Beware of Microsoft Tech Support Scammers

There have been cases where tech support guys claiming to be Microsoft employees call people, convince them that their computer is infected by critical virus and it needs immediate attention. People generally get sucked into this scam. They allow screen sharing with these so called Microsoft support engineers and at the end they are asked to pay money in order to fix the infected machine.

The US Govt. failed to take appropriate action. These scams still exist and so far many people have lost their hard-earned money.

There are complaints from people who received a call from (404) 891-5588. The call is generated from Georgia, a state in the USA. He calls Microsoft Windows clients and introduces himself as a Windows tech-support engineer. You’ll hear busy sounds in background, one of the symptoms of badly organized call centres. He goes forward saying their server has detected a critical virus on your PC and for that purpose he needs to verify your Microsoft License ID. He asks you to write down the License ID and confirms it.

Later, he asks you to turn on your system, open Command Prompt, type a command “assoc” so that it fills up with long list of information. He asks you to read out the end line and afterward open Event Viewer application. The Event Viewer screen shows you dozens of errors. He tries to convince you that there is critical problem with your system and it is infected by a virus.

After you’re convinced that your computer has dozens of errors, he forwards your call to an advanced tech support engineer who then asks you to download a software called “Ammyy Admin” so that he takes control of your PC. This guy again opens Event Manager, shows you numerous critical errors. He navigates through some of the system settings and again forwards your call to another guy who claims to be his senior manager.

Now it starts getting fun when this guy tells you that he’ll need to completely scan your PC for viruses. He opens Command Prompt and runs a command “tree” to list out all files and directories on your hard disk. Well, this has nothing to do with viruses but he fools the people saying he is scanning the system for viruses. It takes a longer time and then you get a message called “security breach.. trojans found..”. Interestingly, you won’t see him typing this fake text while everything is scrolling by. This is not a system printed message; it is just a fake message which he types while the Command Prompt screen is scrolling by in order to fool the people . He then uses Ctrl + C command to abort the “tree” command in middle.

“Ohhh, that’s not good. Trojans are found. Do you know what a Trojan is?” he asks you. He further gives you a small lecture on the concept of Trojan and how do they actually work. He persuades that there is need of an immediate action else it will seriously affect your PC and documents.

When you’re convinced to his point, he goes further asking for $175 USD to fix-up the issue. In this amount he claims to provide a year of free technical support. During the discussion he keeps puzzling around System Information and other tools on your computer.

An interesting thing is that he won’t directly ask you for credit/ debit card information. He’ll instead persuade that your computer is infected and thus you need to pay the amount. He does nothing useful to your PC but wastes your time and hard-earned money.