Windows Secrets Newsletter: Scammers & Windows’ Event Viewer

windows secrets

By Woody Leonhard/Windows Secrets Newsletter

Most of the Windows utilities we talk about in the Windows Secrets Newsletter help you work faster or better or smarter, but Windows Event Viewer doesn’t fall into that category.

A powerful diagnostic tool, Event Viewer is now being used by online support scammers who make big bucks preying on people’s fears.

As I explained in my Feb. 3 Top Story, scammers are cold-calling people in North America, Europe, Australia, and other locations, claiming to be Windows support technicians — in some cases, gaining access to users’ PCs and personal information.

The con I discussed back in February described how a caller, possibly from India, contacted a Windows Secrets reader in the U.S. and claimed to be working on behalf of Microsoft support. My reader had posted a support question on what he thought was a Microsoft site. It was a very good con: the scammer knew the reader’s name, phone number, and the fact that he was having a problem with Windows XP. He cleverly convinced the reader to open Event Viewer and look at all the red and yellow flags indicating a malware attack. The con almost worked.

Of course, any phone call to a household in North America stands a good chance of striking pay dirt when the topic is some sort of Windows problem. Call ten people in your town at random, and say you’re calling on behalf of Microsoft (and sound like you know what you’re talking about), and I bet at least one or two of your neighbors will take you up on the offer. In my neck of the woods, it would probably be closer to nine out of ten.

In the case of my nearly duped reader, the scammer first tried to get money for the support, claiming the Windows warranty had expired. The reader was almost convinced to give the con artist direct access to the reader’s home computer via Windows Remote Access. Fortunately, the intended victim smelled something fishy and cut off the conversation. But how many other people that day got snookered by that same wily scammer?

It could be many. Lately, I’ve received a rash of messages from people who have been approached in similar ways. There’s even a post about it on the Windows Secrets Lounge. So be aware of this malicious con. To help you understand how it works, I’ll dissect this specific scare technique — used to make you believe you need their help. It all hinges on Windows’ Event Viewer, which I talked about briefly in my March 4 Top Story on the Windows Reliability Monitor.

Here’s the rest of the story.

This post is excerpted with permission from Windows Secrets.

(Visited 5 times, 1 visits today)

11 thoughts on “Windows Secrets Newsletter: Scammers & Windows’ Event Viewer

  1. I received one of these calls a couple of days ago, showed me all the viruses I had, very convincing until he started asking for £150 to fix them, he was an indian “gentleman” so told him to Go away, and put down the phone, he then rang back, again said go away, he rang back 4 times, in the end I left him hanging, and put the phone back after 30 minutes, hope it cost him a lot of call time.

  2. I NEVER answer my phone. Even though I’m on the do not call list, the calls keep on coming. The 800/855 etc never leave a message and usually give up after a while.

  3. I had another of these calls the other day. Indian of course. I hung up a couple of times, but altogether he called back three times; the third time he was annoyed I hung up on him and he called me a c***sucker! I threw some F-bombs back at the guy and put the phone down. Something needs to be done to end this scam.

  4. I make it my purpose in life to keep these scammers on the phone as long as possible.

    For every minute they waste talking to me, they are not scamming some vulnerable person that could be taken in by such a cowardly crime. The longest call time I have achieved is 1hr 40mins.

    The way to keep them on the line is to say something like “I would give anything to have my computer virus free”. Don’t use techno words like PC, icon, hard disk instead use works like computer, picture, memory.

    I keep a virtual machine available and I let them connect to that, it has no direct connection to drives on my PC and is in an IP subnet that doesn’t route to the rest of my home network. I have even gone to the extent of loading up a couple of real viruses for authenticity and renaming the virtual display and controller devices to make them look real.

    It’s really difficult to keep cool and not to get angry with these people. In the early days I would ended up telling them what I think of their criminal methods, but now I have found the actor in me and I find it easy to adopt the “please help me” attitude
    they feed on.

    These days the call usually ends with the scammer passing me to 2nd or 3rd level support, there they take my credit card number to take payment for an engineer to come out. I make up the credit card number CIV number and my address, they then go away happy.

    Sometimes they call back saying the credit card number didn’t work. I go into acting mode and apologise, usually they are angry by now and after a few minutes of palying with other fake credit card numbers they terminate the call.

    I’ve never been asked for bank account numbers but I have been asked to provide a picture and an example of my signature once (I gave fake ones of course)

    All in all, a very rewarding way to spend an hour or so. I come away feeling like I have saved someone from being scammed.

    If more technically minded people followed my example then I guess it wouldn’t take long before these scammers stopped committing this crime.

  5. Wehave the same in NZ, usually an Indian or Asian accent telling you, you have a virus. I have been called and say I have a perfectly good virus check, and have just run it. The sad part is, a lot of people just leave the caller talking and go and make a coffee, to fill in time. When they come back the ‘perp’ is still there burbling on. But it has been found out that a lot of them have stolen some poor suckers phone I.D. and are using their number and knocking up some enormous accounts.

  6. I get these calls constantly but I either put on my little old lady voice and say I don’t have a computer or most often I say that if my computer has a problem I will take it to a local technitian They immediately hang up

  7. I’m sorry but if people are fooled by this sort of nonsense then they get what they deserve.

    You are all supposed to be big boys and girls now, and owning a computer and going on the internet require you all to take some responsibility for your own safety.

    That’s the trouble…society has become so over regulated and dumbed-down that people have forgotten how to think for themselves. There is a regulating body for this, and a regulating body for that; that everybody seems to think their own security should be somebody else’s problem. They probably think its their governments fault and/or job to protect them.

    To say that scammers have got more clever or sophisticated, if flattery the idiot populous doesn’t deserve. Its not that scammers have got more clever, but rather, the populous has got dumber.

  8. I purchased RegCure from Pareto Logic (paid via PayPal) and IMMEDIATELY got two emails. (1) receipt from Pareto and (2) one with a number to call to walk me through the program and check out my system. Stupidly I let them do it. I was already planning a reformat but was curious as to the shape of my registry. They pulled the same nonsense about security problems in my computer but when they asked for another $199 because that was the ONLY way to clean it I said , “No way!” and said I’d reformat. He said even a reformat wouldn’t fix security issues. I hung up. And then I reformatted. And changed passwords for all financial sites.

  9. I’m pretty sure I got one of these calls this morning. The guy had an accent, said he was calling about my computer, and asked “how are you today?” Whenever a cold caller asks after my health I hang up, but I’m sure a more sophisticated approach could get past my defenses.

  10. The big problem with that scam is that credit card COULD and SHOULD BLOCK transfer to their account: government should force them to do so and it is not happening. So long as they (government and credit card company) permit it: it will never stop. All that to the costumer’s expense…

    • Some Banks will call if the charge looks suspicious ( mine did; Chase ). If you see something on your statement that is suspicious, you can call the bank and have it looked into as well.

Leave a Reply

Your email address will not be published. Required fields are marked *