I got another “Windows Technical Support” call on Friday evening. My caller ID said Minneapolis, and since I have coworkers in Minneapolis, I answered. But the guy on the other end was a long way from Minneapolis and probably doesn’t know diddly about ice hockey.
I’m pretty sure it was the same criminal as last time, but over a better VOIP connection. I remember the voice pretty well, because his parting lines from last time, “Enjoy your broken computer, Mr. Genius Man!” struck me as funny. And he started the conversation with, “I’m calling you again about your Windows 7 computer.”
My conversation with him revealed a few things about why this scam is likely to be profitable.
He knew my full name, my mailing address, and, obviously, my telephone number.
I asked him for his telephone number. “No, I won’t give you my phone number! Why would I give you my phone number?”
Pro tip: If a legitimate company is calling you about legitimate business, the caller will provide you with a phone number and an extension so you can call back. That’s a standard tactic for weeding out fraud.
He told me he had an alert regarding my Windows 7 computer. I have five computers in my house right now that are running Windows 7–not all of them are mine, but they’re here and they’re running Windows 7–so I asked him which computer he was referring to. He said, “The one that is on the Internet.” Well, any of them can get to the Internet. So, once again, which computer?
He never answered my question, for a very good reason: He’s not getting any alerts.
“Viruses and hackers are getting into your Windows 7 computer,” he told me.
“Oh. Well, I’m a hacker,” I volunteered. “I’m a professional hacker.”
At that point he started screaming at me. Yes, screaming. He screamed my name and address and told me he would report me to the FBI.
“Go ahead,” I said. “I have a security clearance and have worked for the U.S. government.”
That set the tone for the rest of the conversation. “Stop calling me,” I said. “You have no right to be calling me.”
When I still refused to cooperate with him, he threatened to cancel my Windows license.
I decided to see how long he would keep screaming at me, so I set my phone down on my dresser and walked across the room. He continued ranting and raving at my furniture for a good 2-3 minutes before I picked the phone back up.
Perhaps he sensed since I was no longer saying anything he was about to lose me, because when I picked the phone back up again, he repeated my name and address and told me if I hung up on him, he would send me a bill for $500. I told him to send me the bill and I would pass it along to the FBI.
I then told him the phone call is illegal in the state of Missouri because it was an unsolicited call from someone I have no existing business relationship with, he scoffed at me. “I don’t care about your Missouri law here in India,” he said. There was a time when they would hang up immediately when you said that. The criminals are getting an invincibility complex.
He also went out of his way several times to tell me that Microsoft uses technical support from India. I’m fully aware of that, but that doesn’t mean he works for Microsoft. When I pressed him on that, he said he worked for a certified Microsoft partner. That’s a lie.
“Use your computer,” he urged me. “I’m breaking it now. Watch.”
He wasn’t able to break my computer, or cancel my Windows license. I’m using it right now to type this. Finally, I got tired of listening to this low-life bully and hung up on him.
Let me make a quick aside about India: There are good people everywhere and there are criminals everywhere. I didn’t bring up India on this call; he brought it up when I asked him why he was spoofing a telephone number from Minneapolis. He never answered my question, and played the India card. There are indeed smart people in India, but nothing from this phone call made me think he is one of them.
So, let’s do a post-mortem.
Microsoft will not call you unsolicited. If you call them, they’ll help you if you bought your copy of Windows at retail, or if you’re having an issue caused by a Microsoft security patch. If you bought a computer with Windows pre-installed, and your problem isn’t related to a security patch, they’ll direct you to the company you bought your computer from. That’s how technical support works. You make the call, and chances are you’ll spend a bit of time on hold, too.
In the extremely unlikely event that your computer company or Internet provider needs to call you, they’ll be willing to provide a callback number so you can verify they are who they say they are. A criminal won’t, because then someone like me will post their phone number on the Internet so hundreds of people can call them and harass them worse than this guy harassed me.
You’ll also find that their first-tier technical support people are far friendlier and more knowledgeable than these criminals are. The criminals don’t have the people skills or the technical skills required to work their way through a legitimate company’s technical support scripts. I know, because in the past I’ve actually fired up computers that had something simple wrong with them when they called, and they weren’t able to solve any of those problems.
These criminals are violating U.S. trademark law when they claim to be from “Windows Technical Support.” Windows may be the most lame trademark ever, but this is the very reason trademark laws exist: When they call and identify themselves as “Windows Technical Support,” people immediately think they must be from Microsoft. Not only are these criminals ripping people off, they’re also hurting Microsoft’s reputation.
If they get abusive or threatening with you like they did with me, don’t let them scare you into giving you money, and don’t let them scare your friends and relatives into it either.
These crooks also cannot cancel your Windows license. Your Windows activation is a digital signature that sits on your computer itself and can’t be remotely canceled. Microsoft keeps a database of keys that have been used and a fingerprint to keep you from using your key on more than one computer, but that’s the only purpose that it serves, and they can’t tie a name and an address to the Windows activation key printed on a sticker on your computer or on the back of your CD case.
They may tell you your name and your physical address to try to convince you this is legitimate business, but all that proves is that they acquired (ahem) a mailing list with your name, address and phone number on it. And even though every computer on the Internet has something called an IP address, only your Internet provider can tie that IP address back to your physical address. He wasn’t able to tell me which of my computers was having an issue because he had no way of knowing. All he knew was what I volunteered.
And there is absolutely no reason to get scared if they threaten to turn you in to the FBI like this guy did to me. Having a computer virus isn’t a crime, and if your computer does get infected, you have every right to choose who will clean it up, just like you have the right to choose which plumber or electrician to hire.
Let me repeat one more thing: These callers are criminals looking to scam you out of money in return for providing nothing of any value whatsoever, and the U.S. Federal Trade Commission does go after them. The FTC even has a helpful page about it. The FTC managed to shut down PCCare247, but unfortunately, since their scammy racket works, others have sprung up to take its place. Including whoever it is “Mr. Genius Man” works for.
Part of me hopes “Mr. Genius Man” is stupid enough to send me a bill for $500. If he’s stupid enough to do that, he’s stupid enough to put a real address on it in hopes that I’m stupid enough to send him a real $500. I’ll forward that information on the bill to the FTC so they can put the guy out of business, or better yet, ensure he spends a few nights in a jail cell so he can consider other, more legitimate ways of making a living.
It’s actually a shame. “Mr. Genius Man’s” command of the English language is outstanding, and his very slight accent indicates he must be multi-lingual. He has the skills to actually help people for a living, but he chooses not to.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.
3 thoughts on “Mr. Genius Man from “Windows Technical Support” gets nasty”
I’m not sure why I haven’t searched for this before, but Microsoft has a statement at http://www.microsoft.com/en-gb/security/online-privacy/avoid-phone-scams.aspx
So… There’s a very small chance Microsoft may call you, but if they do, they won’t charge you for what they do.
Thanks for the heads up! Dave is right. There’s a very small chance that Microsoft will call you and if they do, they won’t charge you for it. So if the caller says otherwise, it’s a bluff and should be reported to the FTC. I found this consumer protection website called http://www.callercenter.com and it’s flooded with complaints from people who received scam calls. There were a lot and I’m wondering if the authorities can use that information to catch the culprits.
It’s evidence, potentially, but I think what’s going to bring these criminals down is people tracing the calls. I’ve been researching this stuff–I’ve spent more time this week learning about their operations than they spent learning about computers–and I’ll be posting yet another followup later in the week.
Comments are closed.