“I am calling you from Windows.”
So goes the opening line of the well-known phone scam, where a person calls purporting to be a help desk technician reaching out to resolve your computer problems. These Windows scammers feed off people’s concerns about data breaches and identity theft to trick them into installing malware onto their machines. The scam has been netting victims for years, despite the fact that none of what the callers say makes sense.
I recently received such a call and decided to play along, to see how the scam evolves and who the players might be. Over a period of three months, I received calls on average of four times a week, from various people, all intent on proving that my computer had been hacked and that they were calling to save the day. I had multiple opportunities to try a variety of conversational gambits and to ask questions of my own. Here is what I found out about the Windows scammer underworld via conversations with “Jake,” “Mary,” “Nancy,” “Greg,” “William,” and others.
The scam’s success hinges on being helpful
The callers are polite, and they sound very earnest, explaining in great detail how hackers can loot your bank accounts, steal your identity, and compromise passwords. They are intent on convincing you the threat is not only real but hackers are already in your system performing all manner of nefarious activities. Your computer has been slow, they say. Or they explain that they have detected suspicious activity emanating from your PC.
“Whenever there is any negative activity going on with your computer, right? We get notified from the license ID of your computer,” said “Nancy.”
The scammers don’t expect you to take it at their word; they are willing to show proof that your computer has been hacked. They instruct you to press the Windows key and R to bring up the Run box on your system, and to enter commands to open Windows Event Viewer. The caller notes how many errors are listed (most of which are harmless) and uses the list as proof the computer is compromised. "Jake" walked me through finding my unique computer ID using the command line.
“Rachel” sounded genuinely horrified when I told her how many errors were in Windows Event Viewer: “This is the worst I’ve ever seen!” I burst out laughing. Needless to say, she hung up immediately.
Once the victim has been convinced there is a problem, the hard part is done. Depending on the scam, the caller tries to talk you into installing remote software, such as TeamViewer or AMMYY, onto your computer, or they direct you to a website to download software that would supposedly fix the problems. The remote control software can be used by the attacker to steal data, download malware, and further compromise the system.
Sign up for CIO Asia eNewsletters.