"Hello, I'm calling you from Microsoft Windows Tech Support." "...You sure about that?"
Hopefully, if you get a call from someone claiming to be from ‘Microsoft Windows Tech Support’, you would raise your right eyebrow, and then hang up.
Of course, there are some folks out there who like to seize on the opportunity to have some fun, and string the conversation out to see exactly how much the caller can lie through their teeth.
Unfortunately, there are still a lot of people who believe the call is absolutely genuine, and allow the ‘'representative’ to log onto their machine - falling victim to what is sadly a fairly common hack attack.
The ‘Microsoft Windows’ phone call scam has been around for a good 8 years now. What makes it so successful is that, unfortunately, it prays on the vulnerable – particularly the elderly.
It’s not just phone calls to you either. In the age of mobile phones (where we’ve become dubious of answering a call from an unknown number), cyber criminals have escalated their activities to online pop ups which say you’ve got a virus on your machine, and ask you to call ‘this free number’ so you can be guided as to how to get rid of it. Which plenty of people do actually do.
It’s essentially a manipulative form of social engineering. What happens is that they make you aware that your computer is very much infected by a virus and that you must give them access to your PC in order to install some software to remedy the infection.
In fact, the software will put you out of pocket - often by hundreds of pounds.
Essentially, it’s a numbers game. The hackers spend all day every day on the phone to people, so it is inevitable that they will eventually reach a member of the public who is either not aware of this scam or is too trusting of the caller’s intentions.
Which.co.uk recently asked Microsoft (the actual Microsoft) about the scale of these scam calls. Here’s their response:
- Over a third said the caller tried to sell them something.
- Over a fifth were asked to permit the caller remote access rights to their computer.
- Over a fifth were asked to download some software.
- And 18% were asked outright for credit card information.
Take my 85 year old stepfather for example, who is a very kind and gentle person but who has unfortunately received three of these phone calls in the past 6 months alone.
My stepdad has never even used a computer, never mind owned one. What he does have though, is a wicked sense of humour.
The most recent scam interrupted him having his Sunday Dinner – so we were already off to a bad start. He was instructed to go to a website on his computer which would essentially allow the scammer to have remote access over his computer.
My stepdad asked for help and guidance on how to do this, and made positive noises such as “Mmm hmm” and “Yep, done that” so as to make the scammer think he was following their instructions. He then told the caller that he would be back in a moment…and then proceeded to place the phone handset in his greenhouse and left it there for 20 minutes whilst he finished his Yorkshire pudding.
In all seriousness though, this is why things like RansomWare are on the rise. Because they work often enough to make it worth it.
Plus, the scammers are ‘trained’ not to take no for an answer so they will be very persuasive in trying to convince you that you have a virus on your machine that could be losing you money, which ironically probably isn’t true until the point at which you let them ‘fix’ it.
Speaking of RansomWare, I read about a story recently where one of these scammers got a very nasty taste of their own medicine when the person who they called managed to turn the tables and actually installed the lastest ‘Zepto’ ransomware virus on their machine.
[Zepto is becoming an increasingly popular strategy for hackers – you can read about it in my blog here.]
Just like Naked Security who reported the story, we definitely don’t recommend that you mess around with cyber criminals. If they know your home phone number, who’s to say they don’t know your home address? I wouldn't even advise doing what my stepdad did. Just hang up.
I helped to get my stepdad’s home phone registered on the Telephone Preference Agency, which did see a marked reduction in these calls to the house – more information can be found on their website.
Action Fraud Police UK have some good facts and tips on their website to help raise awareness to those who haven’t had the opportunity to speak to the infamous ‘Microsoft Support’ scammers:
Who is most likely to be affected?
Victim reports assessed by the NFIB indicate that:
- The average age of a victim is 59.
- The average reported loss is £210.
- Anyone who has a home computer connected to the internet can become a victim.
How to protect yourself
- Do not allow remote access to your computer.
- Hang up the phone when you identify that the call is uninvited.
- Never divulge passwords or pin numbers.
- Microsoft, or someone on their behalf, will never call you.
More information on their research and advice and be found on their website: