6 Ways To Identify Microsoft Windows Support Call Scam

Have you ever been a victim of scam calls? If not, then prepare yourself to experience the assault of scam calls claiming to be from Microsoft Windows support – “I’m calling from Microsoft. We’ve had a report from your Internet service provider of serious virus problems from your computer?” After establishing the purpose of the call, the caller makes the first move – offers a free scan, leading to warnings of malware infections and offer technical support – of course, paid assistance of $250 or more.

Kaspersky Lab security researcher, David Jacoby gave seven facts to help the users detect and avoid Microsoft Windows support call scams.

1. “I am calling from Microsoft”

The caller claims to be with Microsoft – through this statement the caller tries to establish credibility. Their prowess to trap people lies not in technical sophistication, rather the attackers relay on their social engineering skills to trick people – smooth talking and cashing on people’s fear, says Jacoby.

2. Windows Errors can be detected easily

Jacoby received a Microsoft scam call, claiming that his PC showed signs of malware infection. In order to establish the claim, the caller asked Jacoby to check numerous error messages in the Windows Event Manager. On viewing the tool, Jacoby realized the event viewer showed error messages, but they were not directly caused by an infection. He explained that these errors occur in the log files, mostly when computer has not been re-installed for a long period of time and is running lots of programs.

3. The art of obtaining unique ID

After making sure that the victim has yielded to the trap, the caller asked Jacoby to carry out a DOS command to reveal the system’s unique ID; so that the caller could verify that it was referencing the correct system, which has been infected with malware. The caller confirmed the license ID by tallying it with ID Jacoby was seeing on his screen. Of course, the two IDs matched; but it was sleight of hand made the two IDs appear the same.

4. The drama begins…

After receiving an “off” response when Jacoby send a DOS command, the caller became all hyper and started screaming. Jacoby recalled the caller was quite upset when his license was not verified, which, according to her meant that no security patches could be installed – thus, asserted Jacoby to allow their technician to directly access his PC – to which he agreed.  

5. Fake cleaning of Malwares

During the call, the remote access tool administrator opened on Jacoby’s PC screen, dating from 2011 – prompting a claim from the caller that the PC has not been since 2011 and advising Jacoby to install security software which will protect his PC against threats of viruses, malware, Trojans and hackers. Jacoby agreed to the caller’s claim and let her install an application “G2AX_customer_downloader_win32_x86” on his PC. After the installation, it was indicated that he had “successfully updated the software license for lifetime."

6. Tricking for your money

The game ends with demand of $250 to be paid via PayPal account, given by the caller to Jacoby. Any other common user would have been fooled into paying this amount for nothing. Jacoby, being a security researcher played along with the caller to obtain phone number and IP address of the caller to inform authorities and get the cyber crime gang busted.

Guest post by James Clark who has been playing with his words and spinning out one informative piece after another on Computer and Internet Monitoring Software along with keyloggers for a while now. His work is about all things technology related, especially when it comes to pcs.