In recent years, there's been a small cottage industry forming around scamming computer users via phone calls. These scammers are almost always after money, and use similar tactics to get it. This article is designed to inform computer users how to look out for these scams and what kinds of methods the scammers use. Before we go any further let me quickly say that if you ever have a technology question, I am here for you. If someone is trying to scare you or a friend or family member about a computer issue, please call me. Remember that I never charge for quick questions over the phone.
In the majority of cases, these scammers use fear to get what they want. They use the fear of viruses, hackers, and piracy to trick their targets into giving them what they want. They'll say things like "we've noticed that your computer is infected and trying to infect other people" or "we can see that your computer is under attack from hackers and we can help you" or "we've been informed that you are running a pirated copy of Microsoft Windows, so you should pay us for the license fee."
If my examples don't sound very convincing, I'll take that as a compliment! Perhaps that means there isn't a side to me that could be a con artist. These outfits are highly skilled in a practice called "social engineering," a skill that allows them to use real world methods and strategies to enter your digital world. They'll talk their way into convincing their mark that they should be trusted, and they can be extremely convincing.
Lets talk about how these scams usually work.
The first step is contact. The scammers will most likely call directly, using a list of public phone numbers or possibly a list obtained from hacked companies. They will do their best to make it seem like they know exactly why they're calling, but in fact they're just assuming that the person they're calling has a Windows computer because most homes do. [side note: this doesn't mean Windows computers are less secure, it just means they're more common so the caller can assume what computer you own]
The second step is to instill fear. They'll say you have viruses or you've been hacked or your Windows isn't legitimate. They'll do their best to convince you to let them connect to your computer remotely and look around, and this is the point of no return. Once they've gotten onto the system all bets are off and they have total control to do as little or as much harm as they want. From here, the most common way the scammer will scare the computer user into thinking there is a problem will be to misrepresent the Windows Event Log. The Event Log is a running list of things happening behind the scenes on the computer. This list is constantly adding things all the times. Most of the time these entries are innocuous reports of things that happened. Other times they're warnings or even errors. The scammer will filter out this list to show only the warnings and errors, making it look like there are lots of things wrong with the system. What they neglect to mention is that these warnings and errors are on everyone's computers. Here is a screenshot of one of my own computers with everything but the errors and warnings filtered out:
Yes, it would be nice of computers ran error-free, but these things happen and unless you're noticing problems on your computer, they usually aren't a concern. Regardless, these scammers don't want to help you with these things, but they look scary, and that's all that matters.
The last step is payment or ransom. If you're lucky, they'll ask for a fee to scan or clean your computer and that'll be it. In other cases, however, they'll lock your computer, sometimes claiming that they have to do it because you're using pirated software and they want you to pay some sort of license fee. This can occasionally be the worst case scenario, because frequently the method they use to lock down the system cannot be circumvented. In some cases, the only choice is to either pay or hope your data is backed up (and we know how important that is, right?).
Please inform your friends and family of this kind of scam. It's very common and can be very effective. I welcome a phone call from anyone who has questions about a call or warning they've received. I never charge for a quick phone call to ask if something is legitimate or not. Please feel free to contact me if you have concerns, and stay safe out there.