One of my business clients recently had a doozy of a scam experience. I would like to retell it, so you can pull some lessons from it and prevent something like it from happening to you. The spiel is always a bit different, but the concept is the same.
Just imagine that you are working on your computer, and out of the blue a loud annoying noise erupts from it, or a digital voice screams, “Your computer is infected. Contact Microsoft via phone number on the screen!” The screen displays blaring messages with threats such as, “You violated copyright by downloading/watching videos or pornography,” or “Your system has been hacked,” or shows lists of “Viruses and threats currently on your system.”
The copyright one usually displays FBI warnings. The others show legit-looking Microsoft websites or logos of security companies such as McAfee and Symantec. The goal of these fake threats is to create authenticity and to trick you into calling the displayed “support phone number.” In addition, the screen may be locked, so you can’t close it or get away from it.
You might think, “I’ve had some problems here and there, and Microsoft is really trying to help!” Wrong. This is a scam!
Unfortunately, my client called the number. So far, no real harm was done, except that his caller ID and number might land on a list of easy victims, and he might get annoying phone calls.
After some persuasive conversation about the “threats on your computer,” the supposed “Microsoft” guy asks you to let him into your computer remotely in order to fix the problem or further diagnose it. Once in, he moves the cursor on your screen and tries to overwhelm you with lots of techy jargon about the issues on your computer. I have seen multiple cases where they list a command that shows “foreign addresses” and the “state” as “established.”
The “tech support” guy argues that this is proof of intrusion and “you need to act now!” He’s counting on you being scared enough to fall for his spiel. At this point, he offers to fix it, for just $300 (though I have seen as much as $1,200) and maybe he’ll throw in an “antivirus protection subscription with lifetime support and more.”
Now the “tech support” guy asks for your credit card information, does some unnecessary remote stuff on your computer, and leaves an icon on the desktop so you can contact them again later (however, if you do, you’ll probably find that this number is disconnected). If you have second thoughts later that day, you can try to block the transaction from your credit card account. Due to this possibility, many scammers now ask to be paid with money orders or gift cards, which you cannot undo.
Going back to my original scam story, it had an ugly new twist, in which the scammer kept the victim isolated. The “tech support” guy told him, “Good that you called us, we will help you. Your system has been hacked, but we will track this person down. First of all, do not contact anyone, via email, text or phone. The hacker is watching every move you make online, and we don’t want him warned off.”
So, my client did not contact anyone, but stayed on the phone with this “tech support” guy. On the screen that showed the “established” “foreign addresses,” the scammer pointed out the website name “pornhub.com,” and that this website is involved or was the trigger for the hack. The scammer kept him updated saying, “We’ve located the hacker within five miles of your office. Stand by and we’ll catch him.”
To make a long story short, the scammer connected the call to someone masquerading as a bank manager of our client’s bank, who explained that “pornhub.com” would deduct $8,000 from the client’s bank account unless he takes $8,000 off his account and pays it to the “bank person” on the phone “via money orders which you can get from Walmart and/or Target.”
This, finally, was the point where my client got suspicious. Luckily, the co-owner had just returned to their office. He quickly assessed the situation, turned off the computer, unplugged the router, and hung up the phone.
In the aftermath, all bank accounts had to be closed, passwords had to be changed, and the computer needed a thorough cleaning to remove all traces left from this experience and prevent further damage.
A variation of this scam is a cold call from “Microsoft” or an “affiliate,” in which the person on the phone tells you something like “we know that your computer is having issues,” and tries to convince you to give him access to your computer.
But Microsoft does not call its clients out of the blue! Also, just because a caller ID says Microsoft, doesn’t mean that it’s really from Microsoft. You can initiate another version by Googling something along the lines of “Comcast support” and calling a bogus support number, planted by scammers. Fortunately, Google has lately gotten better at listing the correct phone numbers on the first results page.
Sadly, I often see evidence of fake tech support left on systems brought in to us for diagnosis. When asked about the “tech support” screen icon, they thought it was a safety guard for their computer. They paid and have been had.
So, what to do when you get that scary screen on your computer? Shut down the computer by pushing the power button briefly. If this does not work, push it for five seconds and the computer will shut down. Turn it on again, and maybe the message will stay away. (But there’s no guaranteeand pushing the power button for five seconds to shut down the computer might create some boot issues and data loss.)
If this doesn’t work, call your local computer specialist for help. Remember to never let an unknown tech person log onto your computer remotely. Would you let a stranger into your bedroom to rummage through your drawers? And please share these tips with your friends, so more become aware of such scam tactics and resist.
Klaus Fuechsel founded Warrenton’s Dok Klaus Computer Care in 2002 and is known for his German-American humor and computer house calls. He and his award-winning tech team work hard to save data and solve their clients’ computer cases. Any questions? Ask the Dok at 540-428-2376 or go to www.dokklaus.com