Computer Support Scam Alert

There is a popular scam going around that all computer users need to be aware of. It relies on the illusion that someone elsewhere is able to see what your computer is doing. The scam is mostly aimed at Windows users, but there are stories of Mac users being targetted too.

This scam, like so many, starts with a cold call. Someone with an Anglo–Saxon name and a strong Indian accent claims to be calling on behalf of Microsoft or a made–up variant such as ‘Windows Support Services’. He or she has been told that the punter’s computer is behaving strangely, probably as a result of a virus infection. Unless the problem is fixed quickly, all manner of dreadful things will happen.

How the Scam Works

Stage 1: Frighten the Punter

The punter is asked to go to their computer and click on the Windows start button in the bottom left–hand corner of the screen. This brings up a list of programs and a search box.

Next, the punter is told to use the Windows search box to open one of two programs, Prefetch or Event Viewer. These programs perform certain functions within the Windows operating system, and normally chug along happily in the background. The average Windows user never needs to know of their existence. But from the point of view of the scammer, these programs contain a useful feature. They both produce screens full of what appear to be warning messages.

Here is an example of an Event Viewer screen (its exact appearance will depend on the particular version of Windows, and other factors, but this gives you a general idea):

Windows Event Viewer

Oh no! A series of red circles with exclamation marks, next to the word ‘Error’!

Well, the things that appear to be error messages are indeed error messages, but they aren’t important. Computer operating systems are very complex pieces of software, and lots of processes are always going on in the background. These trivial error messages crop up all the time. They do not indicate the existence of a virus, as the scammer usually claims. But they do give the illusion that the scammer is aware of what’s going on inside your computer.

Stage 2: Get into the Computer

The next stage is to trick the punter into giving the scammer actual access to the computer. There are several legitimate companies which provide what is known as remote access software, to allow technicians to fix genuine problems without having physical access to the computer itself. The scammers take advantage of these services by persuading the punter to:

  • visit a website such as LogMeIn or AMMYY,
  • download a piece of software which gives remote access to the computer,
  • and install the software on their computer.

At this point, the scammers have the ability to do whatever they like on the punter’s computer, and will do one of two things:

  • They may install software that logs passwords and credit card details.
  • Or they may simply perform enough tasks to convince the punter that they are fixing the non–existent problem.

Stage 3: The Pay–Off

Finally, of course, they ask the punter to pay for the work that has just been performed.

How to Spot the Scam

There are several warning signs:

  • The most obvious warning sign is that it involves an unsolicited phone call. As a general rule, if someone you don’t know rings you up out of the blue and asks you to pay them some money, there is a reasonably good chance that you are about to be swindled.
  • According to Microsoft’s website, Microsoft never makes unsolicited phone calls to help you fix your computer. It’s not that Microsoft is above criminal activity, but it draws the line at cold calling.
  • Ask yourself: how exactly can someone in India see what is going on inside your computer? Even if you know next to nothing about computers, it should be obvious that it’s difficult enough for you to work out what’s going on inside your computer, even when you are sitting right in front of it.

How to Avoid Becoming a Victim

The only people who are going to fall for a scam as preposterous as this will be those who think of their computer as a magic box. So the first thing to do is to take the time to learn a little about how your computer works, and about safe online behaviour. You could start by checking out these two articles of ours:

As with any cold–calling scam:

  • If anyone calls you and claims to be from a particular organisation, ask for proof: name, address, phone number. If the cold caller gives the name of a company, check it out by searching for it on Google or Yahoo, and you may find reports of dodgy activity.
  • Never hand out your credit card or bank card details over the phone, even to someone from an Indian call centre who claims to be Bill Gates.

What You Should Do

Depending on how busy you are, you can either put the phone down or string the scammers along. All the time you are keeping them waiting on the phone, they will not be annoying someone else.

The scam has been reported all over the English–speaking world. If you are based in the UK, you should report your experiences using the police’s Action Fraud website or by phoning 0300 123 2040.

Further Information

There are some revealing examples of the scam in action at

If you have registered a domain name, you need to watch out for another scam.