Today I received a phone call from a person (woman?) with an Indian accent claiming to be with Microsoft. She said that they had received reports from my computer that showed that I had been the victim of “online infections”. These “infections” would need to be dealt with and this cold calling savior was there to rescue me.
Unfortunately for these scammers, I am actually a CompTIA A+ certified computer technician, and I was on to them from the moment they claimed to know something about my computer. Here’s how the scam works, and how to protect yourself.
The “technician” first attempts to console you with their expertise. “You have a problem, but we can help.”
They take a statistical stab in the dark and claim your Windows computer has reported some problems. If you were a Mac or Linux user, you would be of no use to them as they would have just revealed that they know nothing about your particular computer, and they would probably just hang up and call the next potential victim. I happen to be a Windows user, so I am a potential victim.
The next step is to get your computer powered on and you in front of it. If they can get you to feel comfortable with their “knowledge”, then you will start to relinquish your power.
So the next step is to get you to press the “Windows key + R”. This opens a run dialog box.
You are then instructed to type “eventvwr” into the Open line and that will launch your computer’s “Event Viewer”. This is all normal and safe, but here comes the exploit.
In your Event Viewer, there are information logs, warnings, and errors. There are all a fact of life when it comes to owning a PC. Programs crash, power goes out, communications time out, and errors are logged. While an excess of errors could be an indicator of a slow or unstable computer, they never mean that you have “online infections”. In fact, these have nothing to do with your Anti-virus or infections of any kind. Here is what mine looks like:
The fake phone technician uses these normal errors to convince innocent computer users that they have a compromised system. If you concede that these are problematic, the next step is the scary one, they want to take over your computer.
They will point you to a website such as teamviewer.com and have you download the client software and, using it, they will try to get you to hand over the use of your computer to them.
This is the part where I stopped them and told them what the Event Viewer logs meant, and that I was on to their scam, but I suppose the next step would be to install malware, either a keylogger or some fake antivirus designed to con me out of my money.
I hung on to see how far they would go, but if you want to save your own money and time, as well as the integrity of your PC, you should stop them at step one. Just hang up the phone. They actually told me that Norton or McAfee won’t fix this problem, because of the nature of the infections. Talk won’t get you out of this, just hang up the phone.
I think Microsoft and Apple are good companies, but I don’t think they make it a habit of monitoring everyone’s computer and volunteering to help everyone with their computer problems for free.
Bonus nugget:
When having me point my browser to teamviewer.com, they used a phonetic alphabet of sorts. I was told “’t’ as in tango, ‘e’ as in elephant, a as in…Adolf”.
Ahhh, the cultural barrier between low class Indian phone scammers and Americans. Well, the point was conveyed. I hung up before we got to “o as in Osama.”