With thanks to Sourcefire for the footage
It’s arguably the most reported scam Consumer Protection’s ever seen: we’ve had calls from hundreds of people in WA who’ve been phoned by scammers posing as Microsoft engineers.
The bogus operators, believed to be based in an Indian call centre, claim to be able to perform maintenance on computers remotely. In reality they want to charge you for an unnecessary service, a desktop clean-up you could do yourself for free, or to remove unwanted software which they install while accessing your PC.
Dozens and dozens of Western Australians have put themselves at risk of identity theft by giving the cold-callers their IP address and enabling remote access. (IP stands for Internet Protocol in case you don’t know and it’s the numerical label assigned to your computer). Others have been asked to log onto a website which allows the caller to link up to their computer.
Whatever way they get access, the scammers can alter security or anti-virus settings. They can also add a key-stroke recorder which registers personal or secure details, during online banking or internet trading for example, and then in turn those details could be used fraudulently.
We have also heard of a pop-up falsely claiming to be from Microsoft – it installs unwanted software. You may then be asked for payment to remove that software.
Many people have paid by credit card for non-existent system upgrades or upgrades that are available for free online. Refusal to pay may be met with threats to change your passwords or lock you out of your computer.
The amounts charged vary greatly but figures are between $125 and $385. Thankfully “victims” have been able to get the money back from their credit card provider through a transaction reversal. However this leaves credit card details in the hands of an unknown third party.
It’s important to note that Microsoft will never cold-call a customer and request access to their computer and Microsoft do not direct third parties to do this for them either.
If you receive an uninvited phone approach to help fix supposed computer errors or technical problems do not give out your IP address; in fact we recommend you just hang-up.
Never let unknown third parties access your computer
Regularly scan PCs with an up to date virus detection program
Do not be fooled by legitimate sounding organisation names like “Windows Security” or “Windows Service Centre”
What if I’ve allowed a Microsoft scammer to access my computer?
You should consider having it inspected by a reputable technician to ensure it can no longer be logged onto remotely and is free from malicious software.
What if I’ve paid money to these scammers via credit card?
Seek a charge back from your financial institution.
Update (August 2011)
Computer remote access scammers now posing as Telstra or Bigpond, according to ACCC
Update 4th October 2012 : Pulling the plug on Microsoft scammers
October 2012: Joint action between three international regulators has thwarted a massive global phone scam, with US authorities winning court orders to close down and freeze funds of imposters posing as Microsoft employees offering to fix PC viruses.
The Australian Communications and Media Authority (the ACMA), the US Federal Trade Commission and the Canadian Radio-television and Telecommunications Commission collaborated to share key intelligence about the operations of the Microsoft imposters.
Read the full media statement.
In the last two years, the scam has become the most commonly reported to Consumer Protection in Western Australia, with more than 2000 enquiries lodged over 2011 and 2012 and reported financial loss of more than $38,600 since 2010.