PSA: The Computer Maintenance Department Scam Calls Drew Wilson | February 9, 2012 Have you been getting those calls from people working in a call center from what sounds like India? You know, those people who claim to be from either the “Computer Maintenance Department” or the “Windows Technical Team” who then instruct you to go to your computer? Tell the select minority of people who would fall for it that these calls are a scam. We here at ZeroPaid did some digging about these calls in a public service effort. Note: This is an article I wrote that was published elsewhere first. It has been republished here for archival purposes I consider myself to be reasonably savvy when it comes to telemarketers. Whenever they come calling trying to sell me something, I ask them to put me on a do-not-call list. Asking to be put on a do-not-call list is substantially better than simply hanging up on a telemarketer because merely hanging up is technically an invitation to call back later. Most telemarketers have a system in place because it’s the law and it’s generally good practice. After asking numerous telemarketers to be put on a do-not-call list myself, it seems I have narrowed down the number of telemarketers down to a very select few. Those were the automated calls that ask you to press a number to claim a prize (never do this unless you want to be charged an unknown amount of money), the occasional survey calls and one particularly annoying computer related call. The computer related one comes at around twice a month. The telemarketer in question tells me that he is calling in regards to my computer. After that, he typically instructs me to go to my computer. This is where I get my chance to stop him in his tracks. It took a few attempts, with different marketers, but I managed to obtain two different names from them. They claim to be either from the “Computer Maintenance Department” or the “Windows Technical Team”. This alone should be enough to set internal alarms off that this is not a legitimate call. Every time, these people would also tell me that my computer could be infected with harmful viruses and that they are calling to fix the problem. Usually, by this time, I tell them that I want to be put on a do-not-call list. Every time I’ve requested this, the telemarketer hangs up only to call back weeks later. To me, if these telemarketers are not even operating a do-not-call list, then that’s a big warning sign that this is not legitimate. So, armed with who this is, I proceed to exercise my Google-fu to see what these people are all about. Turns out, this scam has been around for years. A user known as lowlanda on a Whirlpool forum posted in 2010 that a similar call was received asking to run some form of uncomprehendable command. In a British forum, there was a similar discussion also in 2010 about this kind of scam. Apparently, one user reported being asked to download a logmein program and was asked to pay £55 to keep Windows activated after obtaining personal information. Similar stories can be found on whocallsme as well. It turns out, this scam was so bad in the UK, police raided several websites associated with this scam. From the Guardian: The Metropolitan police e-crime unit acted in April to take such sites down. Among those shut was supportonclick.com, registered to Pecon Software, a firm based in Kolkata. The company has now opened another support website, called onlinepccare.com, which is the subject of numerous online complaints about cold calling, “bullying”, and claims that the caller is from Windows PC care. One person recorded his adventure with this kind of scam and posted it to YouTube: There’s plenty more information about this scam on digitaltoast. While the post dates clear back to 2009, the comments section points out that this scam is still going on to this day. Microsoft’s Comment Interested that these scammers say that they are from Microsoft, we actually contacted Microsoft about this. We asked what to look for when it comes to figuring out whether or not the phone call is indeed from Microsoft or not. A Microsoft spokesperson said, “Our advice is simple; treat callers as you would treat strangers in the street â€” do not disclose personal or sensitive information to anyone you do not know.” “Unfortunately this is not the first scam of its kind,” the Microsoft spokesperson told ZeroPaid, “and it’s unlikely to be the last. The best way to avoid becoming a victim is by being aware of the threat. Consumers should also ensure the copy of Windows they are running is genuine and fully up to date, while ensuring they have installed legitimate software will guard against viruses, spyware, and other malicious software.” CRTC’s Response and Information on Reporting This Scam With an official statement from Microsoft saying that this is a scam, ZeroPaid decided to contact the CRTC (Canadian Radio-television and Telecommunications Commission) to ask what options consumers have in terms of reporting such fraudulent phone calls; specifically, what can people do to issue a complaint about this kind of phone scam given that this scam is not compliant with the do-not-call registry. “First,” the CRTC told ZeroPaid, “this is a scammer calling you, not a telemarketer. For scams/fraud, I would recommend contacting the Canadian Anti-fraud Centre (Phonebusters).” The CRTC forwarded us some links about reporting this scam and how this scam has really taken off in Canada in recent months. One link was to a press release by the RCMP detailing the scam: OTTAWA – September 29, 2011 – The Royal Canadian Mounted Police (RCMP) and their partners at the Canadian Anti Fraud Centre (CAFC) are warning that if someone calls you claiming to be able to protect your computer from viruses, your best bet is to just hang up the phone. Don’t give the caller your computer access codes and don’t provide your credit card information. The virus scam has grown to epidemic proportions in Canada, now accounting for between 70 and 80 per cent of frauds reported daily to the CAFC. “We began noticing virus scam calls in March 2010. Since then, they’ve become an increasing proportion of our calls. Now, they’re the scam we deal with most often,” said RCMP Sgt. Paul Proulx of the CAFC. This dramatic increase means the scam is working â€” more and more Canadians are being targeted by the virus scam. Proulx warns, “If a scammer is able to log on to your computer then he has access to all the personal information you have stored there, including your banking information.” Here’s a typical scenario: a caller, often claiming to work for Microsoft or another reputable software company, will cold-call you and ask if your computer is running slowly or not working as it should. He will then offer to repair your computer via internet access, which can involve either software installation or the caller gaining remote control of your computer after you’ve granted him access. Payment for the software or the repair service is handled via your credit card with charges typically ranging from $35 to $470 per call. Allowing a third party to download software or remotely access your computer carries a number of serious risks. Malicious software can be installed to capture sensitive data such as your online banking user names and passwords, bank account information and your personal identity information. All of this information can be used in subsequent frauds that empty your bank accounts and charge your credit cards. Your computer can also be converted to a bot-net, which means criminals can use it without your knowledge or participation. It can then be used to spam other people, spread viruses to your friends or overload computer networks. Getting your credit card information is the second important part of the virus scam. Once a criminal has that information it can be used to make purchases without your consent. Canadians should be aware that not all virus scams are conducted over the phone. Many CAFC callers report being scammed after responding to internet pop-up ads for anti-virus software. Sgt. Proulx offers this simple advice: “If you’re really worried about viruses on your computer, be pro-active and use anti-virus software that you’ve acquired from reputable sources and keep it up to date. If someone calls you out of the blue offering to provide this kind of help, it’s probably a scam. Remember, it’s not rude to hang up on someone who’s trying to steal your money and information.” “When it comes to cyber security, we all have a role to play,” said Public Safety Minister Vic Toews. “Canada’s Cyber Security Strategy is the Government’s plan to help secure Canada’s vital cyber systems and help Canadians protect themselves, their families and their personal information online.” Please visit the Canadian Anti Fraud Centre’s new website for the latest on emerging fraud trends, advice on protecting yourself and victim’s guides that will help you recover from fraud loss: www.antifraudcentre.ca. For more information on the Government of Canada’s Cyber Security Strategy: www.publicsafety.gc.ca/cyber Fraud: Recognize It, Report It, Stop It. A second link the CRTC sent us was to a page detailing how you can report a scam call: If you have not lost any money and have not provided personal or financial information (relating to a fraud or scam), and you simply want to inform the appropriate organizations, report it to the Canadian Anti-fraud Centre by calling 1-888-495-8501 If you received a fraudulent e-mail soliciting personal or financial information (phishing scam), you should also advise the financial institution or other agency whose name was used. If you are a victim of fraud or if you unwittingly provided personal or financial information (identity fraud), follow the steps in our Victim Assistance Guide. If you are a victim of fraud and it is not related to identity fraud, contact the police service of jurisdiction in your area. Always report fraud to the Canadian Anti-Fraud Centre at email@example.com or by dialing 1-888-495-8501 or on-line by visiting the CAFC website. The third link the CRTC sent us was to the Canadian Anti-Fraud Center which contains a lot of information about how you can report scams over the phone and about recent phone scams which includes this particular one. “If, however,” the CRTC told ZeroPaid, “a legitimate telemarketer calls you and breaks the DNCL rules â€” you can make a complaint either online or by phone. To file a complaint you need: 1. Your phone number (where the call was received) 2. The name or phone number of the telemarketer 3. The date you received the call Note that the phone scam discussed is not a legitimate telemarketer, so if you get the computer viruses phone scam, this is best directed at the Canadian Anti-fraud Center and the RCMP. We here at ZeroPaid hope that this is valuable and informative information on this scam and how you can report it. Feel free to also discuss this scam or other phone scams in the comment section below. Note that the above information on reporting this scam is directed at Canadians. If you do not live in Canada or the UK and receive these calls, please feel free to let us know in the comments section below as we are only aware of this scam being active in the UK and in Canada. Drew Wilson on Twitter: @icecube85 and Google+.