A few weeks ago she received a phone call from a man who said he was from an online PC care company and was ‘calling on behalf of Windows’. He knew her name and title, and said he had been asked to give her a ring to check her computer was virus-free.
Step one in the scam: Identify a non-existent problem
My mother was in front of her computer when he called, so let him talk her through bringing up her Windows event viewer, which showed a number of red exclamation marks and yellow triangles.
A more computer-savvy person would know that these frightening-looking symbols are a perfectly normal record of previous computer problems. But the nice man on the phone was horrified and told her they meant the computer was riddled with viruses and malware.
“He was just so authoritative,” explained my mother. “He really seemed to know what he was doing so I felt very confident following his instructions.”
The man then spent about half an hour talking her through giving his team remote access to her computer before telling her to take a well-earned break and have a cup of tea.
Step two in the scam: Access her computer
While my mother put her feet up for half an hour, the online PC care team went to work. The first thing they did was disable her firewall and all anti-virus software, meaning her machine ran faster than normal but was wide open to attack.
Then, they installed a backdoor Trojan – software that would allow them access to her computer whenever she was online.
Now they could access her PC at any time, perhaps to log bank details or steal personal data, so they were ready to call her back.
Step three in the scam: Demand some cash
Of course, cash in the hand is even better than access to a computer, so the friendly man wanted an upfront payment.
“He said that I no longer needed Norton or any virus protection as his company would now remotely protect my computer. It was running so much faster than before, too, so I agreed to pay him. I didn’t realise it was only running more quickly because he’d disabled all my anti-virus protection.
“The man wanted £147 for two years of service or £212 for three years. At that point, I didn’t have any doubts about his authenticity. Even if I had, they would have been laid to rest by that – surely any scam artist just wants the most money possible, he wouldn’t be giving me options?”
She agreed to pay £212 and attempted to make a payment, which VISA thankfully declined.
The damage they had done
At this point, she called me and we realised that this was a scam. She unplugged her computer, and contacted her bank and credit card provider for new details.
Meanwhile, I called a computer-savvy friend who identified and deleted all the threats.
He said: “They had done a really professional job of infiltrating her PC. The backdoor access they had given themselves would not have shown up with a normal anti-virus scanner. It took me a long time to even identify what they had done and delete it.”
Even after she had told them she knew they were not legitimate, the call centre continued to pester my mother.
“They left voicemails demanding payment for the ‘work’ they had completed and warning of the dire consequences if my computer didn’t have their protection,” she explained.
“After about 20 calls, they must have realised that I wasn’t an easy victim any more and moved on. I feel ridiculous for falling prey to scammers but I never expected that they would contact me by phone or know my name.”
What Microsoft says
Microsoft is aware of this scam and says that it never makes unsolicited phone calls.
Cliff Evans, a security expert with Microsoft UK, said: “We are aware of the online PC care scam involving people claiming to be from Microsoft and needing remote access to consumers PCs. These scams are not new.
“We would like to remind users of Microsoft software that the company does not keep track of consumers that purchase their software and does not directly contact consumers for any reason whatsoever. Do not trust any caller claiming to be from Microsoft and needing access to your home PC.”
What can you do?
Prevention is always better than a cure and so it’s essential to guard against phishing. Be wary of all unsolicited emails and phone calls, and always search the internet to see if there are any similar-sounding scams before you sign up to anything.
Microsoft’s Cliff Evans added “When using a PC that is connected to the internet we also encourage users to download and install legitimate software to guard against viruses, spyware, and other malicious software.”
Always keep a firewall and anti-virus software running on your computer and run updates whenever necessary.
Remember that it’s easy to spot less professional fraudsters, thanks to mis-spelt emails or ludicrous stories, but there are plenty of more sophisticated scammers out there.
Many of the scam companies promising to offer PC support have professional-looking websites, while the people who call you are often friendly, confident and extremely polite. However, always do an internet search of the name of the company calling you to see if they might be involved in fraudulent activities, and be very wary of responding to any unsolicited contact.
For more tips on avoiding identity theft and scams, read our article ‘Stop fraudsters pretending to be you’.