A Wisconsin woman who fell for the “Microsoft scam” last month found a relatively happy ending to her story: the scammer hasn't been identified or caught, but a police officer with good computer skills was able to undo most of the damage he caused.
The Microsoft scam is simply a brand-specific version of the “tech support scam,” which usually works like this: the scammers contact the victim over the phone, pretending to be tech-support personnel from Microsoft or any other tech company big enough to have a customer-support staff. (If they try using email to reach you, then technically they're attempting a “phishing” scam rather than a “tech-support” scam. Regardless of the label, the scammers have the same basic goals, and you need to be wary of them all.)
The faux-Microsoft scammers will tell you they've discovered a security flaw in your computer's Microsoft operating system, but they can fix it for you, right now, provided you give them remote access to your computer.
Of course, if you go along with their suggestion, it will end badly for you. The single most important rule to protect yourself from phishing, tech-support and similar scams, is “Don't call me; I'll call you.”
Calls from the blue
In other words: if you personally notice a problem with, say, your Microsoft system or Netflix account, and want to contact Microsoft or Netflix to complain about the problem, that's fine. But if someone claiming to represent Microsoft, Netflix or any other company calls you, out of the blue, offering to fix some problem you never even knew you had — don't believe it. That's not a Microsoft staffer or Netflix security expert on the phone; that's a scammer trying to ensnare you.
Sometimes the scammers are trying to plant various forms of malware on your computer — anything from spy software that monitors your personal computer activity, to zombie software that takes over your computer and uses it to send phishing spam or malware viruses to still more people, usually without you even realizing it.
But last month, an unnamed woman in Madison, Wisconsin fell for a Microsoft scammer who essentially tried holding some of her key files for ransom.
News source Channel3000.com reported this week that a man claiming to be from Microsoft called her and asked for remote access to her laptop. Once he got it, he deleted certain files and demanded she use her credit card to pay him $200 if she wanted them back.
She did not give him her credit card information, and did call Madison police; an officer was eventually able to restore her deleted files.
But the scammer is still out there, and probably still calling potential victims. If anyone claiming to be from Microsoft calls you about a supposed problem, hang up at once, the same way you'd hang up on any so-called tech-support person who expects you to ignore the anti-scam security rule “Don't call me; I'll call you.”