Recently one of our clients received a phone call at her house claiming to be someone they’re not and offering support to fix her computer.
Please read her email below and the story from the Sydney Morning Herald.
I received a call from Sun System Recure, from what source I have no idea. They however have identified LOTS of viral type things on my computer – just in the time since you had my computer. They also think that is why I am getting e-mails twice.
They have scanned all the errors and come up with a summary of:
Spyware Removal 1 problem
Security Defense 30 057 items unprotected
Registry Fix 161
System Optimisation 41
Privacy Sweep 39
And get this
Junk File 68MB (the technician said 5 was a lot/68 is really a lot)
For them to fix this they require a registration of 1yr @ $123.
Is this a scam or is this a legitimate thing to take up?
It will be scanned and a system clean up will be done monthly. I think that is what they said – their accents are quite difficult to understand!
Should I register – I am pretty sure you will know what they are talking about. There was also mention of Microsoft Higher Tools?!!!
Australians are being swindled out of hundreds of dollars by dodgy call centres pretending to be affiliated with Microsoft, who cold call victims and scare them into believing their computer is infected with a virus.
Microsoft Australia says the scammers, who typically operate out of India, are sophisticated enough to avoid blatantly breaking the law. Instead, they use social engineering tricks to convince victims into handing over their money, making it virtually impossible for the company to shut them down.
“I’ve actually had three inquiries on it just this week,” said Stuart Strathdee, Microsoft Australia’s chief security advisor.
Advertisement: Story continues below
“They’ve [previously] targeted both our big telcos here in Australia and a bunch of other Australian household name companies.”
Danielle Manning, 26, from Sydney, received a call this week from a man with a foreign accent purporting to be from “Windows 7”.
“He said my computer had been sending signals to Windows 7 through a router system and that there was a virus on it – he was surprised that I had not phoned them to ring up the complaint and said that we need to get it fixed as soon as possible,” said Manning.
“I said to him there’s nothing on my computer, it’s working fine, and he said this is in the background, your anti-virus won’t pick it up and you need to get it fixed.”
The man then gave her instructions on how to open up the Event Viewer on her computer, which is essentially a log of system activity. He used this as evidence that Manning’s computer was infected and told her to go to a website, Teamviewer.com, so he could help her fix it.
Teamviewer.com is a legitimate “remote access” service that allows people to perform technical support over the internet. The scammer was attempting to gain access to Manning’s computer from afar.
“I said to him how do I know that this isn’t a scam? How do I know that you are from Windows 7 or Microsoft? And he said well here’s my name, Alex, and he gave me a phone number – (02) 8005 0570 – and he said when I’ve verified to give him a call back so he can fix the problems with my computer,” she said.
“I didn’t call him back.”
Microsoft’s Strathdee explained the rest of the ruse. If scammers get permission to remotely access the victim’s computer, they’ll pretend that they’re working on the machine, which can take anywhere from a few minutes to half an hour.
“They’ll say that they’ve found all sorts of problems and that because your system is going to need so much work then you need to subscribe to their one-year service for typically $395,” he said.
“I’ve spoken to dozens of customers about this and some tell me that they told the caller that $395 was ridiculous, it was too much, and then they negotiate another price; I know one guy that negotiated them down from $395 to $85.”
Strathdee said they use a combination of “high pressure sales tactics” and “social engineering” to scare the victim into paying the money. Unusually, he said the scammers typically did not do anything to infect the victims’ machines and simply walked away with the money that had been given up voluntarily.
And by saying they are calling from “Windows 7” or “Microsoft Vista XP Windows Update Company” they are not breaking laws around impersonating another business.
“I don’t know that they fall into the category of a typical cyber criminal – they are very aware of the law in both their own country and also in Australia and they are very careful not to openly break the law in an obvious way,” said Strathdee.
“It’s a little bit like if someone just walked up to your front door and told you your computer was running slow, would you let them in to start doing work and would you then pay them?”
Strathdee said the scam had also affected people in Britain, but this time the callers posed as affiliates of British Telecom.
He said he had discussed the issue with police but admitted that “at this point in time we haven’t found a way of shutting them down”.
“The problem is they’re not actually impersonating Microsoft, they’re just using some of our brand names,” he said.
“The end user actually gives permission for that company to get remote access to their computer and then the person is agreeing to a service, so there’s no theft involved.”
Strathdee said anyone who received calls such as this should keep in mind that Microsoft never cold calls customers in this way and also does not pass on customer details to third parties.
Manning said she concluded it was a scam when the caller said they were from Windows 7, not Microsoft, and directed her to a bizarre website instead of one of Microsoft’s own sites.
“He sounded like he was from a call centre, you could hear all the noise in the background,” she said.
“It sounded really dodgy to me but I can imagine that there would be people out there that would just see that there were warnings on their computer and freak out a bit and give away the information very easily.”