The technician from the "help desk" used Windows Event Viewer, a log of recent, normal operations in the OS, to try to convince Segura that his PC had 127 infected files -- in reality, there were none -- and then pitched a $199 package that included "virus removal" and "computer cleaning" services, as well as a pirated copy of Malwarebytes Anti-Malware Premium.
Support scams like the one Segura uncovered have become more than just irksome, but a plague on computer users everywhere.
One of several fake Windows infection warnings that Malwarebytes uncovered being used by a U.S.-based tech support scam scheme. The Web-based alert was bogus: It showed the same message when viewed on a Mac, which is immune to the malware listed. (Image: Malwarebytes.)
The shakedowns rely on a combination of bald-faced lies, half-truths and pushy sales tactics. Cold callers pose as computer support technicians, most often claiming to be from Microsoft or an approved partner, and try to convince victims that their computer is infected, usually by having them look at a Windows log that typically shows scores of harmless or low-level errors, but have nothing to do with malware. At that point, a frenzied sale pitch starts, as the caller badgers the user into downloading software or letting the "technician" remotely access the PC to "clean" the machine.
The fraudsters charge for their worthless help or sell subscriptions to semi-useless or totally-bogus services, and sometimes install malware on PCs while they control the systems.
Tech support scams became common in 2010, picked up enough steam in 2011 to prompt a real alert from Microsoft about the practice, and in 2012 triggered an investigation by the U.S. Federal Trade Commission (FTC) of six operators, all in India. Last year, the FTC settled with some of the alleged scammers, but even stiff penalties have done nothing to stem the tide.
Microsoft repeated a warning in May, saying the fraud showed "no signs of slowing down." Computerworld constantly receives emails from readers of past news stories about the scams, describing how they either stymied the criminals or were duped out of hundreds of dollars.
"Unfortunately, I was the victim of a recent scam of two men posing as Microsoft Tech Support claiming to be helping me fix my computer," reported Claire in an email yesterday. "They ... tricked me into paying what I thought was 8 but to my horror [it] turned out to be a hell of a lot more deducted from my account."
Unlike Claire, Segura knew what he was getting into. Even so, he purchased the $199 tech support package to document his probe. In a long blog post published Friday, Segura included the emailed receipt, as well as excerpts from his conversation with a technician.
Sign up for CIO Asia eNewsletters.