Pinterest Stumbleupon Whatsapp
Ads by Google

computer support scamYou’ve probably heard the term “don’t scam a scammer” but I’ve always been fond of “don’t scam a tech writer” myself. I’m not saying we’re infallible, but if your scam involves the Internet, a Windows PC and a cold calling technician, it won’t take long for the penny to drop.

I’m basing this article on my experience with a would-be scammer who called my parents house last week. This isn’t the first time Mr Windows Repair Guy has so helpfully graced us with his detailed instructions, and this time I was determined to find out exactly what the deal was.

Tell your friends, tell your relatives – Microsoft does not call to fix your PC.

The Call

When the phone rang, the guy on the other end claimed to be from “Windows Technical Support”. Many people would probably notice that something is awry at this point, as Microsoft isn’t known for cold calling to tell you there’s a problem with your computer. Straight away I knew it was the good old “you’ve got viruses, and we can fix ’em” scam, so instead of the “where’s the Start button on my Linux desktop?” routine I had fun with last time, I thought I’d play along.

I was informed that Microsoft had detected that I had viruses on my computer, and that if I didn’t follow his advice to remove them, my computer could “crash unexpectedly at any time” (tell me something I don’t know).

computer support scam

Ads by Google

So I sat down at my parents’ new Windows 7 machine and asked him what sort of viruses I had. He told me to click on Start, right-click on Computer and choose Manage. Then I was told to click Event Viewer, Custom Views then Administrative Events.

This is where the scam gets somewhat believable. This screen displays a log of messages from various services and programs running on your PC. At first glance, there are a lot of red crosses and warning triangles, which could probably look quite serious to an average user.

computer scams

Apparently, these were my viruses!

The Fix

I was then asked if I could delete any of these new-found viruses with a simple right-click and Delete. As we all know by now – these aren’t viruses. Additionally, you can’t remove the log with the right-click context menu, so I guess they’re just here to stay?

computer scams

Of course the fix was only round the corner. Once I’d informed my new best friend that I couldn’t remove them, he told me to open Internet Explorer (!) and assured me there was software available to help victims like me.

The website I was told to visit was AMMYY.com (which we are not linking to), but the software didn’t seem to match up. This website claims to provide a remote desktop solution, not the malware dressed up as security software I was expecting.

computer scams

At this point I had been on the phone for a good 15 minutes, with much of the conversation lost in translation as I struggled to understand the heavy Indian accent. I had words, informed him that I knew exactly what was going on and would be reporting the incident to BT (the telephone provider) as well as shaming him in any way possible and bid him adieu.

computer virus scam

Didn’t stop him calling back immediately though did it?

The Cost

There are a plethora of reasons you shouldn’t trust a cold caller, but even more so when it comes to your PC, your personal information and suspicious software. The costs associated with someone gaining remote access to your computer could be devastating. Sensitive information relating to bank accounts, passwords for paid services and documents that could be used to forge an identity 9 Ways To Prevent Identity Theft By Computer Hackers 9 Ways To Prevent Identity Theft By Computer Hackers In this digital age, where almost the entire human knowledge is stored online, some of the most valuable information you possess is your own identity. The term refers to information that enables an identity thief... Read More could be stolen.

computer support scam

Goods could be ordered via services that save your billing information and any sites that remember logins will be easily accessible. In addition to theft, safeguards like anti-virus programs might be disabled and further malicious software like keyloggers and trojans could be installed.

There is unfortunately very little that can be done to combat these scams. I phoned BT and was told that the numbers from this type of call are virtually untraceable, but calls came from “somewhere in Asia” and were a persistent problem. If the perpetrators are using VoIP services like Skype, the calls are not easy to trace, and it’s not impossible to use a ringback service to decipher the number Top 8 Sites to Identify The Owner Of A Phone Number Top 8 Sites to Identify The Owner Of A Phone Number Read More .

Conclusion

Hopefully this article has provided some brief insight into this kind of computer support scam, which is prevalent all over the world. Unless you fancy becoming part of the big bad botnet, you’d better never trust a caller like this. Variations are common – sometimes it’s bogus anti-virus software that requires payment, or similar – so remain vigilant.

I’m not sure whether AMMYY.com are a legitimate company or not, but Panda’s Firefox plugin doesn’t rate the website and nor does a quick Google search which brings up all sorts of “scam” notices. I’m going to recommend that nobody uses an AMMYY.com product, purely on the basis that there are lots of quality proven alternatives 7 Easy Screen-Sharing and Remote-Access Tools 7 Easy Screen-Sharing and Remote-Access Tools Read More that aren’t linked to dishonest individuals who want your money, data and bandwidth.

Have you had any phone calls like this? Do you know anyone who has? Consider sharing this article, and spreading the word. Comments and discussion are welcome below this article.

  1. ChrisC
    August 10, 2016 at 11:44 pm

    My mother who has dementia and never answers the phone normally took one of these calls today while she was home alone.
    She told my sister when she got there that what ever button she pushed took her to iCloud.
    I don't know if that was her pushing the wrong button or that is what they requested.
    I don't know what else happened (because of her dementia the story is a little sketchy)
    She said she finally told them that her computer was working just fine and hung up on them.
    When my sister got there the computer was off and she had to reboot.
    Can you tell me what to do now?
    Is there something I should be looking for on her computer that would signify they did something to her computer.
    I live there with her (I am traveling right now and have a friend and my sister checking on her)
    I do not use the computer (I have a Mac)
    She uses it for her library website, solitaire games and sometimes she manages to log onto her bank account when she is having a good day
    What should I tell my sister to do?

    • Tim Brookes
      August 12, 2016 at 3:15 am

      Hi Chris,

      Stories like this really make me angry. There's no way to know exactly what happened to the computer, but assuming it's running Windows I'd recommend running a virus scan (good list in this article: http://www.makeuseof.com/tag/security-software-using-windows-10/), and an anti-malware scan with Malwarebytes. Check for any remote access software (GoToMyPC, TeamViewer, AMMYY Admin and so on) that shouldn't be there, and remove it.

      Do you know if iCloud was logged in? It may be worth changing the password if so. As I said I can't comment on your exact circumstances, but just sweep the machine for anything untoward or malicious and take some precautionary measures with any passwords that may have been disclosed.

      If it's a Mac, then look for remote access apps and change passwords. I think these scams normally target Windows users though.

      Fingers crossed your mother put the scammer in their place before they were able to do any damage!

      Let us know how it goes.

      Tim

    • Cchap
      August 12, 2016 at 4:21 pm

      Thanks , Tim. I have forwarded the information to my sister.
      I think she already did a virus check and ran a malware check.
      We have blocked the number because they called back 4 times last night.
      .
      I will keep you posted.

  2. Howard L
    July 22, 2016 at 2:23 am

    Driving scammers crazy is fun, but I've run out of patience and time for doing that. Even if I've never heard from the caller's organization before I say, "I told you people to take me off your list."

    The caller gets the message that I've already been exposed to the pitch, resisted it, aren't likely to lead to a commission, and thus am a waste of time. I usually get some kind of apology, plus assurance that I won't be called again.

    I've found this line works not only against scammers but also against other types of marketers, including political groups seeking help, charities wanting contributions, salesmen peddling "memory books" from my high school, and so on.

  3. Adam
    December 11, 2015 at 11:35 pm

    I've been getting 2 - 3 calls a day from "Dell Tech Support" who know my name (frightening) and want to run this scam on me. I've tried telling them I don't own a Dell, tried telling them I run a Linux machine, tried telling them that I doubt that any viruses have made it past my firewall, my Cisco ASA, and out of my sandboxed vm into my pristine prime os. All to no avail. they keep calling. I've tried playing along until my patience got the best of me and hung up. (did learn that they wanted me to go to [www. fff. re/dawu]. This time he kept asking me if I was an IT person.
    The next time they call, my wife wants to take it. She'll go into great lengths describing and discussing all of the male genitalia that is all over every aspect of her computer which is used only for porn. Should they ask about the computer for banking and shopping, she'll tell them that she would never do that on this machine, do they know how many viruses are all over this one?
    Maybe we can discomfort them into leaving me alone?
    Failing that maybe I'll give their info over to the ethical hacking class at school and let them have fun with it.

  4. Andy
    November 13, 2015 at 5:23 pm

    I also got cold called this morning, and the script was almost verbatim with what others have described above. The heavily accented person said he was from Dell, and that my computer was downloading "infraction files". He asked me run a file at http://www.fff.re/y92, which is when I got suspicious. This is the second time I've been called, this a sophisticated scam that has been going on a while (Google "3rd party entities posing as Dell Technical Support"). Beware!

  5. Eliza Liapunov
    September 16, 2015 at 8:39 pm

    These people tried to scam me, which I recognized right off, but played along because I wanted to see what they were after.

    At some point they reached directing me to connect to http://www.fff.re/8yet (don't do it).

    So I researched a bit and found that connecting to http://www.fff.re/8yet will cause an executable program to try and load and run on your computer. Trojan house where you accept launching their program past your virus protections.

  6. Eugene Hilsheimer
    August 27, 2015 at 7:24 pm

    I just received the call... while he was explaining himself and how he (Dell) was going to remove "hardware" viruses from my Dell PC, I googled the phone number and the URL he was having me go to... and I arrived here. I just hung up on him and did not get a call back.

  7. Anonymous
    May 20, 2015 at 4:50 pm

    I watched a program about theses scams the other night targeting the elderly, pleased i did as had phone call today from foreign women. She said my computer was giving warning out, told her I know this is a scam! She told me to get off the line! And hung up!

  8. LDG
    April 2, 2015 at 11:55 pm

    I was asked to type in http://www.fff.re/4lah. I refused and hung up and goggled this website and I found this post. But if I heard correctly, the scammer knew my name and he asked what I used my computer for such as: banking, shopping, business etc.

  9. Nin
    March 23, 2015 at 7:19 pm

    Literally just got a call like this, but already weirded out because he said he was connected to our server but didn't know the amount of computers we had in the house (hint: more than one). Made him waste his time but after we got to the red and yellow list, I told him I was too busy to try whatever his solution was going to be and he kinda pissily said "If that is what you choose" and hung up. Huh.

  10. Y C
    February 24, 2015 at 10:18 am

    I've just literally got off the phone to them and did a google search and found this thread. The phone is ringing again as I type. I am calling my phone provider to block the number.
    The website I got told to go on was "showmypc .c om" which clearly is not a part of Microsoft.
    Having told the guy I had antivirus software, he told me that my antivirus was rubbish and I was stupid to buy antivirus.
    Annnywayy ended the last phone call quite heavily after the Indian man down the other end dared to claim I was an "illiterate female" which as a feminist I did not take lightly as he found out shortly after the remark.

    • Tim Brookes
      February 26, 2015 at 2:12 am

      That's horrible, glad you are tech savvy enough to realise that this is a scam!

      I wouldn't worry about what someone who scams people for a living thinks about you. Call your phone provider and see if they can block the number if they keep ringing, though do be aware that many of these scammers use internet telephony to hide their tracks and make it virtually impossible to actually block or trace the calls.

  11. Ray
    February 13, 2015 at 2:31 am

    Been there, still there. The same scam has rung my phone 4 times and counting. I have told them the first time that I knew it was a scam. The second time I played with them for about an hour. I was acting like a total computer illiterate and I had that middle eastern man soooooo mad that he hung up on me! Now I just tell them that I only own apple products.

    • Tim Brookes
      February 26, 2015 at 2:10 am

      Haha Ray, I'm rather fond of your technique of wasting their time to the point where they get annoyed and hang up on you. That's a victory right there.

  12. Tania
    February 12, 2015 at 2:01 am

    This is exactly what happened to my mother actually believed them and she paid $199.99 2 years ago. NOW they are calling back and keep bothering us saying that they will refond our money back and I said how is that gona work out the guy said: Well are you infront of yur computer right now ma'am? I said yes they started asking me to click on the windows icon and hold and click R to run and type teamviewer.com so I did (knowing still that it was a fraud and I was just going along with it) it didnt work so he said type in Ammyy.com and I did my computer wasnt accepting it and a page started warning me saying attention your computer is in danger all your personal info, passwrods, bank, facebook etc are in danger and so Then he said "What do you see ma'am" I told him everything and he said ma'am thats just a pop up and so I went ahead and told him to call me later so we can continue but I honeslty decided to report them and have them call me whileone of the the cyber fraud helpers were detecting them throught the phome call .If anyone else has this problem go ahead and contact ic3.gov dont just leave it and allow them to continue this spam with other people help your community out. (:

    • Tim Brookes
      February 12, 2015 at 11:51 pm

      Well done for taking matters into your own hands and trying to get these scammers shut down. The main problem is detecting where the call comes from, many are overseas and others use VoIP providers like Skype to connect calls, which only helps to hide their true location.

      Thanks for sharing.

  13. Anonymous
    December 12, 2014 at 12:03 am

    They wanted me to type in the run box 'www.fff.re/4lah', which would install their software. They probably have multiple such sites.

  14. Matt
    November 18, 2011 at 3:03 pm

    I just had the same thing except they asked me to go to the showmypc website. Like the idiots didn't think i'd be googling them before i even thought about going to the website and here i am. Seriously i went downstairs, put the phone down. They called again, i didn't answer (mainly because i was having a piss at the time) then they called back once more at which point my exact words were "Stop talking ***, i know this is a scam. DO NOT CALL AGAIN!"

    Phone down.... Back to NFS: The Run.

  15. Jeremy
    November 7, 2011 at 6:42 pm

    My call used showmypc.com, and assured me that they were calling from onlinespecialist.com - both appear to be legitimate.

    • Tim Brookes
      November 10, 2011 at 11:14 pm

      That's a shame - different scammers seem to use different tactics, all the while muddying the name of decent companies who provide a legitimate service. There's no real end in sight for this kind of scam either as the scammers are so hard to trace and can literally set up from anywhere in the world.

  16. John
    November 3, 2011 at 7:35 am

    not sure how many poor buggers have had these bastards take their hard earned grocery money but we have had 7 calls in 2 months! guessing they need a better database. I fthere was a way to identify them I'm sure I could fill a plane load of volenteers to pay asia a visit. Good one you and spread it around as it's rife hear in New Zealand at the moment.

  17. Joshua Todd Cowper
    October 14, 2011 at 7:15 am

    I set up a Virtual Machine and have fun. I always end up having them hang up on me, after speaking to the 'Senior Managing Technician'.

  18. Itzher
    September 21, 2011 at 10:29 am

    Thanks Tim - the same thing is happening to me right now - from a company called 'showmypc' - politely told them i didn't need their help and they keep trying to call me,
    have put phone down on them twice.

  19. Fart
    September 16, 2011 at 11:35 pm

    i like how there's an ad to mac keeper, a well known piece of shitty malware, on the same page as this article. way to go makeuseof!

    • Aibek
      September 18, 2011 at 10:01 am

      We work with major ad providers and rely on them to do the ad filtering for us. Could you please send me a screenshot fo the add as it appears for you and we'll look into get it removed.

      Aibek

  20. Shirley Hardy
    September 16, 2011 at 4:08 pm

    Hi Tim,
    I'm glad someone finally wrote something about this nasty business. I've had many phone calls from the same "supposed Windows Technical Support" people. I live in Australia and being used to Indian people on the phone, I'd almost guarantee by the Windows Technical Support people's accents that they are 100% Indian, meaning they actually live in India. Anyway, I am very possessive over my computer, and I certainly will not let anyone access my computer over the Internet unless I am dealing with my Internet server which is Bigpond. The Windows Technical Support people hounded me constantly and eventually I told the guy I didn't have a computer. The phone calls stopped after that. The thing that alerted me to it being a possible scam was this...Windows is an operating system not an actual manufacturer. Please bear with me. It's like a car's engine vs an entire car. The actual company is the car's manufacturer not the people who made the car's engine. The exact same thing applies with a computer - I think. I thought why would an operating system's manufacturer (which is probably Microsoft anyway) claim to suddenly be "Windows"? Doesn't make sense, does it, especially knowing Microsoft makes the operating system in the first place. These Windows Technical Support people are not experts of computers either, as my brother found out who fell for the scam. And they end up by also adding virus programmes to your computer via their computer. But what's worse is they scam you out of money for a bit of software that you cannot get rid of from your computer, and it eventually makes your computer crash big time. AVOID THEM AT ALL COST AND NEVER GIVE THEM THE OPPORTUNITY TO ACCESS YOUR COMPUTER. Lie if you have to, to make them leave you alone. I don't condone lieing but telling them you don't have a computer seems to work and they stop calling after that.

  21. Khai
    September 16, 2011 at 3:29 pm

    I got one of these fake support calls today. knowing it was a scam I decided to have some fun...

    Hello?

    hello this is the computer support department

    what can I do for you?

    your computer is sending out important information

    it is!?

    yes, your computer is sending out important information

    can you tell me what?

    it's just sending out important information!

    oh my god no

    yes, your computer is sending out important information

    oh my god. have you got the pictures of me , the goat and the lubrication?

     

    ...he hung up.

    • Tim Brookes
      October 14, 2011 at 9:06 am

      This is funny, nice one!

  22. Paco_vj
    September 16, 2011 at 2:26 pm

    Just to try and clarify, AMMY ADMIN is a remote desktop software similar to Team Viewer, ShowMyPC, etc. I use ti on a regular basis to connect to my family and friends and is definitively not a Malware, Spyware or Scam software. Unfortunately this guys form the Scam company are using it to get control of the systems and giving a bad name and reputation to the software, BUT THEY ARE NOT RELATED, or not as far as i know off. In all the time i have used the app i have never had a issue with it and it works really great.

  23. Shawn Dillon
    September 16, 2011 at 1:24 pm

    A friend of mine ran into the same deal. Fortunately he is very computer savvy and fired up a virtual machine and captured most of it as a screen recording.

    Check out his blog post.

    http://www.geospecialling.com/index.php/2011/05/a-new-breed-of-scam-quickresolve-net/

  24. James Bruce
    September 16, 2011 at 7:27 am

    Just one minor point Tim - from what I've read, the software they get you to install is not actually malware, it is just remote control software. At that point, the dirty scammer will log in to your pc, do some right clicking on property boxes and delete a few random files, and at some point in the process install the actual malware. 

    I had an idea though - how about running some kind of wireshark capture in a virtual machine, and tracing the IP they connect from, they doing a quick search for their location and ISP, then you could continue the conversation like so:

    "I see youre connecting from Calcutta and your ISP is Crap Services Ltd. I have some friends there, hold on a moment"

    "Sir, I , how do you know that? I…"

    "Hey man, I need you to tell me the customer location for the IP address xx.xxx.xxx.x . Thanks man, that's perfect, can you get the boys to go round their and show him why scamming people is a bad idea? Fantastic" 

    • Tim Brookes
      September 16, 2011 at 8:35 am

      Hey James!

      As I wasn't running a VM, I wasn't willing to sacrifice my dad's PC in order to find out if it was malware or just bog standard remote desktop stuff. If I ever get a call like this again I'll boot up a VM and go the whole hog, it'll probably make an interesting blog post or something. I agree it's likely that you hand over the keys and watch the guy disable your antivirus, delete some harmless files and install "additional security software" out of the kindness of their heart - but Google is full of "AMMYY scam" results. This is a shame if it's a genuine company, as they've got some bad press from these calls!

      That's a fairly in-depth plan you've got there but I'll look into it. Sounds like you know how to find a guy ;)

      Tim

  25. Suhel
    September 16, 2011 at 6:38 am

    pheww... scary article

  26. Mike
    September 16, 2011 at 5:23 am

    As for the story - that's a good one. I'm not sure whether I would play along or threaten him for "hacking into my system".

    I'm no expert on this type of research but "Ammyy LLC" doesn't seem to be registered with the State of Washington (location according to their contact details)http://www.sos.wa.gov/corps/corps_search.aspx

    Don't want to say you cannot trust them but with alternatives like TeamViewer or Mikigo I don't see a reason to take chances.

    • Tim Brookes
      September 16, 2011 at 8:45 am

      Yep, great advice. There are tons of free and cheap alternatives if you find that you need more advanced software. Playing along with a scam is quite fun, I'd recommend it just for their reaction alone (and to see whether they have the gall to call you back). Plus you can warn all your friends too!

  27. RJC
    September 16, 2011 at 2:56 am

    I have actually used the Ammyy Admin program to remote control/diagnose problems with family's computer.  It hasn't made either of our computers blow up and worked pretty well for what it was supposed to do.  It could be the scammer was just using it because it's a simple remote desktop program.  :shrug:

    • Noone
      September 16, 2011 at 3:06 am

      Or could be you've opened yourself & your family up to a world of pain. To be on the safe side may I suggest teamviewer &/or logmein both very well respected remote desktop programs.

      OR MAYBE EVEN THE INBUILT REMOTE DESKTOP THAT COMES WITH WINDOWS!!!

      Just a thought.

    • Tim Brookes
      September 16, 2011 at 8:43 am

      I wasn't sure about this. It is actually a crying shame if this company is legitimate yet has had it's entire reputation muddied by these scammers. A search on Google for "AMMYY [dot] com" does reveal a lot of "scam" results, hence my advice just to use something else we all trust instead.

      Even the basic Windows Remote Desktop client works fairly well.

  28. Jinxykatt
    September 16, 2011 at 2:51 am

    Shina, the person in the image is from a tv show called fonejacker.

    A show where a comedian calls cold calls people for the purpose of amusement. That pic is the Nigerian scammer. See the connection??

  29. Tutu
    September 16, 2011 at 2:17 am

    Must te image be a white man then?

  30. Carol Hussey
    September 16, 2011 at 2:16 am

    We have experienced this type of call and couldn't believe how persistent they were even when we told them we knew it was a scam. We got as many as 4 or 5 calls in one evening. They also try the "I'll refer you to my manager so that you know it is legitimate" - of course all of this on very heavily accented English. It's also impossible to reach Microsoft to try to verify anything. Thanks for more info.

  31. Ric Weide
    September 16, 2011 at 2:03 am

    When ever you get calls from someone like Microsoft Google, etc.  Demand that you speak to someone from the United States. They are required to grant your request. This will short circuit any scams, and help get the call centers back to the U S.!

    • Tim Brookes
      September 16, 2011 at 8:41 am

      Handy tip, thanks for your input.

  32. Shina Memud
    September 16, 2011 at 1:57 am

    Mr Tim the innocent person,

    Must the image be a black man?

    • Jeffery Fabish
      September 16, 2011 at 2:14 am

      Does it really matter the race? He wrote a very in-depth article trying to keep you safe and you have to find something to complain about, and more so it's about the race of a guy on a fucking picture? Just read the article, learn something and shut the hell up.

    • Tim Brookes
      September 16, 2011 at 8:40 am

      Hi, 

      As a few others have already noted, the post image is a character from a British TV show called Fonejacker. The video below might clear it up a bit. No racist connotations intended :)

      http://www.youtube.com/watch?v=LgHQDhoAc6s

  33. Danny Stieben
    September 16, 2011 at 1:46 am

    Tim, I'm digging the intro image. :P

    • Tim Brookes
      September 16, 2011 at 8:40 am

      Glad you approve ;)

Leave a Reply

Your email address will not be published. Required fields are marked *