The Notorious Microsoft Scam from the Scammers Point of View

microsoft-scam-calls-450x188It’s best to avoid unknown numbers at all costs but sometimes you let your guard down and next thing you know someone is trying to charge god knows what to your card or trying to steal your identity.

One person on Imgur  tried to get to the bottom of why these frustrating people exist.

It didn’t turn out exactly like they planned.

What follows is the Imgur user’s response to the well-known ‘Microsoft Scam’. This is really worth the read!

This all started out when I received a random call from a Texas number on Memorial Day. Being that it was a holiday and close to the 9:00 PM cut off for telemarketers to call, I had a feeling what it was going to be. I have been called 8 times prior with the same type of scam so I was prepared. 

The following is a transcript of our conversation:

(SA = Scam Artist) 

SA: “Hello, my name is Kumar and I am calling from Microsoft Tech Support.” Oh great, I was right. Let’s have some fun.

Me: “Let me guess, my computer is sending you virus alerts and you need to remote in and ‘help’ me.”

SA: “No sir, it is sending us errors and yes I can help you clear this up if you let me remote into your computer.”

Considering I work in I.T. I knew exactly how this was going to work and figured I would have some fun.

Me:“What is the MAC Address of the computer?”

SA: “The MAC Address? I do not have that sir.” Of course you do not.

Me:”Okay, I know what you are going to do so just cut the crap, I am not going to give you anything, so just let it go and stop calling me”

SA: ” Sir, I am trying to help. Please let me help you”

Me: “I have all the help I need, so really this is not going to work. You are not from Microsoft, you are not going to help me. You are going to make my financial life a living hell by stealing my card and/or messing with my computer”

SA: Listen here you *insert multiple expletives* I live in Afghanistan and I am going to send people after you”

Sure you are.

Me: What’s the closest city to you within 10km. No response? That’s what I thought, where in India are you?”

SA: *Insert multiple expletives* 

It was time to approach the situation from another angle…

Me: “So does this ever work for you guys? I am sorry for the banter back and forth but I am actually curious.”

SA: “Yes it does. A lot.”

Me: “How does it work exactly?” 

He then gave me more information than I ever thought he would.

Mr Scammer man proceeded to give all the details about his miserable job.

There is usually 3-10 people working for the “company” and usually operate out of Mumbai, Delhi or Hyderabad. They rented a small office under a 3rd party. They use a fake name when signing the lease and have equipment that is provided by the 3rd party aka bankroll. I asked why they use Microsoft as a company. Reason being is that Microsoft and Geek Squad is well known by Americans and people who are not technically inclined are more willing to believe that it is the company as opposed to using a company no one has ever heard of. They use the phrase “sending errors” or “sending virus reports” so they can strike some fear into the target.

The scammer also revealed details on why they phoned you in the first place.

I asked how he got my phone number. He told me that they will purchase call lists from companies that harvest the data from sites where people enter their phone numbers into forms. They are usually purchased for roughly $.02-.$.20 per number. After they have their list, they use an auto dialer that is populated with the numbers to make their calls. If someone hangs up or does not answer, it is recycled back into the system to be used again at a later time. 

The main goal in all of this is for people to fall for it all, by this point the two of them were pretty chill with each other, so even more details were revealed.

If someone wants them to help them, they will remote into the targets computer by using an RDP software such as LogMeInRescue or Windows RDP. At that time they will “run the software” that is set to automatically show a problem even if one is not present. They then tell the target that they can clear the virus/problem off the computer for $21 USD. 

The card details can then all be found out once the person gives their card number over the phone.

They will either purchase items online or try to contact the bank that the card is off of and use phishing tactics in order to try to get the account number. It only works sometimes due to strict banking policies, but sometimes they get an employee who gives the information over the phone thinking it is the real person. 

The scammer finally revealed his name as Kiran and said he doesn’t enjoy it at all and he only does it for the same reason meany people do their jobs.

The city he lives in has roughly 3 million people living there. He is currently in school to get his MCSE (Microsoft Certified Solutions Expert) as well as some other certifications. Because he does not have any currently, he is not able to get a real job and has to do what he can to get by. Out of the $21 that is charged to the credit card, he only receives anywhere between $2-$5 depending on how much information they get from the target. In a country that averages $5,138 GDP per capita, any money coming in is better than none at all. 

Remember that Microsoft will NEVER call you about viruses. If you receive one of these calls, hang up immediately. Do not engage the scammer. Educate yourself and others about these scams, especially the older generation as scammers will often target this age group.

If you have been targeted by this scam, give us a buzz and we can give your machine a once over.