Feedback
Tech

'We're with Windows': The anatomy of a cold-calling scam

Microsoft Digital Crimes Unit
At the real Microsoft, there's a team that goes after cybercriminals like these.

On its face, it was totally unbelievable. After all, when was the last time you recall any tech support pro-actively contacting you to solve a problem?

“Hello, sir. I am calling from Windows support.”

So began the call at 3:36 p.m. PDT on June 12. It was as if an automated phone tree at a software company had decided to atone for its sins and reach out. And I do mean automated. The patter, though delivered by apparently real humans with apparently authentic Indian accents, was remarkably rote.

“I’m calling on behalf of Microsoft’s Certified Technician Team,” said 8:53 a.m. July 3. So did 11:46 a.m. the same day. But 8:58 p.m. May 15 called from “the technical services department of Windows.” And the first one, six weeks earlier at 6:02 p.m. May 14, declared, “I am with the Windows Service Center, and I am calling about your computer.”

And boy, were they calling from exotic locations: “V5152358030054,” “6752 6752” and just simply “6752,” or so blurted my confused Caller ID screen. I thought I knew all the new area codes.

Then began the support. “You are getting errors on your computer and I’m calling to help.” What errors?, I’d often ask. “I won’t know until you go to our website and download our diagnostic tool.” Download. Unknown. Software. Sure.

While the patter would vary from male to female to male caller, the pitch never did. You’re reading from a script, I’d challenge. “No sir, I am not reading from a script,” 3:36 p.m. June 12 protested. And then went right back to the script. But, like testing the limits of Siri (or, more appropriately here, Furby), it became mildly interesting to see what kind of answers I could elicit:

  • How did you know I was getting errors? “We have a database of phone numbers of people who purchase computers.” (Those used to be called “phone books.”)
  • How do you know I’m not using a Mac or an Atari 1040ST? “We can check. Please click on your Start button.”
  • I can’t have a virus; I use the free and excellent Microsoft Security Essentials. “Well sir, that is better than using nothing.”

Expecting answers that were better than nothing, I turned to the real Microsoft.

“In 2010, Microsoft began receiving reports of scammers making phone calls or sending emails to people,” replied a spokesperson for Microsoft’s Digital Crimes Unit. The goal was often to trick people into buying support services, downloading fake security software or allowing remote access to their PC for likely un-nice purposes. Microsoft has referred the cases to the Federal Trade Commission, which had its own investigation underway and presumably still does.

And yes, it’s no coincidence I’m getting a lot of these calls. Alot of people are. Almost paradoxically, the spokesperson noted, as more consumers learn from Microsoft and other tech firms that they should make their computers more secure, “we have seen an increase in cybercrimes that use deception and social engineering to exploit people.”

That doesn’t stop some would-be victims from attempting to reverse-engineer the favor. Eric Dawes, a former broadcasting colleague in the Seattle area wrote on Facebook he’s been getting similar calls. He decided to play along, clicking as directed until he informed the scripted caller that he only had a choice of running “Control Panel” or “PHK-U.EXE.”

Others have been less kind, and a few have tripped into their own trap — such as the anti-malware security researcher who, in trying to documents the details, had his computer’s files deleted by a vengeful scammer.

The sobering part is enough people must be scammed successfully, otherwise the trickle of calls wouldn’t have increased to a seeming flood over the past several years. This includes, recently, calls to the Puget Sound area (unless the scriptoids have only now realized Microsoft is actually based nearby). Average loss? A Microsoft study pegged it at $875, and that was two years ago.

The next time the phone rings, I’ll recall the advice from my father who, in a moment of cynicism about business, observed that, “When someone approaches you, remember they always want something.” And in this case, I don’t think it’s my faux virus. Unless it’s infected my wallet.

Frank Catalano (@FrankCatalano) is a strategist, author and veteran analyst of digital education and consumer technologies whose GeekWire columns take a practical nerd’s approach to tech. See the archive of his regular GeekWire columns.

More Catalano columns from GeekWire: