Beware: Windows tech support scammers

Social engineering – the act of manipulating people into giving up confidential information – has long been a threat to businesses. One of the more common social engineering tricks, in terms of IT, is scammers posing as Windows technicians who call Windows users and try to trick them into believing their computers have viruses and that they need to pay to have the problem fixed. Have you had these calls?

These scams have long been a part of the Windows environment. Despite users being fully aware of these attacks, some people still falling into the trap.

These deceptions generally follow the same formula: A person calls you pretending to be from the Windows technical team at Microsoft. The scammer usually tells you that they need to renew their software protection licenses to keep their computer running.

Most of the time, these scammers spread the conversation out over a number of phone calls and emails, the goal being to gain the trust of the user. Once trust is established, or the user seems interested enough, the scammer will offer a seeming sweet deal: They will offer a service that will make your computer run like new, usually for a seemingly reasonable price.

The scammer will then use remote PC support software to show you ‘problems’ your computer is having. They will usually show you the Windows Event Viewer – a part of the OS that shows errors, usually harmless, that your computer has generated. The scammer will then convince the user that these errors are harmful, and if you have paid, they will make it look like they are cleaning your computer.

If you give them your credit card number, you will likely see ridiculous charges, or even have people trying to access your accounts.

What’s being done?
Governments are aware of this increasingly common trend, and some organizations, like the FTC, have taken measures to shut down scammers. This article from ars technica gives a good overview of what exactly the FTC is doing, while another article provides a first-hand account of how the scammers operate.

What can we do?
While action is being taken, these scams are still continuing. From what we can tell, they likely won’t stop in the near future. To ensure you don’t fall prey to this trickery, these five tips should help you identify when an attempted scam is at play:

1. Microsoft doesn’t call people.
2. Windows Event Manager is a log of errors for ALL programs.
3. Microsoft employees will never ask for your passwords.
4. Most of these scammers operate out of call centers in India, but bill from the US.
5. Microsoft employees won’t usually ask you to install software that’s not made by Microsoft.

As a rule of thumb: If you get an unsolicited call about your computers and IT security, it’s likely not genuine. If these criminals provide you with a website, do a quick Google search to see if there have been any scam reports. You can also join the No-Call Registry if you are in the United States. To learn more about these scams, please contact us.