We have received a few too many calls recently from unfortunate customers who have fallen victim to scammers who claim to be working for Microsoft, one of the major banks, or local utility companies.
To make this clear before we go on, Microsoft, Apple, your bank or utility company will never call you asking for personal details or payment card information without solicitation. In the case of the Microsoft scammers, Microsoft employees will never call you out of the blue and offer to fix your computer. If this happens, simply hang up the phone.
So What Happens?
These people work by calling their potential victim, acting as if they are calling from Microsoft, and telling them they have found problems on the victims PC that need to be fixed (Microsoft do not collect the personally identifiable information needed to link a computer to its owner). The scammer will say they can remotely connect to the computer to ‘fix’ any issues for a fee. They will back up their claims by showing you the computers’ event log and pointing out any errors on it. It’s worth noting here that nearly every home-use out-of-the-box PC will show errors in the event log which in most cases are absolutely nothing to worry about.
Once they have convinced their victim, these people will send them to a website such as www.ammyy.com and take remote control of the PC with the promise to remove any viruses, and fix any problems.
It’s probably apparent by now that this is not the case. At best, they will make it look as though they are doing something useful in order to extort a payment from the victim. However these scams have also been used to install Trojan Horse viruses and keyloggers which can be used to control your PC and record what you type. This could leave all of your personal information, such as credit/debit card details, website passwords, and home addresses vulnerable to these con artists. People unfortunately do fall victim to ID theft in this way.
Unsolicited calls purporting to be from a bank or utility company are a bit more straightforward in their dishonesty – they just want your credit/debit card details – they want your money.
How Have They Got My Number Then?
Have you entered your details on a website offering something for nothing? Or have you put your phone number on Facebook? Have you clicked a link from an email or website asking for your info? Cyber criminals use a trove of different methods to scrape the data needed to make these calls. These can range from buying large lists or databases of contact numbers from less than reputable data companies, to scraping sites like Facebook and others, collecting numbers along the way. Another favourite is getting you to fill in an online form with the promise of winning a prize of some sort, or by getting you to sign-in to a fake website disguised to look like a legitimate bank/utility website, effectively getting you to give them your details yourself!
So I’ve Been Targeted – What Do I Do?
Hang up. It’s that simple – you don’t need to engage in conversation, you don’t need to worry about appearing rude – just put the phone down. If they are calling from a company that you do use and you are worried that it is legitimate, you still hang up, and call the company directly using only the number listed on documentation they have sent you in the past.
Microsoft does provide online Live Chat on their website. A few minutes chatting with one of these guys will confirm what has been said in this article.
They Are Persistent!
Yes they are. Unfortunately once you are on one of these contact lists it is impossible to get off of them. However keeping a whistle or personal alarm by the phone soon puts them off! Another way to deal with repeat callers is to tell them the person they need is in another room, and then just leave the phone on the side until the caller gets bored and hangs up.
They’ve Already Got Me…
Sorry to hear that. Fraudulently taking money is a crime, so if they have taken any money, report it to the police. Next ring your Bank and tell them your card has been compromised and get a new one sent out. In some cases, you may get your money back.
If they have connected to your PC, we recommend taking it down to your local PC support company and getting it checked for any unwanted programs, spyware or viruses.
In the future, be very careful where you enter your personal information. Don’t sign in to websites from email links (this is called phishing – more on that coming soon), don’t fill in online forms unless you are absolutely sure that you are on a genuine companies’ genuine website, and don’t put any personal information on social networks. Finally, remember to run regular virus scans and keep your computer software updated.