There’s a phone scam making the rounds from people claiming to be from Microsoft. They insist a person’s computer may be infected with viruses and that they can connect to the computer and remove them.
First of all, Microsoft DOES NOT offer free over-the-phone tech support, and they will not call you out of the blue like that.
According to Microsoft themselves:
“We do not send unsolicited email messages or make unsolicited phone calls to request personal or financial information or fix your computer,” Microsoft said on its Web site. “If you receive an unsolicited email message or phone call that purports to be from Microsoft and requests that you send personal information or click links, delete the message or hang up the phone.”
A similar phone scam made the rounds in 2010, using slightly different methods, but both scams have the same goal of getting people to pay for their supposed technical support and allowing the hackers into computers using a variety of remote connectivity solutions available on the market, including TeamViewer.
“In previous iterations of this scam,” says the SANS institute, “the person on the phone would get you to click through to the event viewer to “find something red”. Strangely enough, there is usually something red in most people’s event log. However, do not despair if you don’t have anything red, yellow is just as bad (note: this does not necessarily indicate virus activity). Once the problem (well, any problem) was identified, your support would have expired, and they redirect you to a web site where you can part with your money and download some version of their malware.”
“The new iteration of the scam goes one step further. Rather than get the victim to look [for supposed problems], they get you to install TeamViewer (or similar software). They take control of your machine and start moving the files across. Manually infecting, sorry fixing, your machine.”
By the way, TeamViewer is perfectly legitimate software used by many people for remote tech support, although other similar tools are likely used by the scammers as well. It’s what the scammers do once they have access to your computer that is the problem.
The scam is obviously still working. It seems they have figured out that users can’t be trusted to click a link, but installing remote control software and getting you to install the malware for them is ok.
There have also been reports that the scammers will get you to download a program named very similarly to Malware Bytes, but is actually malicious software that the scammers have created. Hackers and scammers are using widely trusted company names, like Microsoft, Malware Bytes, and TeamViewer, to fool you into trusting them or letting them access your computer.
“We are having a number of reports of clients being scammed by people calling saying that are from Microsoft and they offer to help the person fix their computer,” said Chris Rose, a member of Nerds On Site in St. John’s, Newfoundland. “I am sure others are familiar with this type of scam. I sent a press release and was called by the local CBC and a local outfit called NTV.
You can find the CBC video below.
or 
The Microsoft Scammers are giving people 209-498-3038 as the contact number for their Supervisor. I found out this number originates from San Andreas, CA , phone carrier is Pac-West Telecom, INC, it is a landline but name and address is unpublished according to 411.
Hello. Uhuh. Microsoft, what’s Microsoft?
Nerd Support Group now named – Nerdi Support – Same Phishing and malware Scam though :
Got a cold call from ‘John Smith’ (nice Indian Name considering the thickness of his Indian accent combined with the a tang of call centre trained American), calling from the London (yeah, right) offices of NERDI. He advised me that he is a registered Microsoft Technician and that they have had confirmation of over 3000 virus/errors on my PC. Now, I know this is a scam, no one cold calls you to offer assistance with you ‘Problem’ PC, so I tagged along. What i need to do is turn on my computer, open the windows start menu (which he explained to me like a 4 year old child, i got annoyed at this point and told him to get on with it as I know my way around a PC and windows) and to open the ‘RUN’ function (alarm bells should now be ringing), then to enter the acronym for brining up the event viewer, something like ‘eventvwr’. Now I know perfectly well what this is, does and contains, so again i played along. He the proceeded to ask me to confirm some of the ‘Errors’ I was getting, I did, ‘ Oh on, you have a number of system errors caused by Trojan virus’s’ which apparently my world class virus software cant remove because it doesn’t know it exists, and for a small fee (£50) and allowing him access to control my PC remotely he would rid my PC of all the infected files and errors. Whilst this was going on I was actually Googling his company name ‘NERDI’ and for event viewer phishing scams, low and behold, i may not be able to find any trace of a company called NERDI but this scam has been running for years, previously in Australia. I asked John what country he was calling from (so that I could suitably insult him before I hung up on him) and the kicker, ‘Im based in London’. Well suffice to say that I hung up on him. Can you believe he called straight back to ask why i had insulted him and that he certainly was not running a scam to either get access to my PCs files or my bank/card details. Thankfully no further calls have come through.
Be warned, this scam appears to be alive and well and now operating with UK telephone numbers. Do not give them your details. Do not pay for their service. this is a phishing scam that has obviously been sold onto someone new using an Indian based call unit or office.
And finally. Microsoft will not cold call you for any reason what so ever.
The only reason you would receive a call from Microsoft, especially for IT related issues, is because you have requested them to call you through one of their service/maintenance channels.
If you haven’t called them first, they are not from Microsoft.
These folk have been phoning me 3 or 4 times a day for the last 2 weeks from an “Unavailable Name” to tell me that I have been downloading huge files which indicate a virus (or several) in my system. They have fairly slick answers for everything I throw at them – until I tell them I run a Mac. Then I hear click – but they obviously don’t make notes as they are pretty persistent and phone back regularly. I live in Calgary and the company name they give is Staying Live (or Alive) and the number they give is 403-395-3985. Obviously when dialled that does not exist. They claim to not have a website or Internet presence as they are Microsoft technicians and do not have access to that information. But they have my name and address which, strangely enough, is in the white pages……
I hate those spams…These spammers and hackers get new idea and a new way to steal your money or infect your computer with spams and viruses everyday.. from where did they get these ideas…Screw them..they even call you pretending to be Microsoft..
I knew it was a scam because microsoft does not help customers for free even when you call them. These people care calling customers – something microsoft NEVER does.
Fantastic work, hope I learn more from your blog. This is very good start for me. I am not native English speaker or writer, but thank you.