“Daniel” from “Microsoft” called me the other day. The number looked halfway legit so I picked up. He out and out claimed to be from Microsoft and said he was getting alerts from my computer. His voice sounded familiar–I think I’d talked to him before.
“Which computer?” I asked.
“Your Microsoft computer,” he said.
I told him I have several computers running Windows, so which one was he referring to?
He actually had an answer for that that sounded halfway plausible, saying that if the computers are behind a router, he wouldn’t be able to tell me which one. There are ways to go about doing that, but that’s beyond the skill level of the average phone scammer. The truth is these guys don’t actually track anything, they just cold-call people looking for victims, which is why I talk to them–if enough people like me waste five minutes of these guys’ time, it cuts down on the number of victims that day by one or two.
“So, if you’re from Microsoft, you’ll be familiar with this webpage,” I said. I pulled up Microsoft’s phone scams page and read him the URL. Then I read him this paragraph:
There are some cases where Microsoft will work with your Internet service provider and call you to fix a malware-infected computer—such as during the recent cleanup effort begun in our botnet takedown actions. These calls will be made by someone with whom you can verify you already are a customer. You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.
“So tell me, sir, is your intent to charge me for computer fixes?”
“I will only charge you if I find something wrong,” he said.
So I read him the last line of that paragraph again, and he ping-ponged back that he would only charge me if he found something wrong.
Of course, the thing about these scammers is they always find something to play off as being wrong, even though it’s almost always normal system behavior, like netstat. These guys actually aren’t good at fixing something that’s legitimately wrong, as I found when I tried to actually give them access to a system once and found a malfunctioning network card. I let him flail around for 10 minutes getting nowhere, then after he got off the phone with me, I fixed it in about 30 seconds.
Finally he saw he wasn’t getting anywhere with me, so he talked about those scary hackers and how they’re always trying to get into my computer.
“You’re right, they are,” I said. “Most of their attacks bounce off your router though. What you do to block the rest of their attacks is to update your computer all the time, especially your web browsers and Flash and Acrobat Reader. Which reminds me, when’s Patch Tuesday? Was that last week or this week?”
Click. “Daniel” hung up.
I think that might be the first time I’ve convinced one of these criminals that I’m out of their league. And of course, if “Daniel” really had been from Microsoft, he would have known when Patch Tuesday is.
If you’re not comfortable engaging a criminal, what I suggest you do is thank him for calling and tell him you have Microsoft’s phone number (it’s 1-800-426-9400), and you’ll call and ask for him. Handle it just like you would if someone claimed to be calling you from your bank in regards to your credit card. I’ll bet you a dollar when you call Microsoft’s real number, they’ll tell you the guy who called you doesn’t work for them.