Filed Under (Editorial, Tips) by dw on 15-01-2015

PhoneScamHave you ever received a call from someone with a heavy Indian accent from Microsoft saying your computer had errors or viruses? The purpose of these telephone calls is to get an easy R500 (or whatever amount they choose) by scaring you into thinking there’s something really wrong with your computer and that they can fix it for you.

These tech support phone scams have been going on for many years and scammers keep on defrauding innocent people if their money because their success ratio is still worth their time and effort. Pensioners and non-technical people are most often victims, as these smooth-tongued Indian operators are very good at blinding you with “technospeak”.

Often the caller’s number will not appear on your phone, a sign that they were using some Voice over IP (VoIP) or such technology that both completely hides their identity and costs them nothing for long distance calls.

This scam is a well-oiled machine which starts off with the alleged Microsoft representative asking you to turn on your computer to perform some checks for errors. They essentially make you open different applications which aren’t typically known by regular users.

Step 1: Scare Tactics

You will be instructed to press the “Windows” and “R” keys together to get to the Windows Run dialog box and then run a command to open up Window’s Event Viewer:

Conveniently, the Event Viewer will always show some warning or error which the scammer can use to instill fear. Often files legitimate files stored in the Windows Prefetch folder will be  called spyware and viruses, but this is a lie, as those Prefetch files are simply used by Windows to launch programs faster. The “System Configuration Utility”, also known as msconfig, will be also used to focus the victim on the status of each Service  to count how many “stopped” ones there are.

Step 2: The “Intervention”

The next step of the scan consists of allowing a remote person to fix these “issues” for the victim. This involves giving the scammer access to your computer using a remote control program like TeamViewer.

The scammers will then perform questionable tasks to “repair” the system, such as installing trials of other legitimate security software, installing malware (including rogue security software) designed to collect the user’s personal information, and deleting the aforementioned files that were previously claimed to be malware.

Step 3: The “Hit”

They then coax the victim into paying for their services or the software designed to “repair” their computer, and in turn, gain access to the victim’s credit card information, which can be used to make additional fraudulent charges. Afterwards, the scammer may also claim that the victim is eligible for a refund, and request the user’s bank account information—which is instead used to steal more money from the victim rather than providing the promised refund.