JustAnswer Blog: Tech Support

You are here

Microsoft scams: Could you become a victim?

Tech scammers are back, as Microsoft scams continue to evolve.

Scammers keep coming up with new ways to fool Internet users with tech scams.

Microsoft scams: Could you become a victim?

By Mary Van Doren on April 10, 2018

Tech support and Microsoft scams are literally evolving before our eyes

It’s one of the oldest and most ubiquitous tech scams out there, but even as this blog is being written, JustAnswer customers are contacting Computer Experts asking whether it’s a legitimate enterprise – or, sadly, what to do now that they’ve fallen for it.

The Microsoft scam or Microsoft virus scam is obviously working for the scammers, and has been since 2009. Microsoft reports that every month, at least three million users of various platforms and software encounter tech support scams.

The original version was a phone call from someone a heavily Anglo Saxon name, like Richard Stevens or Thomas Smith, but speaks with a heavy Indian accent.

According to fact-checking website Snopes.com, the scammers will call and identify themselves as technicians from Microsoft or some related company, such as HP – even Apple.

“I’m calling for Microsoft. We’ve had a report from your internet service provider of serious virus problems from your computer.” (Snopes knows how this goes because the writer had actually gotten one of those calls herself!)

Naturally, dire events are about to happen to you, your children and your unborn grandchildren if you don’t take immediate action. And even more naturally, the caller has just the thing to solve all your problems – for a price. 
 

Will Microsoft ever call you? Absolutely not.
 

And neither will Apple or any other computer-related company. Microsoft itself states categorically:

“Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.”

Nevertheless, the Microsoft scam goes on. In the telephone version of this Microsoft phone call scam, according to Jason Jones, another Computer Expert on Just Answer,

“When they get you on the line, they will try and sell you unneeded software and services or they may just lock your computer and force you to make a payment to them. These people will call you, masquerading as Microsoft techs, HP techs, or some other type of techs. They will then do their best to make you believe that you require their help in the way of remote support, customer support, software support, or something of the like. In the end, if you fall for it, you will be out hundreds of dollars.”

These scammers may try to talk you into installing malicious software that can capture sensitive information from your computer, and they may even try to get your bank information directly from you.

“If you gave the scammer any banking information,” says Jason, “please contact your bank as soon as possible and report the scam so that they can block the payment to them. Also, you may wish to consider contacting your local authorities and reporting this crime, if any payment was made.”

These scammers are both tenacious and ruthless. A JustAnswer customer told Computer Expert ChrisC:

“I have received at least 10 phone calls today from a phone number that comes up as being from Apple, but the people are not from the US and they want $500 to get off my back.”

This customer didn’t even own an Apple product, but the repeated phone calls were wearing him down and he was considering drastic measures.

“After I cussed them out several times, they continue to call. I doubt if my 10-year-old computer is worth more than $50 and my used cell phone cost less than $10, but I wonder if I should just block their calls and get another computer and cell phone.”

ChrisC advised the customer to block the calls and/or to ignore them until the scammers lose interest.

microsoft scam 2

The scarier the warning, the more likely it's a tech scam.


And while many tech-savvy computer users consider it their civic duty to troll the scammers by keeping them on the line for long periods of time, it’s not a good idea 

Jerome Segura, a senior security researcher at anti-malware company Malwarebytes, got such a call, immediately switched the caller to his virtual machine used for his work, set it to record a YouTube video and played along … until the point came at which he deliberately entered false credit card information.

That was when the scammer became angry, took control of Segura's computer and deleted all of the documents there. The scammer then looked for more ways to corrupt the system, heading to Device Manager to delete the Ethernet adapter driver.

Before deleting, he posted "bye a**hole" (sic) in the chat log.  Segura asked the operator who was deleting the files on his computer why the technician called him an a**hole.

A male voice replied, "The technician is always correct. If he is saying that you are something then you must be. He cannot be wrong."
 

New and improved Microsoft scams
 

These days there’s a more recent version of this scam that casts a wider, more efficient net for the scammers: Sending out pop-ups with dire warnings to hundreds of computers at a time.

These messages appear while you’re on the Internet, warn you that you have a virus and shouldn’t log out or shut down your computer, and include fake tech support numbers to call – where, of course, the phone pitch begins. This pop-up will probably be hard to close, so if you get one, the best strategy is to reboot your computer to get rid of it.

And again, this is the advice from Microsoft:

Do not call the number in the pop-up. Microsoft’s error and warning messages never include a phone number.

There’s yet a third way scammers are trying to get to you: According to Microsoft, scammers are now using links in phishing-like emails to lead potential victims to fake tech support sites. 

The new tactic, noticed by Microsoft's Malware Protection Center, marks an evolution in bogus tech support. 

“Recently, we have observed spam campaigns distributing links that lead to tech support scam websites,” writes Microsoft.

These email spam campaigns pretend to come from well-known brands such as LinkedIn and Amazon. The email pretends to be an invoice, canceled order, or social media message that contains dodgy links hidden in seemingly harmless text.

Anti-spam filters in Microsoft Exchange Online Protection (EOP) for Office 365 and in Outlook.com blocked these emails because they bore characteristics of phishing emails. The emails use social engineering techniques—spoofing brands, pretending to be legitimate communications, disguising malicious URLs—employed by phishers to get recipients to click suspicious links.

However, instead of pointing to phishing sites designed to steal credentials, the links lead to those well-used tech support scam websites that use all the tactics noted above to gain access to your information.

“The use of email as an infection vector adds another facet to Microsoft scams, which are widespread. However, tech support scams are not typical email threats. Some tech support scams are carried out with the help of malware like Hicurdismos, which displays a fake BSOD screen  (“blue screen of death”), or Monitnev, which monitors event logs and displays fake error notifications every time an application crashes.”

microsoft scam 3

Macs are not immune to tech scams.


Microsoft also warns that the most widespread tech-support scam malware is known as TechBrolo, which Microsoft calls "support-scam malware on steroids", thanks to its use of a looping dialog box that effectively locks the browser, and an audio file that describes the supposed problem and urges the user to call a support number. 

Microsoft notes that Windows 10, Outlook.com, Edge, and Exchange Online Protection have a number of features that combine to block tech-support scams and threats targeting the inbox. 

Edge can also stop dialog loops by allowing the user to prevent a specific page from creating more pages. Microsoft is also working on a feature for Edge that allows the user to close the browser or specific tabs when this is a popup or dialog message.

There’s even a new tech support scam website that opens your default communication or phone call app, automatically prompting you to call a fake tech support scam hotline.
 

Preventing scams and what to do if you encounter one
 

What should you do if you get or even fall for a Microsoft scam call? Using software that blocks attacks on your computer is a good step. If you see a pop-up or other unsolicited message on your computer, close it or reboot your computer to get rid of it. If your email or phone app is suddenly opened on your device, close it. Never call the phone number in unsolicited messages or when your communication app is opened for you!

Also, never trust an incoming unsolicited phone call, no matter how much information the caller appears to have about you. Do not provide any personal information.

Microsoft provides contact information you can use to report such attacks.

The Microsoft scam is ongoing and evolving – and can even target Mac users – so it pays to be wary at all times of any technical support that you didn’t request. No provider monitors your individual computer for problems unless you invite them to.

Of course, if you have any other questions about Microsoft scams or other tech support scams, the Computer Experts on JustAnswer are always available to help, and can even scan your computer (at your invitation, of course) to check for malware or other damage that may occur after an encounter with a scammer.

Have you rejected or fallen for a Microsoft scam? Please share your experience with us in the comments below.