My wife got a call from a self-described technical services professional who said that 76% of Windows computers in Massachusetts were infected in the last 48 to 72 hours and would crash. Could she go to her computer and log in to their secure server?
She told him she thought it was very impressive that Microsoft was calling every one of its customers in Massachusetts to notify them of the problem. “I’ve been using Microsoft products for years, and this is the first personal call I’ve ever gotten,” she said.
He said that Microsoft wanted him to do this, and she said it sounded like a wonderful new service. He told her to go to her computer and together they could fix the problem.
She told him this sounded fishy and that she wasn’t going to do it.
He told her he’d stay on the line and she could call a number he gave her to verify that he was legit.
She said she wasn’t going to do that, either.
He said he’d hang up and call back in five minutes.
She said if he had 76% of Windows users in Massachusetts to call, he was probably too busy to bother.
She hung up and called me with then number he’d given her – (888) 514-1650.
I called and told the man who answered that my wife had received a call from this number. Was this Microsoft?
He said no, but they do support Microsoft and any devices running Windows software.
I asked how they knew something was wrong with my computer. He took my name and said he’d check my account. He put me on hold and somebody else picked up.
He said they’d noticed unusual activity on my computer that indicated someone else was using my computer from another location.
I asked how he knew.
He said my computer keeps a record of suspicious activity and notifies a Microsoft secure server. Every registered Windows computer is connected to a Microsoft secure server.
“And you call up everyone whose computer registers suspicious activity?” I asked.
He said he didn’t but his company has the world divided up into zones to call.
“Are you Microsoft?” I asked.
No, they were not Microsoft. They were technical support providers. “Different sides of the same coin.”
Did I hire them? Did Microsoft?
No, neither one, he said.
How did he get my phone number to call about my computer’s problem?
When I registered my Microsoft computer I gave the number, he said.
I said I didn’t.
He recited my business phone number and asked if that was correct.
I said it was the number I was calling from, but that his business had called my home phone. How did he get that?
From my Windows registration.
Did his business have a name? Does it have a Web site?
Yes, he said - www.support.live.com (This site is registered to Microsoft.)
What was this service going to cost me?
Somewhere between $100 and $300 or maybe nothing at all if no problem was found.
Would he upload any software to my computer?
No, I would connect it to a secure server so he could check it out. “Any software required would be provided from our end,” he said.
How was he able to monitor my computer?
He wasn’t monitoring my computer, he only got information from the secure server. “We only get information. We don’t see anything on your computer,” he said.
He asked if I had my computer with me.
I told him I had a computer but not my computer.
He said I should call back when I had it with me.
And he hung up.
Tim Greene covers security and keeps an eye on Microsoft for Network World. Reach him at firstname.lastname@example.org and follow him on Twitter@Tim_Greene.