PC Pitstop is proud to welcome our friends at Windows Secrets as guest contributors. This week, enjoy Woody Leonhard’s article. The weekly Windows Secrets Newsletter brings you essential tips for Windows, applications, and computing on the Internet.
By Woody Leonhard/Windows Secrets
Con artists all over the world are bilking big bucks out of unsuspecting Microsoft customers — including savvy Windows users.
In this new epidemic, the scammers are sophisticated, glib, and oh-so-convincing. Know the warning signs. You may be next.
Inside one con that almost succeeded
Here’s how MP describes his experience:
“I was having a problem with Windows XP and posted an inquiry on one of the [presumed to be] Microsoft support sites. My wife received a call from someone wanting to talk to me about my computer. She gave a time when I would be home. I was expecting a call from my ISP. The call came at the arranged time, but it was not the ISP. The caller said he was working on behalf of Microsoft and directed me to a very convincing website for confirmation of his company and his credentials. The caller knew my name and telephone number.
“We talked about the problems I’ve been having with Windows XP. He said it sounded like a virus. He guided me into Windows XP’s Event Viewer and showed me a number of red and yellow flags for applications and systems, which he said were indicative of a malware attack.
“He offered to get a technician to sort the problem for free and directed me to a website, where I had to enter some contact information and my Windows activation code, from the sticker on my PC. He talked me through the process — we were on the phone for almost an hour at that point — and it all went smoothly until I had to enter some sort of warranty code that I didn’t have. He told me to hang on while he checked with his boss.
“A few minutes later, he was back and gave me the unfortunate news that my free support period had ended. He told me I would have to pay $99 for extended support and directed me to a place on the website to enter my credit card information. I’m not sure why, but I smelled a rat, so I hung up on him.
“The caller knew what he was talking about, knew my name and phone number, knew that I was running Windows XP, and knew that I was having problems. I’m a professional electrical engineer and fully aware of phishing and other scams, but I was nearly taken in.”
MP sent me the address of the site the caller used for a reference. I won’t repeat it here because, to this day, I’m not sure whether it’s a legitimate consulting firm site or whether it exists only to provide a backstory for swindlers.
The site went on to say, “The first point of contact is generally the manufacturer’s tech support. However, as manufacturers and others scale back on in-house technical support to control costs, innovative and entrepreneurial technical support companies are building a robust business of providing help and a sense of security to consumers.”
Then I noticed that the site’s mailing address is in Kolkata and the domain is registered in Jharkhand, India — a long, long way from MP’s stomping grounds.
Robust? You could call it that.
Be aware of tricks of the con artist’s trade
I wish MP’s story were unique, but it isn’t.
How in the world did the con artist take him in? It’s easier than you think.