levels.  Let me explain the flaw and then how it’s exacerbated by them:

The Technical Flaw

For the past week or so, I’ve been having trouble logging into my Amazon.com account.   It started with an e-mail message I got that looks exactly like a phishing email message… you know the kind… That warns you that someone might have been messing with your account so they had to lock your account and that you need to click this link in the email to log in to “verify” you account?

Yeah, that’s what I got.  But all the links in the e-mail went to the actual Amazon.com site, which was unusual, because everything else about the e-mail threw up ALL the red flags of a phishing scam, so I simply ignored it.  But, no less than a day later, I started having trouble logging in.  I KNOW my login credentials I was using were correct because they’re stored in LastPass and LastPass is the one that enters them into the form.  Also, the Amazon app on my phone suddenly couldn’t log in either.

So, I went through the “I forgot my password” routine, had some e-mail sent to me with a link to change my password.  I changed it, but I STILL couldn’t log in.  I changed it again and I STILL couldn’t log in.  I changed it again and I STILL couldn’t log in.  I tried the latest, newest PW on my phone and I STILL couldn’t log in.  I tried it from Chrome, from FireFox, from the app on the phone, from Chrome Beta on the phone… all with the same failure.

I called tech support and after an hour and 14 minutes, talking to 2 agents, I was able to confirm (well, I was able to prove to them) that the problem was indeed on their end.

The problem is the CAPTCHA image they’re displaying in my browser for me to read and type in the letters is a DIFFERENT captcha than what their server thinks it sent me.  For example, if the image they send has the text VRB7TC in it, their server THINKS it sent me an image with KFB98RX in it, so when I type the right text, it still thinks it’s wrong.  But, somewhere between 2 to 7 tries, it eventually gets it right.  But if I log out and back in again, I go through the same nightmare.

How do I know it’s a CAPTCHA problem on their end?

Two reasons:

  1. While on tech support, the agent read to me the CAPTCHA text that their server said it sent me.  It was NOTHING like the captcha text on my screen.
  2. The agent finally admitted this is a problem they know about.

They actually willfully make this problem worse

  1. They wasted my time and they wasted two of their agents time by willfully lying to me, giving me the following lies:
    1. It’s my fault for logging in and out so often, causing my account to get locked out (BTW, it was never locked out)
    2. I need to upgrade my browser (I have the latest version of Chrome and FireFox on Linux and Chrome Beta on Android AND their own app on Android (also latest version) failed too).
    3. Told me I need to clear my cache.
    4. Told me it’s because of cookies that I need to delete.
    5. Telling me (I’m a web developer, just so you know) that even though I’m typing in the right password, my browser is sending the wrong one.  (This gets 7 out of 4 Pinocchios… Yes, you read that right).  Yes, I educated them on how this works.
  2. Not admitting early on that this is a known problem.

It gets worse!

After I berated the second level agent that all of his excuses were bullshit and explained in precise detail WHY they were, he finally admitted that this is a KNOWN PROBLEM!  This is AFTER he said he opened a ticket for me.

A KNOWN PROBLEM???  WTF didn’t he tell me that at 1 minute into the call?  Why drag me along for over an hour?

I asked when I should expect it to work for me.  He responded with gibberish and no answer.

I asked again, “When will this be fixed for me”.  He reordered the words of his gibberish with no answer.

I asked a third time, “But when will this be fixed for me?”.  Again, gibberish.

I asked a fourth time, “When will this get fixed for me?”.  This time he said, “Soon.  They’re actively working on it”.

My next obvious question was, “WHEN?”.  Him:  “Soon”.

Me:  “How long have you known about this problem?”

Him:  “Well, it was caused by security updates in your browser”.

Me:  “How long have you known about this problem?”

Him:  “It’s when the browsers made a security change that caused this to start happenning.”

Me:  “How long ago did this start?  I’m concerned that you’re not giving this the attention it needs.”

Him:  “We found out about it in October 2014”

Me:  “WHAT?!?!?!  You’ve known about this for SIX MONTHS?!?!?!?  And it’s STILL not fixed?  This is UNNACCEPTABLE for a company as big as Amazon.  This is CRITICAL and you should have had programmers working on it as a priority one and should have had it fixed on DAY ONE!  This is the CORE of your business!  If we can’t log in, we can’t buy anything!”

The call ended politely and he acknowledged that it was not a good situation, but I was left with ZERO resolution.  Nothing changed.  It’s still broken, and they’re not really going to do anything about it.

THAT’S what’s so insane and inexcusable about it.

Before you shout, “BUT IT WORKS JUST FINE FOR ME!”, let’s make perfectly clear, this is not a global problem.  It happens on some accounts.  Unfortunately, mine is one of them, and they have no idea why and don’t appear to be doing anything about it.

The Silver Lining and tiny shred of hope

The agent told me they are beta testing 2 factor authentication (though the agent didn’t know that’s what it’s called and kept calling it “a way for you to enter a code when logging in”.  After interrogating him, I was able to determine it is actually 2-factor authentication.

He showed me where, on the website, to activate it, but sadly, it was not available to me.  I asked him to add me to the beta.  He said he can’t and that it is just rolling out to random people over a period of time.

If you’re interested, this is where you can find it:

  1. Go to your Account page.
  2. Scroll down to Settings.
  3. Underneath “Forgot your password” and above “1-Click Settings”, there will be a new item.  I don’t know the text, but it will be something like “2 factor authentication”.

 

Amazon 2 factor

If you don’t see it, that means you haven’t been given the roll out of the newer version of their website, and no, you cannot call up and ask to be put on it.  Trust me, I tried.  They can’t do it.

I find it amazing that Amazon could let such a serious flaw go on for half a year (so far).  This is the kind of bug you give top priority to and put programmers on it until it is completely resolved.

See these images?

image

You’ll find actual working versions of them at the top and bottom of this article. Please click the appropriate buttons in it to let your friends know about this article.

Check back later for updates too!