• 08/06/2012
    12:13 PM
  • Rating: 
    0 votes
    Vote up!
    Vote down!

Microsoft Windows Support Call Scams: 7 Facts

Security researcher turns the tables on a caller peddling fake fixes for malware supposedly infecting his Windows PC.

Have you ever picked up the phone to hear the following: "I'm calling from Microsoft. We've had a report from your Internet service provider of serious virus problems from your computer"? Of course the caller offers to help, offering a free scan, which invariably leads to warnings over mass malware infections, and the offer of paid technical support to assist.

Security professionals know to steer clear of such scams. Since they persist, scammers are apparently tricking sufficient numbers of consumers into forking over their cash--$250 or more, in some cases--to fix the virus infections identified by the caller's in-house technicians. Windows phone scams--targeting PC owners--appear to have begun in earnest in 2008, and been on the rise ever since, according to the Guardian. Meanwhile, their popularity is fueled by "the availability of cheap phone calls and labor in countries like India," according to Which?, a U.K. consumer rights group.

To fight back, many people try to tie up the cold callers on the phone for as long as possible, or even provide them with fake credit card numbers. But after receiving repeat calls, one malware researcher decided to see what exactly the scammers were doing by granting them access to his virtual test machines, which he used to record their activities. "The goal was to find out who they were and exactly what the scam was. Luckily I was able to get hold of information such as their internal IP addresses, the PayPal accounts used to wire money, and the numbers they are calling from," said Kaspersky Lab security researcher David Jacoby in a blog post.

Here are seven facts he learned about the scams.

1. Caller Claims To Be With Microsoft
Microsoft support scams are a type of social engineering attack, which succeeds not through attackers' technical sophistication, but rather by tricking people via smooth talking and playing on their fears. In Jacoby's case, he said the caller pretended to be from a department--non-existent, by the way--at Microsoft that was following up indications that his computer was either broken or had been infected by malware.

2. Windows Errors Easy To Find
To make the case that his PC showed signs of malware infection, Jacoby said the woman who called him instructed him to open the Windows Event Manager, so that he could see numerous error messages which she said indicated that his system had been compromised. "The event viewer does show error messages, but not directly related to an infection," said Jacoby. "Almost all computers have errors in the log files, especially if the computer has not been re-installed lately and is running a lot of programs."

3. Windows Processes Used For Sleight Of Hand
Jacoby said the scammer then instructed him to execute a DOS command to reveal the system's unique ID and allow her to verify that it was referencing the correct--infected--system. The caller then read out the license ID, and asked Jacoby if it matched the ID he was seeing on his screen. It did, but that was because the DOS command he'd run revealed the ID for a file extension that ships on all Windows PCs. The caller then instructed him to run the "verify" DOS command to see if his Windows license could be verified, and said that an "off" setting--which Jacoby saw--would indicate that the license couldn't be verified. But in reality, this setting is only used to "enable/disable operating system verification that data has been written to disc correctly," he said, and has nothing to do with the Windows license.

4. Scammers Wield Drama
But after the second DOS command returned an "off" response, Jacoby said the caller began "screaming 'oh my god!' in my ear, she was super upset that my license was not verified; according to her this meant that no security patches could be installed." After recommending that Jacoby allow her technician to directly access his PC, he agreed. "I was running everything in an empty virtual machine," he said, and found that the organization offering to repair his PC was using free--and on its own, legitimate--remote-administration software known as AMMYY.

5. Remote Access Scans Trigger Falsehoods
While he was still on the phone with the caller, Jacoby watched as the remote access tool administrator--on his PC screen--opened an old certificate, which said that it dated from 2011. At this point, the woman who had called him claimed that his PC hadn't been updated since 2011, and told him that he needed "to install security software which will protect me against viruses, malware, Trojans, hackers, and other things." He agreed, and watched as an application ("G2AX_customer_downloader_win32_x86") was installed and run on his PC, which indicated that he had "successfully updated the software license for lifetime."

6. Social Engineering Tricks The Scammers
After the supposed fix, and with the caller still on the line, Jacoby was given a PayPal account into which he was supposed to pay $250. When the fake credit card data that he supplied to the caller didn't work, he asked the caller to browse to a website where his friend, he said, had left credit card data in plain text. After the caller browsed there, he captured her IP address, disconnected the call, and reviewed which phone numbers the caller had used. "After collecting all the information, I have now contacted all the appropriate people, such as the security team at PayPal [and] various law enforcement agencies with the hope that we can stop these people," said Jacoby.

7. Scammers Avoid Attack Software
To recap, the Microsoft Windows malware phone scam succeeds in part because it's a social engineering attack: Callers tell Windows owners to input a few commands into their PC, then "interpret" the results to highlight how the system is infected with malware. Furthermore, the remote-access tool used by scammers typically doesn't trip any security alarm bells, because such tools can be used for benign purposes, such as actual customer support. "The software that they were using was not malicious in any way, which means that no security software can detect these types of scams," he said.

Jacoby, of course, had a test machine at the ready, which was devoid of any sensitive information. The average business users or consumers, however, typically have some type of sensitive data stored on their PC. In other words: don't try this type of security research at home. "If you ever get a call 'from Microsoft' stating that there are some indications that your computer is broken or infected--please hang up," he said.


re: Microsoft Windows Support Call Scams: 7 Facts

This particular company in India from all indicaitons has added a new twist to their SCAM. If you challenge them get ready for the threats including to distruction of your system to one that advised me they knew where I lived and I should be very careful and I could have an accident or be hurt.

Now I stop ignoring these folks when you threaten my safety or that of my family. The Indial agent who called me was not just rude, he was hostile the mintue I advised him I knew it was a scam. So I think it is time for the government to step in here is they can. For me I will simply have all calls that are private or unknow user blocked.

However it is a very sorry state of events when you don't have the right to your own phone, or safety in your home, and yet these just continue. One day let's hope these callers don't actually do more then threaten.

re: Microsoft Windows Support Call Scams: 7 Facts

I too got a call from a company in India. When I told them to take me off their "list", the man called me a "son of a b***h" and I should go f*** my mom.

re: Microsoft Windows Support Call Scams: 7 Facts

Same here Joey. I got a call on Friday. I knew instantly it was the scam, but I went along with it for a few minutes to see how far I could take it. I finally said "You do realize I know this is one of those scam calls right?" The guy laughed and said "Oh you are a clever (censored)." And added a few more colorful metaphors before hanging up.

They're a classy bunch, yessir!

Tom LaSusa
InformationWeek Community Manager

re: Microsoft Windows Support Call Scams: 7 Facts

Looking for realiable Windows Tech Support? Call 1-855-569-5945 and get the best Windows Support from Microsoft Certified Technicians. Call today for free diagnosis.


Toll Free Number: 1-855-569-5945


For more:

re: Microsoft Windows Support Call Scams: 7 Facts

Has there been any progress made on catching the scumbags?

re: Microsoft Windows Support Call Scams: 7 Facts

I had a similar scenario take place, but I was directed to Microsoft Support through Norton when I called because I was having difficulty removing Norton from my computer. Scary.

re: Microsoft Windows Support Call Scams: 7 Facts

I've been receiving this calls for a couple of days. 


He says he's from the mac users department of microsoft in behalf of the spanish government (I Live in spain) and that they are receiving hundreds of messages from my computer because it's infected. 


THey ask me to install teamviewer (for remote access) and I agree... they go to safari then and install "mackeeper"... this began to sound weird at that moment. 


THen mackeeper shows me , as I was hoping, that I have more than 2000 junk files and files in other idioms that are keeping space from my hard drive. 

Then the indian guy begin to shout "OMG YOU ARE SO INFECTED!! ¿?¿?


I almost laugh and he ask me to open a textedit and he begin to write how badly my computer is infected and that he is going to install updated certificates because IT's illegal to have a computer with outdated certificates. 


I then ask him why do they have my data... and he gets angry, he tells me he is going to install those certificates for my safety and then I stop the teamviewer call. 

He gets very angry and he tells me that he is going to block my computer. 


I tell him "perfect, so I won't work today"   and he insist on blocking my computer saying "ok, wait a second I'm blocking your computer now..." 


I laugh and try to hung the phone but here's the tricky part: I couldn'! they called me, but I was trying to hung the phone call and they were still at the other side. 


Apart from that I'm pretty sure it was a scam. 


Hope this helps someone. 

re: Microsoft Windows Support Call Scams: 7 Facts

JaviQuil, thanks for that story. We'll all be on the lookout for calls like this. How is your computer working now? Do you think there have been any lasting effects from what was remotely installed?

re: Microsoft Windows Support Call Scams: 7 Facts



THey only installed MacKeeper and I was "watching" the whole thing... so I just uninstalled it and that's all. 


My computer is the same as before, it wasn't infected (its a mac for Godshake! :P) and everything is alright. 


The problem here comes when they want to install certificates... but I didn't allow them to. 



re: Microsoft Windows Support Call Scams: 7 Facts

Excellent, I'm glad to hear it. It's good that you were vigilant and paying attention. Even with a Mac, the hackers keep getting more clever ;) And they are really bold, if they call you up pretending to be the Spanish government!

re: Microsoft Windows Support Call Scams: 7 Facts

I was just contacted by one of these spam companies. The caller claimed he was with Windows Tech Support. I kept insisting that he prove to me he was really affiliated with Microsoft, & he was unable to do that. While I was researching him, he asked me to go to his website to see that he was legitimate,, & click the "get support" button. This instantly generated a .exe file download, which I immediately canceled, so it couldn't finish downloading. Bottom line, Tech Support isn't going to call you first, EVER. You have to call them. If you get one of these calls, don't do anything they say, just hang up.

re: Microsoft Windows Support Call Scams: 7 Facts

I just received a call from someone who said he was from Windows Tech Support. He had an accent that sounded East Indian & said I had a virus or bot on my computer, among other things. He mentioned that he'd been notified by my provider. I said I had a good security system, but would check and call him back. I asked for his number. He gave me 315-636-4280 and asked if I'd be calling back using that number. I said, no. I already had a Microsoft Tech Support number and would use that...He hung up immediately.

re: Microsoft Windows Support Call Scams: 7 Facts

Have just received one of these phone calls (here in NW England) Having never heard of this scam, I was obviously a little surprised that Windows Technical Support would take the trouble to contact me directly by phone! However I decided to go along with it out of curiosity if nothing else. All went well until the Indian caller asked me to carry out an exe operation.
When I refused and asked him to email me and prove his ID, he became quite stroppy,and eventually passed me onto his supervisor, who explained that an email woul be sent AFTER.
Insisting on an email FIRST, he eventually replied OK, what isyour email address. At which point I hung up!

But at least I wasted 30 minutes of their time!

re: Microsoft Windows Support Call Scams: 7 Facts

I just had a call from 'John Miller' who claimed to be from Microsoft and warned me of all the dangerous threats etc on my PC. He sounded very Indian and I kept him busy for at least 25 minutes. While he was talking , I decided to Google 'Windows 7 scam' . I decided to let him waste more of his time and after a while I started laughing out loud. I told him 'Nice try' AND then hung up.

re: Microsoft Windows Support Call Scams: 7 Facts

I received a call last week and basically hung up. I received another call tonight and it made me wonder if this really was a scam. I kept asking him how I could be sure this wasn't some scam.I asked him to give me information that he couldn't supply. He kept telling me I needed to hold down the windows key and ther "r" key at the same time. I wouldn't do it and he became extremely rude saying he was just doing his job trying to help me. He finally yelled at me and said if Ididn't want his help then he would just let me continue to have problems with my computer. I told him I wasn't having any problems. He finally hung up on me.

re: Microsoft Windows Support Call Scams: 7 Facts

I live in Toronto, Canada. I just received a call exactly how it was described in this article. I told them I didn't have time to stay on the phone and if I could call them back. They gave me a phone # 416-915-3536. I then called back and when I asked more questions they hang up on me. Next step is to report it to the authorities.

re: Microsoft Windows Support Call Scams: 7 Facts

Hi Glenda -- Great approach, and here's hoping your efforts help the authorities track the scammers down.

re: Microsoft Windows Support Call Scams: 7 Facts

i just received a call from the Indian, saying called from Microsoft and wanted to check any if my computer has crush or anything. she explain all, and manipulate my computer, finally ask me to buy this and that. so Shit she turn off all my firewall, install the team viewer and advance system care and show me the computer scan and problem found and keep saying "o my god". then i said if i have more than a computer might go for the life time cost me 499 dollar. bu ti need to ask my family. i try to turn of the team viewer and she keep putting the cursor away. at last i hung up and check the scam online, phew..............i'm so close.
she said she is going to call back tomorrow for my answer. ooo man if we can do any thing to get these people hung.

re: Microsoft Windows Support Call Scams: 7 Facts

I got a similar call today.....I figured it was what it was ...A scam......So I thought I would have a bit of fun with this Indian guy who barely spoke understandable English. Having been born and raised in Latin America (I also had lived in India for a while) I decided that I would continue my conversation in my equally barely understandable Latino/ English (acted) accent, I asked how he was able to get my home phone number which by the way I was asked to repeat about three times because he had difficulty understanding MY accent he responded saying some gibberish BS that my URL that had appeared on his server and my phone number was attached to it ..(Again his answer was finally understood after having to repeat his question veeery slowly a couple of times).....Then he proceeded to ask if my computer was a Mac or Windows...( not OS) ....This poor idiot's English accent was so bad it was laughable and then of course purposely so was mine......... Sooo after about five minutes of this parody of both asking each other to repeat what we were trying to say to each other .....He hung up so I won out.......

re: Microsoft Windows Support Call Scams: 7 Facts

I had a similar call - not my first. This time I decided to play along. I sat without any computer, but answered his questions as if I did. When he tried to have me bring up the run command, and tell him what I saw there, I said it says "This page is unavailable." He was confused, but tried to help me work through it. He had me bring up the IE window, and directed me to type in the address bar, "www.t(as in Tom)e(as in Edward)" etc., to bring up, then push enter and tell him what I saw. I said "This page cannot be found". They passed me between supervisors, and for the last two, I said I saw these letters: y(as in yes) o(as in owl) etc. I asked him what he thought that could mean? He was silent a minute and then read, "You are an idiot?" I said "That's right. Why don't you guys stop doing these things to people's computers, and go and get a real job!".
He was still silent, so Ijust hung up.

re: Microsoft Windows Support Call Scams: 7 Facts

I was phoned today and informed that my INTEL had malware. The caller convinced me to allow him access to my computer after showing me that my computer had errors and warnings. I became more and more suspicious when he asked me to purchase protection. I ended the call saying I had to leave for work. We were connected for 30 minutes, and a malware program was installed. I unistalled it right away after disconnecting and restarting my computer. Do you think my files have been compromised? Do you have any advice for me?

re: Microsoft Windows Support Call Scams: 7 Facts

the "scammer" said they were based in London, i said o thats nice where abouts then asked for the postcode....... she could not answer this... the phone then went quiet

re: Microsoft Windows Support Call Scams: 7 Facts

I just received the same call! The incoming number was again 222-555-7777 which I knew from a previous call was the same company. I could barely understand the guy.

As I was already in front of my laptop, once I got him to repeat the name of the company, which is Virtual Pc Secure, I had already typed it in and saw all of the comments on this scam. So I acted as if I was entering the info he was giving me, then he was reading this long ID# off... He said this is your computer ID correct? I said no, sorry it isn't... He then became verbally abusive and told me to go "F" myself and hung up!

Is there nothing we can do?

re: Microsoft Windows Support Call Scams: 7 Facts

I've talked to these bozos in the past, and yesterday, they contacted me again - this time with the caller ID blocked. After confusing the caller with questions like "Well, what is 'Windows Computers' - I've never heard of this," I finally decided to go along for a minute and let the man tell me that I had problems with my computer. That's when I told him I wanted to be placed on his company's "Do Not Call" list. As you know, in the US, that will quickly get cooperation and the end of the call, but in this case, I was informed that this would be a very bad idea because of all the horrible things that would happen to my computer if they could not call me back. So I asked to speak to a supervisor in North America and was offered the opportunity to talk with the "senior technician." When I addressed the Do Not Call List with the "senior technician," he told me twice to please take the phone out of my (female anatomy), and finally, that he was going to f*&! me before he snickered and finally hung up. Needless to say, I was pretty taken aback that these jerks had resorted to sexual harassment if they were challenged, but reading through the other comments, I suppose they know little is going to happen to them for their abuse.

I contacted local authorities (active city in a large metro area) and the officers didn't even take a report - just told me not to answer the phone if the caller ID was blocked. Disgusting.

re: Microsoft Windows Support Call Scams: 7 Facts

I don't use caller ID. I have been called repeatedly by these jerks, and yes, I was also told that I would be F%$D by one who claimed to be a terrorist from Pakistan, and that if I did not do what he said my house would go BOOM!  The last call I got from someone who asked me if I had paid.

I did not bother to call the police as I have never found them to be helpful. The NC state attorney general doesn't seem to know what to do about any scam calls at all including the ones to lower my interest rate on my non-existent credit cards.

MICROSOFT sent me to these guys!!!

Recently, I called Microsoft phone support, directly from about my email having a problem. The solution which was figured out later was simply that I needed to empty space in my mail box. But my cousin helped me figure that out. I use, a service they don't offer phone support for.
Anyhow, I wasn't shy to show that I was mind boggled that phone support did not support products they still support... I still don't get that. Regardless, the guy from Microsoft phone support ended up giving me a phone number. He said it was support. But, he said there's no phone support for it at first, so.... What is this?

I called. What a mistake. The guy ran through my computer quickly to show it's being used as a bot and I'm one of the people who has the infamous "Zeus" malware. I needed some guy to come and manually code 7 things or something and it'd cost money of course to get rid of this horrible virus.
I panicked, got the guy off my computer, and scanned several times with several security products, and even grabbed RUBotted to find out I don't have it. 


Phone Call From Microsoft Windows Support stating my computer...

I've been called a couple of times now from some guy with a heavy Indian accent stating that my computer was sending Microsoft error messages and he was calling to fix them.  The first time he called I was a little suspicious right from the beginning.  Then he wanted me to let him use remote desktop to access my PC.  At that point I just hung up the phone.  Then a month later I get a call again.  The first time he forgot to hide his caller ID which is 011 56 42 311 5411 Chillan, Biobio.  He hung up and immediately called me back.  The 2nd time I played along for a little bit and then hung up.  After reading some other posts here I'm quite sure that this is nothing but some kind of scam.  AR

Re: Phone Call From Microsoft Windows Support stating my comp...

hi my friend diont let anyone near your pc at no cost they will wreck your pc plus steal passwords bank details its a costly affair if they call ask then for there name address telephone number mobile number do anything but keep away from your pc .no one from mircosoft or windows will ever phone you about your pc.hope this helps 

migrated vs2008 to vs2013 not working fine

When Inserting/Updating any records on any page, the record will get affected in database. But, after some time the effect of these records disappears from Database. i.e. The records I have inserted gets deleted from Database, and the records I have updated shows previous values. It seems like some process is rolling back these records after Insert/Update operation is performed



Please help urgent

Re: migrated vs2008 to vs2013 not working fine

Hi Satya, I'm sorry your migration is not going well. We'll try to help you, but you may get quicker results by searching on the Microsoft Technet site. Have you tried that? The link is here:

scam callers

do NOT allow any chat with 001 516 453 6886 (USA) this will lead to spy ware and or FALSE clean up expensive/unnecessary kits(bogus) and credit card or paypal charges/access!


windows caller

ive just had a caller stating he was from windows and stated my pc was at risk of malwar attack to make sure my pc was running right he was there to help me as i fell for the scram 6 weeks ago the caller stated he was from mircosoft and i let him into my pc then once in he show me everything that was wrong with my pc then ask for money to put it right he got no money but wreck my pc and lefted in safe mode so i could not use it .this time he was trying is best to get to my p.c because i ask him for his full name and contact number he stated he would give me it when he finish i wasnt having any of it so i said i need to check is infotrmation from windows to make sure who he was he hung up leaving a number on my phone

70-243 Dumps PDF

Pass your IT 70-243 Dumps PDF exam from Examtraning. Get Microsoft certification exams questions from us and prepare your exam well from our top rated study material. For further detail visit our site and fix your exam related all queries.

Click On This URl For Get 70-243 Dump PDF Exams: