Home > Piles in my office > Phone Scam Warning

Phone Scam Warning

I got a phone call this afternoon claiming to be from microsoft and saying that a lot of users have  a virus and he was calling to help me fix it.  After a little bit I started thinking it was a scam, so I played along while this Indian voice told me to bring up the “run” box on Windows and go to system review.  I went to some screen that had a whole bunch of “warning” messages, which the guy claimed was a virus that was multiplying on my computer.  Then he directed me to a website, where I realized they were either going to have access to my computer, or they were going to have me pay to download something, or both, and at that point I hung up.  Pretty early on I started thinking that if Microsoft had given me a program that was going to ruin my computer with viruses they would probably make sure to fix the problem for free.

Anyway, sure enough, this scam has been going on for a couple of years.  If you get a phone call like this, now you can save yourself five or ten minutes and just hang up immediately.


Virus phone scam being run from call centres in India

Britons targeted by cold callers pretending to be from Microsoft phoning to fix a fake computer problem

Beware cold callers – especially those claiming your computer has a virus. Photograph: Corbis

The scam always starts the same way: the phone rings at someone’s home, and the caller – usually with an Indian accent – asks for the householder, quoting their name and address before saying “I’m calling for Microsoft. We’ve had a report from your internet service provider of serious virus problems from your computer.”

Dire forecasts are made that if the problem is not solved, the computer will become unusable.

The puzzled owner is then directed to their computer, and asked to open a program called “Windows Event Viewer”. Its contents are, to the average user, worrying: they look like a long list of errors, some labelled “critical”. “Yes, that’s it,” says the caller. “Now let me guide you through the steps to fixing it.”

The computer owner is directed to a website and told to download a program that hands over remote control of the computer, and the caller “installs” various “fixes” for the problem. And then it’s time to pay a fee: £185 for a “subscription” to the “preventative service”.

The only catch: there was never anything wrong with the computer, the caller is not working for Microsoft or the internet service provider, and the owner has given a complete stranger access to every piece of data on their machine.

An investigation by the Guardian has established that this scam, which has been going on quietly since 2008 but has abruptly grown in scale this year, is being run from call centres based in Kolkata, by teams believed to have access to sales databases from computer and software companies.

Matt, a Londoner who has recently set up his own company, had just arrived home at 7pm when the phone rang and someone with an Indian accent asked for him by name, quoting his address. “It’s Windows tech support here,” said the caller. “We have reason to believe that there’s a problem with your computer. There have been downloads of malware and spyware, and they’re slowing down your computer.”

He went along with the caller’s demands to log into a website and enter a six-digit code into his computer. “I thought it was a new service from [Microsoft] Windows,” he said. “I could see them moving the cursor about. It took about half an hour.”

The caller could not have obtained Matt’s name via HP or PC World, where he bought the machine, because he gave his business address, not his home address, during the purchase.

This suggests that the caller was using the phonebook to find names. Patrick McCarthy, who lives in Dublin, received a call from one of the companies – but they addressed him by the name of the apartment block where he lives instead of his own name, a longstanding error in the Irish phone book.

Often, the victims are inexperienced or elderly, convinced by the apparent authority of the callers and the worrying contents of the Event Viewer. In fact, such “errors” are not indicative of any problems.

Investigators who have spoken to the Guardian on condition of anonymity say that one man, based in the city of Kota in Rajasthan, is behind the centres running the scams.

He has provided fake documentation to a number of payment companies including PayPal and Alertpay, a Montreal-based online payment company, to set up accounts which route money to a bank account in Kota with Axis Bank.

Though people on dozens of web forums have recorded their experiences with the scammers, police and trading standards officers in the UK are powerless to stop them.

UK telephone numbers for contacting the company on the sites are not “geographical” ‑ tied to a location ‑ but instead allocated to voice-over-internet providers.

That means that the calls connect internationally, but cost the scammers almost nothing when anyone calls them.

In the same way, it costs them virtually nothing to make the calls because the international part of the call goes via the internet.

If the payment has been made on a debit card ‑ as many are ‑ there is no hope of reversing the payment. A number of payment organisations used by the scammers have shut down their accounts. PayPal, the eBay-owned credit transfer company, and AlertPay have both taken rapid action against scam sites which used them.

In March, site hosting company Hostgator shut down one of the longest-running sites used for the alleged scam, F1Compstepuk.com, after complaints.

After confirming with Microsoft that the site was not acting for it, Hostgator immediately shut it down. Josh Loe, Hostgator’s co-founder, said that following the initial complaint, “we asked for more information regarding this to confirm. We received a message from a Microsoft representative via this particular person who contacted us first about this. At that time it was enough evidence to close the site and it was done so the same day.”

But one investigator who has been tracking the growth of the scam says the challenge is that new sites offering the same fake “service” keep popping up “like mushrooms”.

At first the scammers tried desperately to maintain the reputation of their sites, by flooding any forum which garnered enough criticism of their activities with postings claiming that the site helped fix their machine.

But the poor spelling and grammar of the replies – allied to internet addresses which show that the commenters are based in India – contrasted sharply with that of people in the UK, US and Australia complaining about the attempted scam.

Now they have shifted to creating multiple sites from templates, using stock phrases and photos. However, investigators are sure that the same man ‑ and central operation ‑ is behind all of the schemes. “I don’t think that this could really have spread that far. Even if they can see that some of their friends are making money from this, the calls are too similar every time,” said one. “It’s got to be the same organisation each time.”

Microsoft denies any connection with the companies that call people up offering these services.

When contacted about the scams, Microsoft said it was “currently investigating a series of instances in which the business practices of an organisation within the Microsoft Partner Network [that] have given rise to significant concerns from a number of sources. We take matters such as these extremely seriously and will take any action that is appropriate once our investigation is complete.”

Three weeks after being contacted by the Guardian, it issued another statement: “We confirm that we have taken action to terminate our relationship with certain partners who are clearly misrepresenting their relationship with us and using our company name in order to facilitate their telephone scam operations.”

However, this week, two sites alleged to be involved were still listed as “Microsoft Gold Certified Partners”, which Microsoft says means that they must have “demonstrated expertise” and “must employ a minimum number of Microsoft Certified Professionals”.

The company has noticed the problem. “Microsoft does not make unsolicited phone calls to help you fix your computer,” it says on its website.

“If you receive an unsolicited call from someone claiming to be from Microsoft Tech Support, hang up. We do not make these kinds of calls.”

  1. September 9, 2012 at 6:46 am

    wow… good presence of mind!

    you wont believe it, but last week I was targeted by scammer too.

    this is how it went.

    from sometime blogging, I met a christian friend online. so I added him to my instant messenger.
    although I haven’t met him personally, but we Christians have special connections.

    anyway, last week, I receive a strange message from this friend.
    He said, he was mugged, gun pointed and all his money, passport, credit card was taken from him.
    he said he was in Spain.

    i asked Him, what are you doing there? (because I knew he lives in another country).
    then he answered back by saying “look, I am in dire situation”
    he said “can you send me money? i need 700$ .”

    immediately an alarm went off my brain, I asked myself something is fishy here.

    then he tried to convince by swearing words and using profanity,
    to make it look as if he was so mad in his situation.
    he was trying the “compassion” technique.

    then guy is a blogger, a Christian. i dont think he would ever say something like that in front of me.


    then I realized, my friends account could have been hacked, and the hacker was using it to scam me.
    so I played his game. I ask, give me an address so I can wire the money.

    then he gave an address!

    after that, I told my friend (the hacker), you know “Jesus loves you”

    I preached the gospel!. unwittingly the hacker was getting the message.

    then I told him, even if you are a ‘criminal’ God loves you.
    God will supply your need of money! because he loves you.

    then the guy disconnected. he probably realized, I knew already.

    that is the most strange experienced i’ve ever had online. 🙂

    God protects his children. we can use all the extra ‘carefulness’, but, long before it happened,
    God knew it will and therefore he pulls us away 🙂

    – grace and peace

    • September 9, 2012 at 8:13 pm

      I like that you preached the Gospel to him. I probably would have preached the burning wrath of God against the ungodly.

      • September 9, 2012 at 8:53 pm


        i have this friend who prayed that his neighbor’s sub woofer be broken.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: