Microsoft calling? Mind the tech support scammer!
After a long day, there is nothing like sitting down at your computer with a cup of tea to catch up on the news online. But what would you do if you were faced with a pop-up telling you that your computer has a virus and that ‘Microsoft tech support’ is conveniently letting you know?
The solution seems only a quick call away. The popup even conveniently provides you with a toll-free number.
However, it’s the people who are claiming to help you that are about to load your computer full of junk and charge your credit card for the privilege.
What these scams look like
These tech scams can appear in various ways, usually as a popup on your browser or a call on your home phone number. Here’s what to look out for:
Over the phone
Usually calling from places such as India, these scammers target people with lists of active phone numbers usually acquired through public phone books or data breaches.
The scam is simple. Someone calls pretending to be calling from Microsoft, a partner company or even your ISP. They say that they have been receiving reports of malicious software on your system and ask you to give them remote control access of the machine to remove the malware.
Once given remote access, they use tools within Windows that show errors that occur normally to scare you. The tech support scammers then use that fear to sell you software for a massive markup, costing hundreds of dollars. You have absolutely no way of knowing what has been installed and what kind of private information you may have just given away.
We wrote a more detailed explanation with how these scams work when one of our own employees was targeted by one of these tech support scammers.
Microsoft is aware of these scams and states on their website:
“You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.”
Pop-ups
Scammers create websites that claim your system is compromised and to call “Microsoft” at the toll-free number provided.
These scammers pay to reach the top of search engine listings. If you Google ‘tech support online’ looking for a way to fix your computer, you may end up at one of these webpages accidentally. Ranking highly in Google search may be enough to convince you they are a legitimate online tech service, especially if you already believed that you may be infected.
BleepingComputer has previously reported on a particular type of this scam that prevents users from even closing their browser without calling the number on their screen to have the message removed. This kind of scam borders on the edge of ransomware as you feel forced to call and inevitably pay to have your system ‘cleaned.’
Consequences for scammers
Previously a collection of US companies was caught for running this kind of scam by using popups to scare users into calling for tech support and pushing them into purchasing services they didn’t need. CSO Australia reports:
“Charges have been filed against Missouri-registered firms Global Access Technical Support, Global sMind, Source Pundit, Helios Digital Media, and an Indian company, Global Ites Private Limited. Defendants include three individuals who own the firms.”
What you can do
- Ignore pop-ups within your browser that lock up your screen or ask you to call a number to ‘clean your system.’
- If your browser is locked by the popup, move your mouse to the clock in the bottom right-hand corner of your screen and right-click to open the ‘task manager.’ Select your web browser from the list and close the program.
- If you receive phone calls claiming to be tech support, your ISP or Microsoft, simply hang up.
- Report scammers to FTC (USA), ActionFraud (UK), econsumer (global) or your country’s respective national agency for scams and fraud.
- If you have paid for the service offered over the phone, immediately dispute the transaction with your bank and contact a trusted computer technician to remove the software that was installed by the scammer.
- If you gave the scammer your password, make sure to change it on all sites where you use that password.
- Use a reputable anti-malware solution such as Emsisoft Anti-Malware to keep nasty popups out of your browser.
- Spread the word to your friends and family, education will help people to stop falling victim to these scams.
Have a great (scam-free) day!
Emsisoft Enterprise Security + EDR
Robust and proven endpoint security solution for organizations of all sizes. Start free trialOriginally published November 17, 2016, Updated July 8, 2020