I just received a call, not for the first time, from a call centre located in India. The caller knew my name and used it as if to demonstrate that this was not a cold call. Normally I hang up on this kind of call, but this time I decided to let them roll… This kind of scam is nothing new but it seems to be on the rise and the potential for profit must be great. I want to do my bit for raising awareness with this blog post
The helpful caller identified himself as working for a company called My PC Care and explained that he was a Microsoft Certified Professional. According to this bogus technician there are some pretty nasty files “more dangerous than viruses” doing the rounds, these files were so dangerous, he explained, that some 40% of Microsoft Windows users had “lost their computers”. As a result they were calling “all users of Microsoft Windows” (an ambitious task) to repair the damage before all was lost.
I played along with them and expressed concern that my computer might also fall victim, so the helpful technician began taking me through some entirely bogus “troubleshooting”. In brief I was asked to open the windows Event Viewer. The scammer encouraged me first to look in the Application Log where he was sure I would find several Errors and Warnings. Lo and behold, he was correct. To be honest in all the years I have been involved in IT I have yet to see a Windows PC without errors and warnings in the Event Viewer, but of course these scammers are relying on the unfamiliarity of their victims and hope to scare them and at the same time gain credibility.
The engineer was very insistent that I should not click on or open any of these Error messages because “they are the malicious infections” warning in doom-laden tones that after about two weeks this would “crash my hard drive”. I was then asked to repeat this charade looking through various other Event Viewer logs, each time the dire predictions of impending disaster got worse.
My ever helpful technician-scammer guy suggested that now would be a good time to transfer me to his supervisor so that they could clean up these dangerous files once and for all and I agreed, anxious of course that my computer might be on the edge of silicon Armageddon. Unfortunately my fun was coming to an end, the supervisor wanted me to use the (entirely legitimate and very helpful) service LogMeIn.com to permit their technicians remote access to my computer, at which point they would have been free to do whatever they liked. Of course I had to decline and hang up at that point.
So what is the point of this kind of scam you might ask? Well once you have granted remote access to your computer to a complete stranger, really they are free to do whatever they want install malicious software to steal information, look through modify or copy your personal files or in this case simply pretend to fix some non-existent problem charge you for the pleasure and then sell you a subscription to their services.
The scam seems to have started out in countries where English is a first language, but emboldened by their successes and perhaps hungry for more money it seems the scammers are constantly on the lookout for new targets, expect to see this showing up on a telephone near you soon.
Should you ever receive a call from anyone claiming to know that your PC is infected, or that you are having performance problems, just hang up; it’s a lot less painful than playing along. Remember also, just as a rule of thumb, never confirm anything, even your name, to anyone over the telephone until they have satisfied you of their integrity first.