On this blog, we’ve discussed the ways that scammers can attack your PC, through malicious software, rogue security alerts, phishing attacks and more. But the bad guys have now devised a new vector: the phone. I first learned about this when I heard my parents had received a call that they had been identified as having rogue software on their PC. The caller, who said he was from Microsoft, needed to remote access their PC to resolve the issue. Turns out scammers like these were simply taking the time to prey on potential victims by calling them and masquerading as a representative from a trusted institution to trick them into giving up valuable and personal information. Sometimes, as in my parents’ case and others, they even advise installing a remote access code so scammers will have full access to the PC.
We’ve discovered this telephone scam is aimed at English-speaking countries, including North America and the United Kingdom. The callers pretend to be from Microsoft and try to sell the victim something, direct them to a specific website, asked for remote access, to install software, a credit card number, or run a bogus security scan that showed an infection. The Trustworthy Computing Team conducted a survey of 7,000 people, and found that more than 1,000 people had received calls. Of those 1,000 people, 22 percent of people fell for the scam (234 people total), and 184 of those lost money - on average, more than $800.
You can check out some tips for avoiding phone scams here, but we want to remind you will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes. If someone does call you claiming to be from Microsoft:
It’s a jungle out there! Please remember to question any unsolicited email or call. If the email came from somebody in your contact list but it feels suspicious, here is a great article on recognizing phishing emails. Lastly, always keep your PC protected with antivirus software like Microsoft Security Essentials, which is free or software from one of our partners.
I recieved dozens of those "windows support" calls over the last couple of month. as Aaron_F said previously, it's not just the UK or USA. The spam calls spread over continental europe as well. The UK's TPS,which is supposed to block unsolicited calls is unfortunately uncapable of doing so since its authority is restricted to companies based in UK. The wannabe "windows support" is probably based in india or other asia countries. if you are interested in the telephone numbers they use then you should have a look at www.tellows.co.uk/.../02030515753 . this is only one of a dozen numbers the scammers use to rip people off. if you look at the german or italian tellows domains you'll find evidence of the same scam methods used in the UK and USA.
I hope this sheds further light on the matter and helps to prevent future fraud attempts for the best way to accomplish this is to negate the scammer advantage, namely the people's ignorance.
By the way, I first became aware of the scam after received one of these calls a few months ago. The heavily-accented caller asked for me by name and told me that my computer had "been identified as causing data corruption". I immediately knew this was a lie but didn't hang up because I wanted to see how his scam worked. I asked "If you were able to identify my computer, what is my IP address then?". Of course, he didn't know. Unbelievably, he told me that it was "identified by postal code" (postal code= zip code here in Canada). I played along as if that was perfectly reasonable, but and had to smother the phone's microphone so he wouldn't hear me LoL'ing.
I kept him going for 10+ minutes and he walked me through my Windows Event Viewer, proclaiming that every alert and error was "very bad. very very bad!" and "the source of the data corruption" they'd identified. (me: "Wow!"). He then directed me to the (legit) website 'LogMeIn123.com' and I was given a unique PIN# to enter so that their "technician" could remotely examine my system. No fee would be charged for this service, I was told but if he was able to "fix" the errors, I would be billed. I was also told about their 'annual remote tech support subscription" service, payable in full in advance.
I decided to stop the charade at that point and confronted him as a scammer. He said he was offended and that they provide a legitimate service. Perhaps they do, but the way they get 'customers' is far from legit, as the entire pitch was based on lies and the hope that the person receiving the call is gullible enough to believe them.
I could certainly be wrong but I do not believe that in the vast majority of 'tech support scam' cases the scammers' intention is to steal passwords or credit card info stored on anyone's system or to plant viruses or trojans on anyone's system - I believe all they are interested in is simply (dishonestly) generating 'business' for their quasi-legit remote tech support service. That's not to say there are people out there who have in the past or still are using a similar pitch to do such malicious things, but doing such things is 1) legally more serious; 2) more likely to get them caught by authorities. Simply telling lies to generate cold-call sales and then with permission, remotely installing and running a registry cleanup, disk defrag utility etc and checking and resetting a few basic settings here and there as needed to speed up' your PC and fix the so-called 'corruption' means they make money and have 'happy' customers who don't even know they've been had.
And that leads me back to the Microsoft survey results: surely anyone who is gullible enough to follow the cold-calling professional liar's instructions to the point where they grant remote access to the scammer is also gullible enough to have fallen for other common scams that might have compromised their passwords, bank/financial accounts, and identity information? (ex: the emails that read "Your bank/PayPal account may have been recently compromised. Please click HERE to log in", not keeping their eye on their credit card at the gas station or not noticing that the ATM machine's card slot is a little deeper than normal due to a false face). The survey might have found a correlation but I'm not convinced that the problems were a result of the 'tech support' phone call/interaction.
And lastly, it's hardly surprising to read that 53% of people reported subsequent computer problems - to begin with the 'victim' isn't computer-savvy, the remote tech support probably isn't all that good, computer issues can be intermittent and hard to identify/trace at the best of times, hardware issues can't be resolved online (overheating due to slow/noisy fan, bad memory, faulty mouse perhaps), and perhaps the first 'fix' attempted was just Step#1 of many possible solutions.
But other than that, yeah, the press release and resulting mentions in the media was a good opportunity to inform people of the existence of the scam and to remind people that they can download 'Microsoft Security Essentials 2.0' for free!
Eric, in the Microsoft press release dated June 16th, "Microsoft Survey Reveals Extent of Emerging Internet Phone Scam", the choice of wording used to describe the survey result findings could be said to invite misinterpretation. I see from you blog post that you have access to the raw data totals ("22 percent of people fell for the scam (234 people total), and 184 of those lost money ") - so could I please ask you to post here the other raw numbers?
The press release text in question reads:
"Microsoft surveyed 7,000 computer users in the U.K., Ireland, U.S. and Canada. The survey showed that across all four countries, 15 percent of people had received a call from scammers. In Ireland this rose to 26 percent.
Of those who received a call, 22 percent, or 3 percent of the total survey sample, were deceived into following the scammers’ instructions, which ranged from permitting remote access to their computer and downloading software code provided by the criminals to providing credit card information and making a purchase.
The vast majority (79 percent) of people deceived in this way suffered some sort of financial loss. Seventeen percent said they had money taken from their accounts, 19 percent reported compromised passwords and 17 percent were victims of identity fraud. More than half (53 percent) said they suffered subsequent computer problems."
In the paragraph that starts "The vast majority..", it is clear that 79% of 22% of 15% of 7000 "suffered some sort of financial loss", but what is *not* absolutely clear is whether some or all of the statements and percentage values that follow it relate to:
-a) those same persons who had "suffered some sort of financial loss";
-b) to those who were merely "deceived into following the scammers' instructions"; or
-c) to those who merely "received a call" (from a scammer).
I believe 'b' to be correct for each, but saw a "Consumer Alert" segment on tv last week during the local evening news (the most #1 local news broadcast in Canada in terms of audience size, no less), and the host of the segment told viewers that the percentages stated were "..of those who received a call.."
If we look at the "seventeen percent [who] said they had money taken from their accounts", it could refer to:
-a) 17% of the aforementioned 79% (of 22% of 15% of 7000) who suffered a financial loss [ie: 31 persons]
-b) 17% of the aforementioned 22% (of 15% of 7000) who had merely followed scammers' instructions; [ie: 39 persons]; or
-c) 17% of the aforementioned 15% (of 7000) who had merely received a call [ie: 179 persons].
Similarly, the "19 percent [who] reported compromised passwords" might refer to 44 persons if it is 19% of the 22% who merely followed scammers' instructions, to 200 persons if it was 19% of those who had been called by scammers, or 35 persons if it was 19% of the smaller group of people who "suffered some sort of financial loss".
The sentence "More than half (53 percent) said they suffered subsequent computer problems" seems to confirm to me that it and the statements preceding it was referring to the group of persons who had followed the scammers' instructions, but I would just like to be sure.
Thanks in advance!
Looks like this issue has taken the attention of Microsoft News Center too. It was in the featured stories.
Definitely not just the USA and UK that are prone to these issues. New Zealand has been inundated with these low quality scam artists for the last year. We get one around once per week, and sometimes more. Typically Indian, however, there sounds to be other nationalities involved The calls are typically over VOIP/Skype Taking down information will not help in this case, as local authorities are powerless to prevent foreign nationals being scum.
I typically hang up, but it has become a form of entertainment to string them on as long as possible. Cheap Friday nights entertainment.