Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

Scammers Pose as Microsoft Tech Support Workers to Hijack Computers


Warning message claims that scammers posing as Microsoft staff members are calling people and attempting to trick them into handing over access to their computers.

Microsoft caller scam
© Heiko Bennewitz

Brief Analysis

The information in this warning is factual. Scammers pretending to be Microsoft workers have been cold calling people and attempting to trick them into downloading information-stealing trojans and other malware or handing over credit card details to purchase rogue computer security software. The scammers have been targeting people in Queensland and other regions of Australia over the last several months.


Subject: Warning - please heed

To family and friends,

I just want to warn you of a scam circulating in the form of a phone call. I experienced this today 15th July. The caller sounded Indian or perhaps Pakistani and told me my computer was full of garbage mail and viruses and should be cleaned out 'at once'. He said it was about to crash. He told me to go and turn my computer on.

I asked him how did he know all this about my computer, he said he was from Microsoft and I needed to do this now. Luckily, I was busy and said no but told him to ring back in a week.

I got in touch with my computer man and he said "Did you turn it on?" If I had, he said the caller would have immediate access to everything in my computer including any bank accounts etc. Scary, eh?

Please take heed.

Detailed Analysis

This circulating message warns recipients that callers posing as workers from software giant, Microsoft, are attempting to trick people into handing over access to their computers and personal information. According to the warning message, the scammers phone their potential victims and claim that a problem such as a serious virus infection has been detected on their computer and they must immediately follow the caller's instructions in order to rectify this problem. The message warns that those who comply with the scam caller's instructions will in fact be giving criminals access to their computer and any personal files stored on it.

The information in this warning is factual. Although a little hazy on details, the warning nevertheless provides a basic description of a real scam operation that has been targeting Australian residents for several months. The bogus callers attempt to trick those they call into going to their computers and opening a website, ostensibly as part of the procedure for fixing the supposed virus. However, once on this website, they will be tricked into downloading and installing trojans and other malware that can allow criminals access to the compromised computer and harvest personal and financial information. The victim may also be tricked into parting with credit card details, ostensibly in order to purchase software supposedly needed to "fix" the computer problem.

A May 2010 Queensland Police Media Release provides more information about these scam attempts:

Public warned against anti-virus computer scam

Police are warning members of the public to be vigilant with regards to internet security following reports of a scam targeting victims on the Sunshine Coast.

Residents from the Sunshine Coast have reported a telephone-based credit card scam which involves a group claiming to be from an online computer company cold calling victims at home, asking them to log onto their computers and to load the company’s website.

Upon doing so, victims are requested to run programs that give the impression there is something wrong with their computers. The offenders then offer to sell the victims software they claim will fix their computers, however victims are unknowingly downloading software which trawls the computer looking for personal information (including credit card details) which is then sent to the offenders.

The offenders are said to be aggressive and usually hang up when challenged.

Scammers are also making calls to potential victims indicating they work for Microsoft and need to gain remote access to the victim’s computer to fix a bug in the system.

“Unwary victims who provide this remote access are literally handing their computer and control of their computer to offenders who could use it to steal their personal and financial information, plant keylogger Trojans (software planted on your system to record keystrokes such as passwords or log ins) or use the computer to attack other machines or systems,” Detective Superintendent Brian Hay of the State Crime Operations Command Fraud and Corporate Crime Group said.

“The message is to always be careful of anti-virus pop ups and take a moment to carefully check on anything before you hit ‘accept’. Do not respond to messages or emails from anti-virus companies offering to run free scans on your computer or reminding you that your system requires it’s annual subscription upgrade. These scams are now recognised as the third most successful scam in the world. Unsuspecting victims, thinking they are doing the right thing are not only infecting their computers with potential malware (software planted on your computer that can be used to retrieve data or take control of your computer), but potentially surrendering their identity and credit card details,” he said.

Anyone with information which could assist police with their investigations should contact Crime Stoppers anonymously via 1800 333 000 or 24hrs a day. Crime Stoppers is a charitable community volunteer organisation working in partnership with the Queensland Police Service.
The scammers are quite aggressive and attempt to intimidate potential victims by using highly technical language along with threats of dire consequences if they do not fix the supposed computer problem urgently. They may instruct their victims to undertake technical procedures that appear to reveal evidence of virus infection or other problems.

For example, in one incident recently reported to me, the scammer began by telling his potential victim that her computer had sent an error message to Microsoft and he was calling to help her rectify the problem. The user was at first inclined to believe this claim, because her computer had indeed crashed shortly before the scammer placed the call. Given the Windows Operating System's propensity to crash on a regular basis, this is not really such an unusual coincidence. The scammer then asked her to press "Windows Key + R" which opens the "Run" dialogue. She was further requested to enter another command into the Run box which would have presumably opened a file or application that the scammer would have falsely identified as being the cause of the problem. Thankfully, in this particular case, the user became suspicious and hung up on the scammer before proceeding any further with his bogus instructions. Unfortunately, others0S have fallen for the scam callers lies and proceeded with the bogus instructions.

Even if you did happen to have a virus infection or other problem on your computer, Microsoft will certainly not cold call you and attempt to rectify such issues. Similar versions of the scam have also targeted people in other parts of the world, including the UK and the USA. In some cases, the scammers will pose as representatives of well known anti-virus entities such as Symantec.

Last updated: 16th July 2010
First published: 16th July 2010
By Brett M. Christensen
About Hoax-Slayer

Public warned against anti-virus computer scam
Scammers Promoting Rogue Anti-Virus Through Phone Calls