Call from co. claiming to be working with Windows on security issue

[Mishkyn]

Dear Members,
Hope this is the correct forum, I am a new member and just received a call from a man who said that other people were using my computer for their own purposes. I asked the name of his company and he said, "we are working with windows."

I asked for information to check out and I would call him back. He insisted I check it out while we were on the phone and I refused. He gave me the phone number to call: 1-800 GEEK.COM and again, said Windows had asked his company to help them out with this security issue of other people using computers for their own purposes.

I did not want him on my phone for long, so I said I would check it out and call him back. This is part of checking him out. When I called the number he called from, it was not the one he gave me, and the message came on: "This number is no longer in service or has been disconnected."

I did not call the 800-GEEK etc number he gave me, but has anyone received a similar call and what are they trying to do or get from me?

This is why I so rarely answer my home phone and nearly always let the machine get it. Anyone have any ideas what they are after?

Thanks,
Mishkyn

 

[Jared Tester]

This is probably a scam and should not be trusted, as they are most likely just trying to scare you with false information like your computer has a virus and are just trying to steal personal information like social security info, bank account info ect. So if I were you, I would just ignore it as like I said it's most likely a scam and should not be trusted, hope this helps.

 

[Tim Locke]

Definitely a scam. Let these guys any where near your PC and some ransomware will get downloaded.

 

[Mishkyn]

Dear Jared,
Thank you for your reply and advice. I was one of the lucky ones as apparently huge numbers of people are receiving calls from people claiming to be from Windows or Microsoft, lots of people receiving calls are in the UK.

A message was posted in the Microsoft Win 10 forum about this type of caller who said the "company" (MS) had noticed a great many "error messages" popping up on his computer. I was told this, too. Please, am I supposed to believe that MS and Win are trolling around monitoring all computers looking for errors???

This poster and several others were asked to restart their computers, and click on certain things, type in various codes, which lead the caller to claim their computer was infested with terrible viruses but they would take care of these remotely---no money was ever discussed, so the belief is that the goodwill of Win or MS is going to repair random computers for free.

People said that before their eyes their computers were taken over remotely and they noticed passwords being changed, also personal information, settings, and various things being disabled. They tried to stop it, but the people kept going and said it was all safe, everyone was doing it...blah blah...

It took the callers several days to clean things up, many had to go back to factory settings, and obviously re-set all their passwords, but who knows what might have been stolen before changed passwords and other protective measures were taken.

Luckily I never gave them control, but wondered if there was any way they could get any information through my phone lines, so I got off the phone quickly. Normally, I am ashamed to say, I would play around with this type of caller and tease them into thinking I was playing along, but don't know if any new technology can allow someone access to my computer, but I could just shut it off if I am feeling playful.

By the way, there is a Geek.com site, but there is no mention anywhere of their "partnership" with MS and/or Win.

Think I mentioned the phone number they called from---it was left on my phone, was "no longer in service".

There were dozens of posts on the MS site about similar calls.

Again, Jared, thank you for answering me--and you, too, Tim MIshkyn

 

[BigFeet]

This is a great video of a scammer claiming to be a Microsoft employee. I watch this when I need a good laugh.

 

[Mishkyn]

Thanks for a great laugh, and major kudos for remaining on the phone that long. I had to watch a baseball game during the scammers endless dialogue, I could not pay attention to him while waiting for the payoff at the end. It seems that they really were not quite sure what you did to them and what a "virtual machine" is.

Are you responsible for getting them the low trust/high risk rating on scamadvisor.com?

Thanks for posting this and trying to warn as many people as you can. They do terrible things and hopefully they will get their comeuppance one day, but then they are not who called ME, so there are plenty more where they come from. How disgusting to do this to people. They are also giving Indians a bad name, which really hurts me as I have plenty of Indian friends, one of whom fixed my computer, working 2 days, and charged so little money for all his hard work and time.

 

[Stevekir]

I was nearly caught. I have a close friend whose email address is (e-mail address removed). I saw a message "from him", "abcdefg.hijkl" and without examining its full email address, just looked at the familiar bit before the "@", and got a simple message, as he often sends, like "have a look here...". My friend often sends me interesting (not porno) attachments. Stupidly, I opened the attached video and it turned out, after a simple intro, to be a lad saying that he could make me £50,000 in a month and the same for months (years) and I would become a millionaire within the year, and no requests for money. As if! I deleted it and I hadn't viewed much of the 20 minutes it would have lasted. By that time I noticed the part of the sending email after the "@" and it was quite long and had "Bahamas" in it!

I will now examine all the address of any incoming email.

While I'm on, is the following rule correct:

"When searching for an object in, eg., Google, several sites come up containing the search word. Be careful before visiting a site which has an unfamiliar word immediately after "www." followed by a word such as "Microsoft", "BBC", "Government" etc. You are not visiting those sites."

 

[Tim Locke]

My trusty Thunderbird Email client allows me to see the full headers of a message. The number of emails that are similar to:

(e-mail address removed) or (e-mail address removed) but when you see the whole header they are spoofed from Security@ badguy.ru. 2 or 3 a week here.

 

[Norton]

I have had many similar calls over the years, more so now with Windows 10. It's definitely a scam. MS would never call and ask about your computer activity. Once they (scammers) get into your PC they will steal all your personal info, passwords and banking info, and possibly hold your PC ransom until you pay a fee to unlock it, then they disappear and your left with a boat anchor. AS A SECURITY PRECAUTION make sure that "Allow Remote Assistance" is always unchecked.

Open system properties > Remote Settings, and uncheck "Allow remote assistance to this computer".

If they call back play him along and say either you don't own a computer, or you have a "Mac"

 

[Stevekir]

I have had many similar calls over the years, more so now with Windows 10. It's definitely a scam. MS would never call and ask about your computer activity. Once they (scammers) get into your PC they will steal all your personal info, passwords and banking info, and possibly hold your PC ransom until you pay a fee to unlock it, then they disappear and your left with a boat anchor. AS A SECURITY PRECAUTION make sure that "Allow Remote Assistance" is always unchecked.

Open system properties > Remote Settings, and uncheck "Allow remote assistance to this computer".

If they call back play him along and say either you don't own a computer, or you have a "Mac"

Sounds good advice. I had to hunt for it. I searched in Cortana for "Remote Assistance" and chose the first offering. That was more complex than definitive, so I chose the second and found this:

It was checked on! Its now off. Many thanks. It seems a mistake by Microsoft to set this on by default.

Perhaps this setting could be included on one of tenforums' tutorials. It seems essential.

 

[Stevekir]

My trusty Thunderbird Email client allows me to see the full headers of a message. The number of emails that are similar to:

(e-mail address removed) or (e-mail address removed) but when you see the whole header they are spoofed from Security@ badguy.ru. 2 or 3 a week here.

My trusty Thunderbird Email client allows me to see the full headers of a message. The number of emails that are similar to:

(e-mail address removed) or (e-mail address removed) but when you see the whole header they are spoofed from Security@ badguy.ru. 2 or 3 a week here.

Mailbird can also allow the message source to be read, but only by first opening the message.

I always believed that once a message has been opened, the sender can tell that it has been opened. Is this true? It could cause a flood of spam etc.

(A whole conversation can be printed, - a nuisance - or, with my Canon printer, I can set it to "View before printing", but the type is very small. Not good solutions.)