Q: I received a call today from a male who identified himself as Andrew Allison with Microsoft Security. He told me that “my NT wires” were installed incorrectly and were causing errors across the internet and that he could talk me through the steps needed to correct the problem. Trying to find a way to report this to Microsoft... — Dennis
A: These scam calls started several years ago and they will continue because too many folks are still falling for it.
The sophistication level of this scam continues to fool people, but the bottom line is that Microsoft (or any other legitimate company) will never call you out of the blue to help you with a problem you didn’t know you had.
The closest exception is that your ISP (Internet Service Provider) could send you a warning e-mail if an infected computer is spewing garbage from your home or business via your Internet connection, but even they wouldn’t call you on the phone.
Microsoft is well aware of these scams, but there really isn’t much that they can do to stop it since these scammers pop-up out of thin air on a regular basis and have clever ways to mask who they really are.
In most cases, this is a ‘cold-calling’ technique used by unscrupulous computer service organizations, generally from foreign countries, that are simply trying to con folks out of their money.
They randomly call phone numbers in the US, because they know that virtually everyone they call will have a computer and the odds are pretty good that they have a Windows-based computer.
We are starting to see more variations of this scam that don’t always use Microsoft’s name but the intentions are the same: try to scare you into letting them access your computer to fix it for a fee.
Another of our Facebook friends posted that they got a call from someone claiming to be with ‘PC Trackers’ that gave his name and even a phone number where he could be reached.
They use clever tricks for convincing you that you do have a problem, if they can keep you on the phone long enough (so hang up as quickly as you can!)
They’ll try to convince you by having you run some ‘diagnostics’ yourself as proof.
One tactic is to get the victim to open the Windows Event Viewer, which has a log of any errors that Windows has detected. Unless you just recently installed Windows, your Event Log is bound to show some errors (very normal), which can be made to seem scary to non-technical users.
Another trick is to get you to drop to a command prompt (black background with white text) to check your system ID and run a verify command, which will return the message that ‘verify is off’.
They will then tell you that your computer ID can’t be verified which means your computer hasn’t been able to get Windows updates (which is completely false; the verify command is to verify that data has been written to a drive correctly).
They may even guide you to pull up something that they claim is a system certificate that has a 2011 date, which they will try to convince you means your computer hasn’t been updated since last year.
As you can see, if you follow their instructions, they can easily trick a non-technical victim into believing that their computer really is infected and allow ‘Microsoft’ into their computer remotely to fix it.
Remote service is perfectly fine and safe, but only when you instigate the call for help.