|Hackers pretending to be Microsoft, calling home|
One of my computers began acting differently about a year ago, nothing extraordinary but since it was a work computer I knew it like clockwork and something didn't feel right.
After getting a clean bill of health from all of the major anti-virus scanners and passing various tests I still felt like the computer wasn't right and so I tried some more extreme measures of finding problems and discovered a rootkit, namely a Sinowal virus.
As you know, these have stealth and re-infection capabilities and so cleaning it was difficult, formatting/replacing the hard drive isn't enough. Knowing what I was dealing with however, I managed to clean the system and that's when the phone calls started.
Within a week I received a call from a gentleman with a Russian accent claiming to be from Microsoft and wanting to help me clean the "many error messages we are receiving from your computer". Knowing that Microsoft would not hire a 3rd party company and reveal any of my information to them I politely declined.
Since then I receive about a call per month, though now from a call center somewhere in India, making the same claim. I no longer own the computer, it was dismantled and junked 4 months ago but since they don't know that they keep calling.
I don't know if they want to re-infect the computer or help erase any sign of their virus but the fact that they are using call centers to contact me leads me to believe this was/is a widespread problem so I figured I'd share this story.
- Microsoft will not call your home claiming to be receiving errors!
If you get a random call from someone claiming to work for Microsoft, don't reveal anything more than what is available in the phone book about yourself!
P.S. I know I'm not being randomly targeted by a con-artist trying to peddle security software because the callers have each mentioned something they would only have known if they had access to the computer at one time.
The "call from Microsoft" scam is not relegated just to people who have been infected by something. Often it seems to be a cold call if the media reports are valid.
You were infected for a long time though, so it's possible they have a lot of information about you and you're on a list. I hope that you've taken steps to change passwords and implement multi-factor verification where you can.
That's the first thing I did actually. I either closed accounts I didn't really need or changed passwords/verification etc. It was a time consuming process that I had to do from a new computer in a different location but everything was changed, many things changed repeatedly.
As I mentioned this was a work computer and so there was nothing on it of a truly personal nature nor was it used to shop, bank or pay bills... thankfully. The only thing worse than a nasty virus is a nasty virus with remote call centers harassing you afterward.
I get those calls regularly, I don't even have a windows machine. From what I understand of this scam, they advise you there is a problem, obtain your email address over the phone and talk you into visiting a website. From there they can remotely access your machine. Not sure if they pretend to fix it, or install new payloads. Either way you need to pay with cc before they finish the job.
Someone I know fell for this. From what I can see all she git for her money (£45) was a tracking spyware toolbar on IE and an edit to the host file pointing all google searches to a 4th tier search engine.
These guys used to call me all the time, after the 10th call I started to mess with them acting like a total noob and wasting their time (my browser won't open, click where?, what's the website? It's not loading.. what do i do again?) lol.. I know it's just some dude trying to earn a buck on the other end of the phone but I was getting fed up.
I live in Toronto, Canada and the police here even put out a report about these calls warning people not to get scammed. If you're interest: [cbc.ca...]
I got another call last night. I told the Indian gentleman I worked for Microsoft and that Microsoft would never hire him to contact me. "Sir, this is for not fun" was his response so he knew I didn't work for Microsoft, or didn't care.
I'm on a local do not call list which is obviously not working so I'll see what I can stir up on that front.
Not that I wish anyone else harm but I'm glad I'm not the only one getting these calls. The timing of the Sinowal virus I acquired through a flash app made me that much more uncomfortable. The callers know a little about me which creeps me out.
I got a similar call where the caller said "Hi, I am calling from the internet(!), your computer has lots of errors, we need to look it up". as soon as I asked him "which IP has he got the problem with" he hang up.
My husband got the 'Microsoft' call, on which he replied: "So as you are calling from Microsoft, you know who you are calling, don't you?" The guy replied "no" on which my husband said "I am the Marketing Director of Microsoft UK" (he is not), and the caller just hang up.
I get these 'Microsoft' calls fairly frequently. Sometimes all you have to do is ask their name to get them to hang up.
A report of this scam on a local website today. Unfortunately people are still falling for it.
I have ever had one of these calls but then with caller id on my phone I just let any international or "number unavailable" calls go to voicemail.
I've had these calls frequently. I hung up on one guy and he called me back immediately demanding to know why. For people who are not internet-savvy, these calls are very effective and I've had to explain to several senior friends why they must ignore this stuff. Sadly, a lot of senior citizens seem to fall for this.
|Sadly, a lot of senior citizens seem to fall for this. |
My neighbour got one of these calls. She is in her eighties and doesn't own a computer. She had heard about this scam, though, and for her own amusement she played along for several minutes, claiming problem after problem in following the guys instructions, until the caller accused her of wasting his time! :)
Perhaps wasting as much of their time as possible is the best thing to do, it keeps them from calling others during that time :)
Somehow I doubt they'll call back.