There is an extremely common scheme out there in which people in a foreign country will call you and tell you that your Windows operating system has been compromised. This type of scam is called a “technical support scam.” It is when callers impersonate official personal of companies to gain their victim’s trust. From my experiences, these calls almost always come from a call center based in India.
These call centers use cold calling techniques, I assume. They usually prey on the elderly, probably because most of them aren’t very tech savvy. They also assume that you’re running Windows. I get these calls all the time but one this day I got two calls from the same call center the same day at the office that I work in… Where we use a Mac.
I’ve always wanted to do just what they tell me over the phone to really tell how the whole scam works. Maybe do a whole expose on how this scam that is so famous that it has it’s own Wikipedia page works, step by step. I really didn’t want to risk my laptop however, I need it for actual work and not just these messing around.
Just for fun, I let them go their spiel for a few minutes. If they’re going to waste my time every other day I should get the opportunity to waste some of their time, right? I was also super curious as to how their whole scam played out in order of operations. So, I recorded it for all of YouTube and the lesser internet to enjoy:
In the video above, the gentlemen abroad and I end the phone call on a fairly civilized note. When he realized the jig was up, he admitted defeat and nobly hung up the phone. I’ve taken many calls from these guys, and often when they fell they have wasted too much time on you they pass you off to their “managers.” When these managerial types realize you’re messing with them they’ll tell you to do something very explicit to your mother. It sounds funny, but that seems to be their actual protocol, proven to me by my own experiences and several YouTube videos chronicling the same basic insult.
So how does this scam go down? Well fortunately it’s a pretty easy ideal to chronicle because all of these callers, whether in the same call center or not, all seem to say the same things.
They start off their scam by asking the user to press the Windows key and the R key at the same time. “R as is Rodger,” they seem to say every time, without fail. I’ve had many calls from these places and they all seem to have the same basic script and stick to it pretty well. For when they ask you to enter an “A” they say “A for America,” which cracks me up every single time.
If you actually click on these keys they ask you to it open up the Run command. From here they ask you to type “cmd” into the box. You all know how that goes, C as in California, M as in Mother, and D as in Doctor. This combination of letters if you don’t know, opens the Command Prompt.
The scam works by giving the victim a sense of trust and confidence in the caller. They identify themselves as an official Windows help center and direct them to their computer if they’re not already there. Phase B is to guide them through a process in which they tell the victim what buttons to press from their keyboard that will open up the command prompt. They ask the victim to type Then they read the victim a string from the command they had you enter and claim it’s your “Windows serial key.” This string is not your Windows serial, and the same string will be displayed on any machine running Windows.
The scammers then have the victim open up the event viewer by having them type “eventvwr” into the command prompt. Event viewer when not read properly can make it appear as though you have massive amounts of errors on your system. Hardly anybody knows what the items in event viewer mean. When these thing appear to be true on the screen, it captures the victim’s confidence leading them to trust what the scammer is saying.
This type of scamming is called social engineering. It is a term used to describe when scammers trick their way into gaining your trust and getting you to give them information.
The next goal for these scammers is to gain remote access to their victim’s machine. When the victim gives them access, they proceed to lock them out of their machine. Once they have this, they ask for a credit card number and demand hundreds of dollars to let the victim back into their machine. I’ve never gone through with the entire scam, but I’ve heard estimates of $200 – $400. Ouch.
Be careful out there, and remember, Windows is never going to call you. Have you had these kind of calls before? Tell us your experiences with them in the comments below.