Don't let them infect your devices

Microsoft “security expert” phone scam

Telephone scams in which callers claimed to be Microsoft ‘security experts’ offering to fix your computer first surfaced over five years ago. They’re still around and seemingly undergoing something of resurgence. The scammers can’t fix anything they just want your money. It sometime seems that every other major business on the planet has outsourced its service centre to India. Banks, insurance companies, internet service providers, utility companies, even railway ticket booking services. It’s hardly surprising then when you call some company and you’re greeted with a distinctive Indian accent greeting you with ‘Hello I’m David’, or ‘Peter’ or ‘Sonja how can I help you?’ We all know that they’re actually a Deepak, Pradeep or Surita, but we go along with the game. For sure, there’s been a bit of an outbreak in the past when it’s been discovered that customer data has been lifted wholesale – think addresses, credit card numbers and so on – from some of these service centres. There’s usually a lot of noise and then it dies down, as either the company pulls out and brings its call centre operations back to the country of origin or tighter safeguards are put in place.

How to spot the phone scam

Thick accents – a give away

However, the idea of call centres based in India have become so accepted and part of everyday life that if we receive a phone call from someone with a thick Indian accent we almost assume it’s a legitimate call. But often they’re simply telephone scams trying to get some information out of you. One of the most laughable is someone calling claiming to be from a mobile phone company and they’ve got a seriously good deal for you and if you’re interested all you need to do is give them your bank account details to get the ball rolling. Yeah, right, as they say. A good response is to tell them to hold on while you go and dig out your bank account number. Simply place the phone next to a speaker and then crank up the volume to a seriously deafening decibel range. Give it a few minutes, turn down the volume and pick up the phone. There’ll be nobody on the other end. Funny that.

A veneer of legitimacy

However, more recently there has been an upturn in calls emanating from the land of the most ancient of civilizations that are essentially saying you’ve got a bug on your computer and they can fix it. Sounds implausible you think? Well, possibly, but the caller claims to be calling from Microsoft, which does add a veneer of legitimacy for the unwary. If you’re a bit unsure about computers and how they work and are connected via the internet and you think the call could be legitimate then think again. The callers can be quite persuasive and display a level of technical knowledge that is beyond the norm, which just might convince you.

 Final goal of the scam : downloading TeamViewer and transferring money

For example, if you get sucked in the caller will direct you to carry out some instructions that open up Microsoft boxes. In the normal course of computer usage you wouldn’t normally open up these boxes such as Windows Run box and Windows Prefetch files. Trading on ignorance the caller will tell you that what you’re looking at on your computer are signs of viruses and infections. All of this is leading in one direction; to get you to download TeamViewer, a common piece of software that allows someone to remotely access your computer. Do this and a dialogue box will appear and the caller will then typically direct you to the PayPal website where you’ll be asked to make a payment, stumping up several hundred dollars for a lifetime guarantee. If you do, you’ll have been well and truly turned over.

Cold calls – scam variations

The scam has been around for some time with different variations and flavours but it’s essentially the same thing. It’s also well set up with a group of people involved, akin to the boiler room share trading scams. Intriguingly, the people calling you often have names and addresses strongly suggesting they’ve got access to a database. This link gives you a good sense of what happens on a call and it’s also worth reading for the reader’s comments that have all received similar calls, which if anything reveals just how widespread and common the scam is. The scam appears to have been around a while and was first noted in 2009 with a high peak in 2011. But in 2014 it’s still doing the rounds. It may seem obvious to some people, like the email phishing attempts that offer free cash vouchers to shop at ‘ADSA’ (it’s actually ASDA), but if it wasn’t roping in people it wouldn’t still be going.

No “security expert” will call you out of the blue

The thing to keep in mind is that no legitimate ‘security expert’ on the planet, or the rest of the universe for that matter, is going to call you out of the blue and say that you’ve got a bug, virus, or something else on your computer that needs fixing. For starters, how on earth would somebody know this, if they didn’t have access to your computer? Ok, the world may be connected thanks to the internet, but it’s not that connected. Essentially, you’ve got a group of people hammering the phones hoping to find a victim. If you do receive a call from a ‘security expert’ you can simply hang up or if you’re feeling a bit mischievous you could string them along. But not too far. One guy knew what was going on and went as far as downloading TeamViewer to share access to his computer and find out how they operate. He then showed his hand, the scammers got angry and began deleting files on his computer.

Be aware.

Written by Steve Bell

Steve has a background in IT and business journalism and has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies producing content producing. He has a particular focus on IT security and has produced several magazines in this area.

More articles by Steve Bell


  • scam

    24 Jul 2014, 08:41

    well done

Leave a Reply




Please enter the code

Please enter the captcha code!

Security code

Ranked #1 by industry experts

BullGuard Internet Security Cup

Internet Security

Free download
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.