This morning, I was catching up on posts from some of the bloggers I follow. At one point, when I clicked on a link to go to a post, a new window opened with an audio “warning” from someone claiming to be Microsoft. It had a window for my username and password to be entered, or I had the option to call Microsoft’s toll free number for tech support. I tried closing the window, but it said that if I close the window, Microsoft will have to disable my computer so as to prevent the damage from infecting their network.
Well, this was one I hadn’t heard before.
When things like this happen, I usually look for sloppy grammar and/or misspellings in the message (these are a dead giveaway that it’s a scam), but there were none that I could see.
I never put in a username or password, and this time was no different. Because there was a toll free number to call, I thought it might actually be for real. Still, I was suspicious. So I re-booted my computer. When it came back on, the window was still there, with the audio, telling me to contact Microsoft immediately for assistance to remove the malware from my computer.
So I called the toll free number. My first red flag happened when the person who answered the call did not start with a Microsoft greeting. He just said, “technical support, may I help you?” I asked, “Umm, is this Microsoft?” He hesitated a moment and said, “Yes, ma’am.” So I told him about the warning screen with audio. He asked what kind of error code it’s giving, so I held my phone up to the speaker on my computer and let him listen.
He said, “Ah, yes. I can help you with this.” I was a tiny bit relieved, but still skeptical. He said he needed access to my computer in order to help. I have had tech support do this before and it’s freaky even from a trusted source. Still, I was not convinced that it wasn’t Microsoft I was talking to. So I agreed.
I know. I can almost hear you all cringe right now. What can I say? Sometimes I’m just not the sharpest tool in the shed.
So, I watched the curser zoom around on the screen, go to files, highlight some of the problems in my computer. All the while, the guy was explaining what can happen when this malware gets into your computer. Hackers can steal all your personal information: passwords, bank information, credit card numbers, and so on. He made a show of looking for security software, but couldn’t find any. He opened a note on the screen and started typing a list of what needed to be done on my computer to ensure its security from this threat. I would have to install McAfee security software, among other things. There were four steps on the list. Once he’d finished writing the list and explaining what needed doing and why, he said he was now going to transfer me to his supervisor. The supervisor got on the line sounding very authoritative and self-assured. He identified himself as Ross Donavan, Microsoft Supervisor, employee number MS13297. He explained that someone had gained access to my computer’s hard drive and he showed me a screen that had my IP address on it, and a number of unknown connections to it. He asked if I use my computer for on-line shopping and banking, and said that if I’ve used it for these purposes even once, my passwords and account numbers are in my computer and hackers can get them. By this time I was so freaked out and asked if he could just fix it right now. He said absolutely, and that he would just transfer me to their accounts department so I could pay for and download the necessary software to fix the problem I was experiencing.
That’s when I snapped out of the stupid. (Sometimes it takes me a while!) I closed my computer and said, “Look, I appreciate your time and all, but I’m just not comfortable with giving my credit card information over the phone like this.” He tried to argue, but I said, “I’m sure you understand my hesitation. I’m going to go to the Microsoft store where this computer was purchased, talk to someone face to face, and see what they can do about it.” The guy was quite perturbed by this, but I firmly shut him down and ended the call. By this time I had no doubt that it was a scam, because if it had really been Microsoft, the person would have been understanding and would have encouraged me to go to the Microsoft store for assistance.
I grabbed my laptop and went immediately to the Microsoft store downtown and told a rep about what happened. I told him that these scammers were in my computer and everything. The rep was so helpful and awesome! He confirmed that it was definitely a scam, but he didn’t make me feel stupid for falling for it. He told me that my laptop (which is less than two years old) has built in security (I guess it’s a Windows 10 thing), and that my computer is all up to date and secure. He showed me how to check it, and he uninstalled the program the scammer installed to get access to my computer. He also assured me that there was no way they could have gotten access to anything personal in the time that they had control of my computer. So, after all that, my computer was just fine and it didn’t cost me a dime to find that out.
So, I dodged a bullet, my friends.
How did the warning come up in the first place? I still don’t know the answer to that. I was browsing through a bunch of WordPress blogs when it happened. I don’t know what made it pop up. I didn’t click on anything other than a link to a blogger’s post. It popped up as a separate window with a warning box in front.
If this happens to you, don’t be alarmed, and don’t fall for it. They make it look very convincing. I’ve seen a lot of scams and I’ve never fallen for one before. This one was different. I got so rattled by it. Luckily I came to my senses in time before any damage was done.