Recently we have recently been inundated with a Windows tech support scam that has been making the rounds on the internet. Generally, we see the same scams regurgitate themselves every 6-18 months and this one is no different.
A window may pop up whilst you are innocently browsing the internet with a bright blue window’s looking notification screen and generally a high-pitched sound notifying you a virus has infected your computer and to call an 1800 number for a Microsoft technician to resolve this infection.
I know many of you may be wise to this scam and close the browser window immediately, or if it has hijacked your browser, by holding your finger on the power button to force restart the computer in order to also resolve this scam.
We have recently received a high number of phone calls from frightened clients who have called the scam 1800 call centre number hoping for a resolution and have inadvertently been tricked into allowing the scam technician into their computer.
Usually, the piercing sound is enough to goad you into calling this number but the best defence to this is knowledge. So we have included a blow-by-blow account of what you may expect from the scam call once you ring them and they gain access to your computer.
The scam Windows technician can be very convincing by playing on your fears and will generally ask for access to your computer to fix the issue for a fee. Once in they will open a Run box by pressing the Windows key and R as a key strategy of the scam. It is intended to show you “errors” in the Security view log in Windows Event Viewer, a useful troubleshooting tool in Windows.
As with any scam, there is a believable aspect to this. Opening Event Viewer > Custom Views > Administrative Events does indeed reveal some serious-looking warnings. The red circles, exclamation marks, and “Error” labels–not to mention yellow “Warning” triangles–look serious.
The scammers present these as infections, but of course, they’re simply log entries. They want to charge you for removing log entries.
Other versions of the scam target different Windows features that may cause alarm to anyone without in-depth knowledge.
Unusually system files are opened in Notepad to demonstrate “corruption”
System services disabled by default on Windows are described as a problem
Command prompt trickery resulting in a malware-related “error message” (programmed by the scammer)
Claiming Windows Registry keys are dangerous
Windows product keys or other licenses are claimed to be out of date
System files regularly subverted or replaced by malware are “shown” to be malicious by referring the victim to legitimate computer security sites describing the vulnerability
Payment for “solving” these “issues” is typically through untraceable gift cards. Refuse to pay, and they lock or otherwise disable your computer.
Finally, they may also install key loggers or malware to record your computer interactions in an effort to gather sensitive data to be used to penetrate our bank accounts or build a false identity.
Although these are rare they are a risk. If you feel you may have been scammed in the past or you find your browser is slow or glitches tend to be occurring on a regular basis then it may be time for a technician to run some specialized scans and look for any breaches.
There are also other security options that may help in your browsing experience but we will get to that in our next newsletter.
If you would like a check-up please contact us at your convenience and safe surfing.
Nathan Wellington