Microsoft called saying my PC is infected!
Jul 2, 2012, 3:24 PM | Updated: Jul 3, 2012, 12:39 am
Had a phone call this morning (caller id was 510-943-
3040) telling me that there are problems with my computer
and asking me to turn it on and hook up to the internet.
When I asked for proper authentication, he stated that he
was a Certified Microsoft Technician. I told him I had
extensive experience with computers & the line went dead.
What’s up?
– Roman
This very clever scam is designed to allow cybercriminals
to gain access to your computer for malicious purposes and
has been in play for many years.
If you fall for it, they convince you to allow them to
remote into your computer to ‘fix the problems that they
have detected’ with a heavy emphasis on ‘they’ being
Microsoft.
Often times they will try to convince you that a lot of
your personal information has been exposed on the Internet
(which is why they supposedly know you have been
compromised) and they can remote in to protect you.
If you allow this to happen, they can do just about
anything they want to make you a vulnerable target or in
some cases they pretend to have fixed the problem and ask
you for your credit card number.
This scam became popular about the same time that remote
service became a popular option from legitimate service
companies as a convenient way to solve problems.
In general, getting help from someone you trust via the
Internet is perfectly safe and secure, but the key is who
called who.
Microsoft has never, nor will it ever randomly call users
out of the blue to offer assistance (they are way too busy
helping the millions of people that call them every day).
The only time that you will ever get a call from Microsoft
is if you called them first and generated a case with them
(they always give you a case number so you can always know
it’s them, if they call back).
In the early days, these scam calls came from blocked
numbers, but that always creates an immediate red flag, so
they got more creative.
They figured out that if a phone number comes up on your
caller ID, you are more likely to believe they are from
Microsoft. But, since law enforcement can trace the phone
number if you give it to them, they scammers use a
combination of caller ID spoofing, pay phones, disposable
cell phones or stolen cell numbers to make the call.
If you or anyone you know ever falls for this scam, it is
essential that they take some immediate steps to mitigate
any possible damage that can be done.
The first thing to do is disconnect the computer from the
Internet so that any hidden tracking/key logging programs
can’t send out the information that it has gathered.
The next thing to do is to go to a known clean computer
and change the passcodes for all of your online accounts
in case they were able to scrap your login information.
You will also want to closely watch the activity of any
credit card that you may have given them over the phone as
‘payment for their services’ or call your bank to have the
card reissued.
The final step is to have an experienced technical person
do a complete examination of your computer to uncover any
hidden malicious programs that may have been installed
during the remote session.
If you get this call in the future, just hang up on them
or have fun with them since you know they are scammers.
Start telling them the story of your life from when you
were born and just keep talking until they hang up…it’s
much more satisfying when you get them to hang up on you!