Microsoft Phone Support Scams
If you receive an unsolicited phone call from an unknown person claiming to be from Microsoft and further stating that multiple issues have been detected on your computer, including computer viruses, malware, and trojans hang up – this is a scam! These phone calls are fake! Microsoft will not call you, Microsoft does not operate personal computer security in such a manner. It is true that Microsoft Windows will send anonymous crash reports (etc.) if a user chooses the option; however, the anonymous information collected in such reports does not give Microsoft access to your telephone number.
The primary objective of the Microsoft Phone Support Scam is to trick victims into allowing cyber criminals access to their computer systems in order to extort money or steal information. The tactics this particular scam uses is to either convince a victim to pay for additional computer support and removal of malicious parasites or gain access to a computer system to do one or more of the following:
- Attempt to persuade victims to install remote software including AMMYY. AMMYY is a remote desktop tool that criminals use to make a remote connection to a victims computer in order to cause complications. Criminals may insist that a victim visit the ammyy website (www.ammyy.com) in order o download and install the needed software. Once a remote tool is installed the criminals and scam artists have complete access and control of your computer. Criminals can view every file, document, video, and more on your computer, as well as corrupt system settings and delete necessary and critical
- Persuade victims to pay for non-beneficial service, in turn handing over payment information including credit card and bank account details.
- Request additional information about your, your family, friends, and even coworkers.
- Access a computer system and leave it vulnerable to further attacks.
- Direct victims to fraudulent or malicious websites.
The video below published by Malwarebytes explains how the Microsoft Phone Support scam works. A cyber criminal made the mistake of attempting to scam a security researcher at Malwarebytes earlier this year and he managed to capture the ordeal:
What to do if someone calls you claiming to be from Microsoft
If someone calls you claiming to be from Microsoft you should immediately hang up and scan your computer for malware, including spyware that may have initially given the scam artists your contact information. Instructions to automatically detect and remove malware is detailed further below.
- DO NOT PURCHASE ANY SOFTWARE OR SERVICES!
- Do not allow the caller access to your computer system.
What to do if you fell victim to the Microsoft Phone Support Scam
If you fell victim to the Microsoft Phone Support Scam and paid for services or allowed criminals remote access to your computer system, take down information about the incident and contact the local authorities.
You should also contact your bank and credit card provider(s) to dispute any made charges and alert them of the scam. Your bank or credit institution can provide further safety instructions.
Rest your passwords! All of them! Reset your computer administrative password and all user accounts active on the operating system. Also reset your social media account passwords, email passwords, and more for safe measure.
Uninstall any unwanted software installed on your computer. If you installed AMMYY or similar remote administrative tools make sure they are removed.
Perform a full system scan of your computer using reputable software:
1. Install the free or paid version of Malwarebytes Anti-Malware software.
2. Once Malwarebytes is installed, run the program. If you are using the free version of Malwarebytes you will be prompted to update the database, please do so.
3. Navigate to the first tab labeled “Scanner” and select the Perform full scan option. Click the Scan button to perform a full system scan. Malwarebytes will automatically detect malware that has infected your computer system.
4. Once the full system scan is complete, Malwarebytes may prompt a message stating malicious objects were detected. Select the malicious objects and click the Remove Selected button to completely remove the malicious files from your computer (the image below shows a file that is NOT selected).