Recently in south/central Indiana, we have been receiving phone calls from a company claiming to be Windows Support. They tell the person that answers the phone a few generic lines that sound real to gain their trust, such as:
“We can see your computer at the address 109.12.68.blah blah blah, (because most people don’t know what this means), and we’ve noticed you have a virus/ corrupted system/ infection.”
“We need you to get to your computer and type in this special address so that we can safely remove it.”
Most of the time, the person sounds like they have an Indian accent, which I’ve had some of my customers tell me that actually helped gain their trust that is was a legitimate Microsoft company! They are calling numbers completely at random from a land-line phone directory of the area. They operate under the assumption that MOST people own a computer. This helped to discover the scam because they would end up calling a person without a computer telling them they could see that it had an infection.
The end result of the call, if someone were to follow through to the end, is that they have you download a free and harmless program that people use to view each others computers for work or otherwise legitimate reasons, and use it to gain access to your computer. When they are in, they open a command prompt and activate the hidden administrator account that all modern Windows computers have, while also putting a password on it. Sometimes if needed, they will also change your password if you use one.
Because they have typed a few lines of code that most people wouldn’t recognize, they then tell you they think they have fixed it. In order to check, they have you restart your computer. This activates the codes they typed and when you try to login, it says that the password is incorrect. Then they say, “Well, you must have the really BAD virus. We can get rid of it for $199.” The people that fall for this pay them, only to watch them type in the password they already know, thereby “fixing” the virus the user never had.
Here’s some take-away points to remember if this happens to you:
- Be sure to get the callers name, phone number, and company information so that you can call the police or the Attorney General. They are actively investigating this!
- There is no Microsoft/Windows Support company that will call customers.
- It is not legal for anyone to view your computer over the internet without your permission if they tell you that they can see it.
- The program they have you download is called Ammyy. As a stand alone program, it will not hurt your computer and can be easily removed. You can read their statement about the misuse of their program by clicking here.
- If you or someone you know must take your computer to be serviced by a technician afterwards, they will not have to WIPE your system. They just need to undo the coding and remove the admin account. Any computer tech worth their weight should know how to remove or change a password without charging you hundreds of dollars to reinstall Windows.
Once this scam has gone around enough, they move on to different areas and area codes of phone numbers. Always remember to question everything. Random phone calls asking for money are almost never safe. If you have questions about what they say, ask for a call back number and call your local computer tech business. Even if you have an infection, they will probably fix it cheaper, and you have the added bonus of knowing who it was and where they are located.
Stay safe! And spread the word!