What I learned playing prey to Windows scammers

Three months of phone calls prove Windows scammers are more skilled at social engineering than you think

1 2 Page 2
Page 2 of 2

If there really is a problem, you won’t find out over the phone. Microsoft doesn’t have the phone numbers of every user who owns a Windows computer, and the company definitely doesn’t call individuals if something goes wrong. If a problem exists -- say, the ISP thinks your computer is infected and spreading malware to other computers -- the notification will not come via a phone call. More important, there is no such thing as a Windows Global Router monitoring your computer activity.

If you suspect a problem with your computer, go to Best Buy (for Windows) and Genius Bar (for MacOS), or hire a reputable IT pro to take a look.

As I learned from “Greg,” some of the callers know where you live, which increases the chances of your getting doxxed or targeted in another attack in retaliation. The scammer can set a password on the computer or change the existing password, to lock you out of the computer the next time you start it up. If they know where you live, they can hit you in the real world.

Once you realize it’s a scam, hang up. There is no benefit in stringing them along, and these callers get very angry. I usually was shaking after each of these encounters and frequently had to go outside for a walk to calm down.

One of the many calls from “Jake” ended with him screaming, “You think this is a scam? I will show you! I will show you hackers have control, because I am going to be the one taking over in 48 hours. Watch out!” I was rattled enough to keep all computers (even the Linux and Mac systems) in the house off for three days after, just in case.

“Nancy” threatened legal action. “Listen, I am telling you one last time, whatever information you have in your computer save it, because in the next 24 hours, we are going to cancel the license of your computer. And we will send you a legalized document, all right? At your doorstep. At that time, you can have a talk with the lawyers.”

It’s been a few weeks. No lawyers yet, whew.

What if you fell for the scam?

If you installed software, uninstall the software and run a security scan to remove it. If you gave remote access, reboot the computer to force-end the session. Uninstall the software. If the scammer got a chance to look through your files, as part of the remote access session or through the downloaded software, then assume they have copied your files and may have access to your passwords. Change your passwords after running the security scan and verifying no keylogger was left behind.

At this point, it may be better to disconnect your computer from the Internet, back up the specific files you need (if they already weren’t backed up over fears of ransomware), and wipe the machine to start over. There is no point in risking that the malware has enough hooks into the system that the security software is unable to eradicate it completely.

If you paid the scammer, call the credit card company right away to report the incident and cancel the transaction. Cancel the card, too. If the attacker has the information, they can use it again later or sell the number to someone else.

U.S. victims should report the scam to the Federal Trade Commission and provide the name of the scammer, as well as the originating phone number of the call. I don’t have Caller ID, so I couldn’t track the number, and in several cases, when I tried to dial back to track the last incoming call, I got the message that the number was blocked. The sheer number of calls I fielded made me question the wisdom of maintaining a landline -- at least if the calls had been going to my cellphone, I could potentially block calls. Alternately, I couuld whitelist calls I recognized and ignore the rest. 

They know which buttons to push

In the past, I’d dismissed these scammers as bumbling criminals preying on clueless and naïve computer users, but after 60 or so conversations, I’ve revised my assessment: They're skillful social engineers. At one point, when I’d managed to irritate “Nancy” enough, she asked, “Do you know who you are talking to? Do you know I have the authorization to cancel the license key for your computer?”

I stopped for a half-second to remind myself that she couldn’t do that. It helped that at the time of the call I was working on a Mac, but I sympathize with the victims who don’t want to take the risk. These scams are effective because they’re utterly convincing to nontechnical users. Even someone who has been reading about the latest news and staying well-informed can be tricked because the callers are good at hinting at all the things that can happen. The people making these calls are polite and charming -- unless, like me, you’ve been annoying them for 15 minutes with questions. They are confident and sound like they know what they are doing, which is why they are successful.

“We are calling you to find out why your computer is downloading all this hacking software and who are the persons who are trying to get into your computer to steal your personal information. That is illegal. That is against [sic] cybercrime.”

That’s the only point I agreed with from those calls. What they are doing is illegal. If you get the call, hang up. Don’t engage, and we will eventually starve the scamming beast into ceasing operations.

Related articles

This story, "What I learned playing prey to Windows scammers" was originally published by InfoWorld.

1 2 Page 2
Page 2 of 2
SUBSCRIBE! Get the best of CSO delivered to your email inbox.