Raymond almost falls for the Microsoft Phone Phishing Scam
I guess I’m just gullible. I received a call from a man with an Indian accent claiming to be from Microsoft. He told me that my computer had come up as “infected” and gave me a code that would allow me to connect with a Microsoft technician to clean my system. You won’t believe this but I actually entered a code provided by the first caller – but then I got very suspicious. and I stopped.
What has me concerned is do you think this infected my XP computer? I remembered reading your article about running System Restore right away at the first sign of trouble but I don’t know if this would be enough. Do you think I should I reinstall XP just to be safe? Should I be doing something else?
Anything you can tell me would be much appreciated.
Our answer
You almost got yourself in trouble but you did the right thing. If you think about it – it’s not hard for some criminal to call you at random and tell you that your Windows computer has shown up as one that was infected — then offer to “fix” it for you. There are about 1 billion Windows computers in the world — and odds are that about 5 of 7 phone calls are going to end up going to someone with a Windows computer in their home.
System Restore will remove any executables that were installed subsequent to the restore date you chose. Since any malware or spyware or Trojan would be an executable, running System Restore and using a any restore point created prior to the phone call would be sufficient to remove whatever (if anything) the criminals installed You may want to scan your computer with a good online scanner — or with Malwarebytes just to make sure. But my bet is that System Restore has removed any infection that may have been injected on your computer during that call.
Here’s something from Microsoft that should help you and everyone else too.
“BEWARE – Users have been reporting they have received phone calls, some claiming to be from “Microsoft”, telling them that that their computers are infected. The caller asks the User if they are online and if their computers are performing slowly.
If their computers are not running, they will ask the User to boot the system and report on the start up time or, if the system is running and online, they will tell the User that a tech can take over control of it and clean a “virus infection”.
This is a scam.
If you happen to receive one of these phone calls ask the caller for the name of the company, where they are located, and their phone number.
Then hang up and report this to:
IC3 (internet crime) http://www.ic3.gov/
Your Local FBI Office ( if you’re in the US) http://www.fbi.gov/contact/fo/fo.htm
Microsoft will never , repeat, NEVER , cold call people who use Windows.
NEVER allow strangers to take over your computer.
If you have not called any tech support center for assistance then NEVER allow anyone who calls you unsolicited to take over control of your computer. ”
You did the right thing by running System Restore right away. It’s the smart thing to do if you even suspect in the slightest that your computer as been infected. Running a restore point which dated previous to the suspected infection will restore your computer back to the state it was in at the time the restore point was created.
I had someone call me and tell me that too and it was so funny because I said “Well, isn’t that strange because I don’t have a computer”. There was this pause because they weren’t expecting that so then they said “oh, did you sell it then?” and I told him that was none of his business and hung up. Since them I haven’t had another call like that.
Very informative article. I’m glad I came by this page. I had the same problem. I got a call from 206-456-0661 and I did the same thing as Raymond so I got worried and afraid to connect to the internet again for fear that they might still be able to log into my system. Besides, I found out that the phone number’s been reported here http://www.callercenter.com/206-456-0661.html for scamming which increased my skepticism.
Well, I think it’s okay now that you posted an answer to it. Thanks!