Aggressive, persistent Windows tech support scammers continue to stalk consumers
'No signs of slowing down,' says Microsoft of bogus phone calls; Computerworld sees a spike in reports from readers
By Gregg Keizer
Computerworld | May 5, 2014 3:47 PM PT
Scammers posing as Microsoft support technicians continue to work the phones in search of victims, the company said last week, and have, in fact, grown bolder in their tactics.
With enhanced mobility and work flexibility comes increased security risk. Explore the security
And in the last few weeks, Computerworld has seen a spike in the volume of reports from readers who have been targeted by fake support schemes.
"What's really alarming is that this type of scam shows no signs of slowing down," said Kirsten Kliphouse, the Microsoft executive who heads the company's customer service and support group, in a May 2 blog. "Increasingly, we hear via our front-line support team, and even from friends and family, that these scammers are getting bolder, targeting not only individuals but also businesses."
The scams rely on a combination of aggressive sales tactics, lies and half-truths. Cold callers pose as computer support technicians, most often claiming to be from Microsoft, and try to trick victims into believing that their computer is infected, usually by having them look at a Windows log that typically shows scores of harmless or low-level errors. At that point, the sale pitch starts, with the caller trying to convince the consumer or business worker to download software or let the "technician" remotely access the PC.
The fraudsters charge for their worthless "help" or sell subscriptions to useless services, and sometimes install malware on PCs while they have the machines under their control.
These scams became increasing common in 2010, picked up enough steam in 2011 that Microsoft warned Windows users to be on guard, and in October 2012 prompted the U.S. Federal Trade Commission (FTC) to file charges against six operators. Then-FTC chairman Jon Leibowitz said during a news conference announcing the lawsuits that the fraudsters took "scareware to a whole other level of virtual mayhem."
In 2013, the FTC settled with three of the alleged scammers -- in one instance, imposing a $964,000 judgment, in another just $14,000 -- but its investigations, accusations and penalties have done little to stem the tide of calls.
Computerworld has received a steady stream of emails from readers of past news stories about the scams, but the volume of those messages jumped significantly last month. Many knew better than to let the caller into their PC, but simply wanted to tell someone about their experience in the hope of warning others of the danger.
"Got a call last night from India -- I could tell it was a large call center," wrote Kristen H. last month in an email. "I knew immediately that it was a scam but talked to the guy anyway who assured me I had something drastically wrong with my PC. Anyway, when I called him a scammer, he got mad and hung up on me -- I tried to call the number back, but got a message saying the number had been disconnected."
Others also smelled the rat, but were unsure about what to do.
"I received a call yesterday from ... a person claiming to be from Windows technical support," wrote Gwen C. in April. "I would not allow them to go into my computer and told them not to call back. I felt the need to tell someone, perhaps they can be traced. To whom should I report this incident?"
The FTC does offer a way to report telephone-based scams, including computer support fraud, on its website. While the FTC does not pursue individual cases, it said it uses these reports to "help us and our law enforcement partners detect patterns of fraud and abuse."
Some readers related their brushes with scammers even as they wondered whether the call had been on the level.· ...
"He said that I had serious malware and viruses on my PC," wrote Barbara-Anne P. in an email today. "And that I needed to log in while we were talking and he would fix it for me. The call was marked 'unknown caller' [so] I asked him for the number and called back. When I did, someone picked up and mumbled a company name, but it didn't seem convincing. Could you tell me if this is a scam or is it legitimate?"
In her blog post, Microsoft's Kliphouse linked to a page on the company's website that described some of the characteristics of tech support scams, and more importantly, offered up excellent advice, including the catch-all "hang up."
But according to some readers, scammers have become so persistent that even that recommendation isn't fool-proof.
"We have received at least three calls a day for the last few months from phone numbers that appear as 'anonymous' on our caller ID," related Jodi E. last Friday. "I can't believe the level of harassment and the belligerence of these individuals. Knowing it was a bunch of crap, we question them and try to gain more information, asked to be removed from call lists, even went so far to tell them we don't own Windows computers!"
The FTC did not respond to a request for comment on the continued problem of technical support scams.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news forComputerworld . Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed .
His email address firstname.lastname@example.org.