The scam
Every six months or so I get a call from someone who has gotten a tech support scam. Usually it starts with a call from “Microsoft” and the person will tell them that their computer is compromised, contacting Microsoft, spreading viruses and all kinds of other scary topics. These are of course all fake and the person is probably just looking to get a credit card number.
If you allow them on your computer, they will usually open Windows task manager and show you a bunch of “viruses” or show you your basic networking information and claim this is proof that your system needs help. In the case the other day, my customer was told that they were infected with csrss.exe.
I just want to be clear to anyone that has gotten this call that csrss.exe is a legitimate Windows process. They usually use csrss.exe, winlogon.exe, svchost.exe or any other core Windows process because they are on all Windows installs and will show up and scare the person into thinking what they are saying is true.
Scam breakdown
The main goal of this call is to get on your computer through remote connection software. They will use Teamviewer, Logmein, Gotomeeting and all kinds of other remote connection software. The idea is they want to get on your computer to show you proof of what’s happening. This is usually explained with highly confusing and very broad computer and security related jargon. They are trying to scare you and make your head spin with all kinds of issues. The “agent” you are talking to will usually pitch some service fee or some “Microsoft software” that will clean up your computer and resolve any issues.
In the user submitted example I was given you can see that the customer was given a “quote” to do all sort of things for the low price of $798. This quote will cover all kinds of things, even doing something that isn’t possible during a phone support call remotely. I just want to point out that reinstalling the Windows operating system remotely over the phone without user involvement isn’t possible. The scammer will tell you they can do anything for a price.
How to tell it’s a tech support scam
- Microsoft doesn’t make cold calls. Microsoft is first and foremost a software vendor. I personally have made many calls to Microsoft support over the years and like any big company you must call them, wait on hold, create a case and pay by credit card and then wait an hour (or more) before a technical person gives you a call back. That’s just how they work.
- There is no Microsoft branding. Microsoft spends (I assume) millions on cooperate branding. It’s on all their letterhead, websites, help articles, etc. There is no way a Microsoft help agent is going to just give you a piece of paper without anything on it.
- Microsoft employees will only send you to Microsoft websites. They won’t send you over to BestAntivirusSolutions.com or RemoveAVirusNow.com – they will only send you to Microsoft.com.
The dangers of the tech support scam
From a security perspective there are many dangers of this scam. Allowing access to someone you don’t know is always very dangerous. If you search on YouTube for tech support scam you will see many videos of these “Microsoft agents” connecting to a machine, giving their sales pitch then doing harmful things like turning off key Windows services. Another common trick is to turn off every application that is in the Windows startup (like antivirus, sound driver software, etc). So, the next time you reboot your computer there are even more issues from before.
When the agent is on your computer, they could do anything really. They could potentially install a virus or a password stealer that could let them breach your banking info, your social media sites and everything else. The list of what they could do when on your computer is endless.
What to do if you get a tech support scam call
If one of my customers gets a call, I tell them to simply say no thank you and hang up. If one of these people is let on the system remotely then it is best to have an actual computer technician review the system to see if there is any signs of harm or infections. Here at Dataforge we have a website with branding, we have a local phone number and we have the same techs working day in and day out to help users with their computer problems. Dataforge’s support techs will try and explain what’s happening to you in plain English and give you a strong understanding of what’s happening with your computer.
Trust your gut
When customers get a call like this, they usually tell me they had a gut feeling that makes them question the authenticity of the call. They are usually right, so they call us at Dataforge. We review the situation and give you a clear answer on if it’s a tech support scam or not. At Dataforge we will always listen to the situation free of charge and then discuss solutions to resolve.
We can always be reached to discuss any computer related issues or possible Microsoft tech support scams Monday to Friday 9:00am-5:00pm at 905-632-9918.
I look forward to talking to you if you need help.
Dave Forsyth
HI! I’m Dave – I am an old school / hardcore computer geek. I’m also the General Manager at Dataforge. I am big into IT and small business development with technology. I want your business to grow and in turn, let me support your business and implement cool IT solutions. Dataforge is a family owned and operated computer repair and IT Services Company that covers Burlington, Hamilton, Oakville, Milton and the Greater Toronto Area.
Dave Forsyth
T: 905-632-9918
E: davef@DataforgeCanada.com