If you receive a phone call from a security 'expert' offering to fix your PC - it's a scam. Here's how to avoid the 'Microsoft phone scam', and what to do if you fear you have fallen victim to it. See all PC security advice.
We're still getting reports in our Tech Helproom that people are falling victim to the Microsoft Phone Scam
Recently I was asked to comment on a news story by a local TV station. There's nothing particularly unusual about that, but it struck me that this particular 'news' story was anything but new. It was in relation to a scam commonly known as the 'Microsoft phone scam'. This is something as a misnomer, as Microsoft has nothing to do with it, but the software giant's name is used by criminals in order to solicit money. Visit Security Advisor.
A quick check on Google Insights for Search shows that the term 'Microsoft phone scam' first became popular in mid 2009, and peaked in September 2011. But the scam is still around, and my recent televisual experience suggests lots of people are being caught out. So here is how to avoid the 'Microsoft phone scam' in the first place, and what to do if you are a victim.
Microsoft phone scam: how it works
Scammers calls you, and asks for you by name. They say they are a computer security expert from Microsoft (or another legitimate tech company). The 'security expert' is plausible and polite, but officious. They say that your PC or laptop has been infected with malware, and that they can help you solve the problem. What happens now depends on the particular strain of scam with which you have been targeted.
Some crooks will ask you to give them remote access to your PC or laptop, and then use the access to harness your personal data. Others get you to download malware that will do that task for you. A more straightforward scam is to simply ask for money in return for a lifetime of 'protection' from the malware they pretend is on your machine.
Here's the important bit: no legitimate IT security pro is ever going to call you in this way. For one thing, they can't tell that your PC is infected. They've got your name from the phone book, or any one of the thousands of marketing lists on which your details probably reside. They know nothing about your home computing set up - it's a fishing trip to see if they can hook some low-hanging fruit (forgive the torturous mixed metaphors).
Basically, somebody is sitting in a room calling number after number hoping to find a victim. It's not personal, but it is ultimately dangerous to your financial and technological health.
Microsoft phone scam: what to do if you are called
1. Number one: put the phone down. Get rid of the caller and move on with your life. It is not a legitimate call.
2. During your conversation, don't provide any personal information. This is a good rule for any unsolicited call. And certainly never hand over your credit card or bank details. Just don't do it.
3. If you've got this far, we can only reiterate point number 1: get off the phone. But whatever you do don't allow a stranger to guide you to a certain webpage, or instruct you to change a setting on your PC or download software.
4. If possible get the caller's details. You should certainly report any instance of this scam to the police.
5. Finally, change any passwords and usernames that could plausibly have been compromised, and run a scan with up-to-date security software. Then ensure that your firewall and antivirus are up to date and protecting your PC.
Microsoft phone scam: what to do if you have been a victim
First of all don't beat yourself up. This could happen to anyone (and does). First of all, you need to change all the personal data that you can change. As much as you might like to you can't change your date of birth, and changing your name and address seems extreme. But you can change all your passwords and usernames, starting with your main email account and any bank and credit card logins. Also, contact your bank to ask them to be on the look out for anything dodgy.
Again, use up-to-date security software to scan and cleanse your PC, and if the scammer did get you to do something to your PC using System Restore to roll back the settings is always a good idea. And tell the police. If you have lost money, it's possible your credit card company or contents insurance will cover the loss.
Microsoft phone scam: me talking about it on local TV
For flavour, you know? (Don't have nightmares.)
See all How to articles. Get free tech support in the Helproom Forum.
Visit Windows 7 Advisor for more Windows advice. Or email our Helproom Editor for bespoke advice.
Comments
Kann said: it is disturbing if somebody tells you on the phone that you have lots of viruses on your computer and that you need help I gave them my code and they showed me the problem Whilst they were talking to me they loaded down their security system and after that they asked me to pay 19900 for a virus free period of 9 years Unfortunately I gave them my credit card number they put a lot of pressure onAt night I thought about it and I called the police
Juniper said: My dad was unfortunately a victim of this fraud - he is far more trusting than me and as the people seemed very professional with a proper website he thought it was okay They called him saying they were affiliated with Microsoft called Onlinetechguys They managed to swindle 150 out of him plus the extra money it took to check out his computer once Id told him it was a scam I told him to contact his bank straight away which he did It left my dad not only out of pocket but a little ashamed at being taken for a ride These people need to be stopped and their website needs to be forcibly removed
pacoll said: Idiot I know but I was scammed last November so far I havent seen any suspicious activity I received a call today claiming to be from the Microsoft legal department saying the money I paid is going to be refunded and wanting me to go to a web site to fill out a form I was rather suspicious especially when my ISP flagged the site up as having a possible virus That was the point at which I ended the call should have done it sooner
ibivi said: So far I havent seen anything that looks like a takeover or that theyre using my data Still it is disturbing because I accepted that they were from Microsoft and let them into my system Microsoft doesnt call its customers ever
mk19 said: Nice one my blood is boiling thinking of these damn scammers I really hope they all get whats coming to them
mk19 said: exact same scenario with me pal im worried if they mite have taken stuff from the computer I am really hoping that was not part of their plan
mk19 said: good one
mk19 said: Similar thing with me They claimed they were the Sky Broadband Team and it felt so real because my Broadband was really bad at the time I gave them remote access and showed me files that were corrupt i still believed it They then passed it on to another technician who asked for my email address and what bank card that I am going to use to pay for the antivirus software By this time I woke up and realised something dodgy was happening and I insisted I couldnt pay for a while the other guy did not respond I panicked and I hung up the phone and shut down my computer immediately When restarting the computer my computer was automatically deleting the corrupt files that I believe the fraud put on my computer I then restored the computer settings to an earlier date and I scanned my whole computer with Norton anti-virus My computer seems to be working fine and Norton has not found anything yet I am still worried if they may have taken files from my computer and I would love some advice and reassurance
laughaminute said: Just had a call from Indian man telling me my computer has been identified by Microsoft as under attack from hackers and cyber criminals he wanted me to check my computer license number he would give me the number he had and then show me how to check it to make sure its the same on my computer I had already started thinking this is a scam he asked me you use windows i said yes which windows do you have sir Double glazing i said and put the phone down
Vernon_SE_BNP said: BT have a new phone out that blocks calls with no caller ID or no numberit guarantees to block 80 of unwanted calls most of which are scams of some sort l bought one and so far the results are very good the phone is model No BT 6500
Vernon_SE_BNP said: I got one of those calls and l said that the house owners were out and that I was just burgling the place--the result was they slammed phone down--lol
ibivi said: This happened to me yesterday They claim they are from Microsoft and they have received reports of infections in my computer They then told me that they would me show all the viruses and applied a program so that they could access my computer I gave them the code and they showed me a whole list items which they said were Trojan horse virusesworms They told me my computer would crash completely if I didnt get them cleared out soon and that outsiders were controlling my computer They told me my protection program was ineffective against such attacks The item dates were very recent and I suspect that they loaded them into my system somehow during the conversation I got suspicious when they said the cost of protection Then sure enough he started telling me about their service and the yearly fees or lifetime service I told him I would think about it and ended the call So this whole demonstration was a scam I told him to send me the details by email Guess what I havent received an email
Kerry said: I am in South Africa and they have called me several times over the last year and a half I keep telling them where to stick it but they just keep calling me back I just received another call now and after I told him that I know this is a scam he told me to get away from here -D Another time when I asked the lady to give me her number so I could call her back she hung up on me Then another time when I asked the guy for his number to call me back he refused and said how can he trust that I would call him back Seriously these calls are becoming very annoying now
Wendy said: received a security call and the person gave me their Toronto Ontario phone number 416-915-3536 I returned his call and the same person picked up the phone without saying a business namehe then hung up
carlo said: Yep it going a round again please beware
stonecold68 said: SameFirst time they rang I pretended to not understand their englishthey hung upSecond time I got sucked amp not sure howim usually pretty vigilant amp couldnt believe anyone would be actually monitoring my pc conditionBut instead of getting any money out of me after reiterating to them at least half a dozen times that I have no money for them they seriously attempted to damage my pc via remote access and told me they were doing soAt that moment I pulled the plug before they did damage while hanging up at same timeMy advice if they manage to access your machine remotelypower off cpu restart in safe mode and run system restoreNo problem
L_mcnicoll said: ive had a call tonight asking me by name about my computer the caller said i was being hacked amp he could talk me through protecing my computer i was asked to turn on my laptop at which point i felt uneasy amp told him to ring back
Yammaniow said: I ask what versioj of windows am I running Cnfuses the hell out of them just before blowing a shrill whistle loudly downphone
Randyabressler said: They have tried several times over the past ten days On one occasion I told them I dont own a computer- they were baffled On another I told them that I would offer to fix their computers for a reasonable feeI have also asked them for the the company headquarters address- they asked me why I needed their address which I replied why do you need mine I have asked them for their personal phone but they said that they dont like be called at home- to which I responded- neither do I
osmanager said: My elderly dad was scammed a year ago and paid for a service which involved downloading free malwarebytes and changing his home web page to their site which went dead after a few weeks This cost him 250 They then had the cheek to ring back next year to renew his contract but he had wised up or so I thought He then got a call from the Fraud Office who wanted to track those who where using his computer to commit fraud He did not know what to do and rang me close to tears As he is with Talk Talk I looked at there site to see how they deal with crankcalls and found you can enter a four digit number while they are on to phone to initiate a trace on the call and if the same number is used they will pass this on to the police I said to him that when they rang back which he had crazily agreed to to tell them he was initiating a trace and see what they did Weirdly they hung upHope this helps others