I've received three of these calls in the last month. The person on the
other end is telling you they represent Microsoft or a similar company
and that your computer is sending out a virus.
It's a scam.
Has your Internet Explorer browser ever crashed while you were
cruising the Web? Of course it has. And you've probably then seen a box
informing you that an error message was being sent to Microsoft.
Pretty impressive that Microsoft would want to fix the problem by having one of its tech people call you at home.
Too impressive, it turns out. Calls being made to computer users from
the "Windows Maintenance Department" or "Microsoft Tech Support" are
actually a scam intended to get you to download some nasty piece of
software or reveal confidential information.
"We do not send unsolicited email messages or make unsolicited phone
calls to request personal or financial information or fix your
computer," Microsoft says. "If you receive an unsolicited call from
someone claiming to be from Microsoft tech support, hang up. We do not
make these kinds of calls."
Ken Slater, 68, of Long Beach, has been getting these calls about once a week for the last few months.
In each case, the caller claims to be with the Windows Maintenance
Department and says an unusually high number of error messages have been
coming from Slater's computer.
Slater, a former computer engineer at Hughes Aircraft, told me he knew from the get-go that something was up.
"Microsoft doesn't look at all those error messages it gets," he said.
"Maybe they use them to improve their products, but they don't respond
individually. It was obvious the callers were up to no good."
Slater's suspicions were confirmed when one of the callers provided
instructions for accessing his computer's events log. This is a listing
of all alerts and warnings generated by the system. They're all real and
they're fairly routine.
It was at this point that Slater hung up. But according to various
accounts of the scam available online, the caller will then try to dupe
the unwary into believing the events log is evidence of a serious
problem, probably a virus infection.
The caller then offers an easy fix. You're instructed to go to a
specific website — Fixonclick123.com crops up frequently — where
software can be downloaded that will kill the virus and save your
computer.
The scam from this point on can work one of two ways. You might be asked
for a credit card number to purchase the virus-killing software.
Needless to say, your credit card number will be used for more than
that.
The other variation of the racket is to offer the virus killer for free.
But the software is in fact a malicious program that will be used to
either take control of your computer or scan its entire contents.
"These con men and women are very good at this," said Matt Bishop,
co-director of the Computer Security Lab at UC Davis. "They take
advantage of the fact that computers are very mysterious to a lot
people."
He said people should keep in mind that no major computer company calls people at home to troubleshoot their machines.
"If you don't know who you're talking to, don't talk to them," Bishop said. "And don't follow any instructions."
Richard Saunders, director of Microsoft's Trustworthy Computing division, echoed this advice.
"Treat callers as you would treat strangers in the street," he said. "Do
not disclose personal or sensitive information to anyone you do not
know."
Saunders added that "this is not the first scam of its kind, and it's unlikely to be the last."
Slater hasn't been able to stop the calls, but he's found some easy ways
to make the scammers go away. For example, whenever he declares that
he's a computer engineer, they immediately hang up.
They also hang up when he says he uses a Mac, or when he says he has no computer in the house.
I wonder what they'd do if, instead of them instructing you to visit a
particular website, you told them you had somewhere for them to go:
FBI.gov.