Your phone rings. The caller ID says ‘Windows Support,’ so you answer.
“Hi,” the caller says, giving a name. “I’m calling from Windows support. We’ve been receiving some error messages from your computer.” The caller says he can fix those errors if you give him remote access to your computer. You’re worried, so you agree.
Next, the caller says he needs to download software to your PC to fix the problem. He also requests your credit card number to pay for the software and tech support services.
Sound suspicious? It is. The tactic is commonly known as a ‘Windows support scam’ or ‘tech support scam,’ and anecdotal evidence suggests it’s on the rise.
In October 2012, the Federal Trade Commission (FTC) announced an international crackdown on Windows support scammers. But since then, publications such as Computerworld, Forbes, the San Francisco Chronicle and others have reported that the scam appears to be occurring more frequently.
The Scare Tactics
Windows support scammers succeed too often because they scare their victims into thinking something’s terribly wrong with their computer. The scenario described above is just one of their tactics. Here’s what can happen during a ‘Windows support call.’
• In some cases, the caller ID may say ‘Windows Support’ or it displays a number from area code 425, which serves the Washington state area including Redmond—Microsoft’s headquarters. This doesn’t mean the call is legitimate, however, as scammers often use caller ID spoofing to mask the true phone number from which they’re calling.
• The caller usually identifies himself as being from Microsoft, Dell, Cisco, an Internet Service Provider (ISP), or other known computer/service companies.
• When you ask for proof that the caller has seen error messages from your computer, he may direct you to look at a Windows Event log on your PC. The log typically displays harmless error messages, however, which could look like legitimate problems to less savvy computer users.
• Once they gain your confidence, scammers will try to convince you to pay for their ‘tech support services,’ which may be a one-time fee or a subscription. Not only do you pay for useless tech support, you’re giving your credit card information to a criminal, who may use it for unauthorized charges or sell it to other criminals.
• The software that the caller downloads onto your PC to ‘fix’ it may contain Trojan horse malware designed to steal your online account information and passwords.
Windows Support Scam Variations
If all that weren’t enough, there are other types of tech support scams you should be aware of.
In January, the FTC’s website reported scams in which callers say that if you previously paid for their tech support services, you may be due a refund. They’ll ask if you were happy with their services (chances are, your answer is “no”). Or they’ll explain the company is going out of business. Because you paid for a tech support subscription from them, you’ll get a ‘refund.’ Their motive, of course, is to convince you to give them your credit card or banking information so they can steal your money instead of refunding it.
Separately, tech support scammers have been targeting mobile users, too, though cold calls or online ads, according to PC World. The mobile scam goal is usually to get you to pay for bogus tech support subscriptions of $300 a year, more or less.
There’s also the old ‘scareware’ ploy, in which some websites display bogus pop-up windows or banners telling you that your computer may be infected with spyware or viruses. The goal is to get you to purchase and download fake security software, which could be malware.
What You Can Do About It
Never give strangers remote access to your PC. Microsoft, ISPs and other companies aren’t going to call you out of the blue claiming to have seen errors coming from your computer.
Did you fall for the scam? Ask your credit card company to block or reverse the charges ASAP. You may need to be issued a new credit card.
Scan your PC for viruses, spyware and other malware using your computer’s security software. In worst-case scenarios, you may have to backup your data, reformat your hard drive, and reinstall Windows to be sure you’re rid of any downloaded malware.
Of course, the best step is to be aware of the Windows support scam so you don’t fall for it. Tell friends and family about it, too—especially those who are less savvy about computers and Internet-related scams.