So, I'm minding my own business after dinner last night, and my cell phone starts ringing with a number I'm unfamiliar with - that displays a Seattle area code.  I answered, and quickly realized I was talking to a genuine scam artist.  Here's what happened, and how you can avoid 'em if they start ringing your phone.

The number was (206) 456-0661 - which is important, because any of these unfamiliar numbers can easily be Googled, and 9 times out of 10, you'll likely see some discussion from people who have endured similar scam attempts.  A quick check of this particular number confirmed that something was definitely up, pages and pages of people who had gotten calls with the same routine - people with fairly thick Middle-Eastern accents claiming to be from Microsoft's tech support department.

They start rapidly trying to convince you that your PC is sending out malware and error messages to them, someone is tampering with your computer, and they're here to help you deal with the "infection" - they just need you to get in front of your computer.  I played along to get an idea of where they were headed - and it was quickly apparent that their goal was to get me to start going through some steps that would ultimately give them remote access to my computer.

I tried to play the role of someone that was computer illiterate for a bit to keep them talking (and for sheer amusement), which definitely peaked their interest at first, but after some stalling and a couple of questions on my end, the call was quickly disconnected - I heard a quick automated voice that mentioned "being removed from the conference", and then nothing.  Trying to call back, pretty much a lost cause - as they're already hard at work trying to reel in the next victim, I assume.

Goes without saying, you should never believe a word from anyone that calls you up out of the blue with a story like this - cyber-criminals are always looking for a new angle, and several have been trying the phony tech support routine lately.  Companies like Microsoft would never call you direct for unsolicited tech support - which most of you already know.  You'd be surprised though - there's a lot of people who think this is legit, particularly the young and the elderly.  So spread the word - you might help save them some time and trouble.

Generally, the end game is to get you to:

  • Install malicious software on your computer.
  • Take control of your computer remotely, and adjust settings so that your machine is vulnerable.
  • Phish for your credit card information in exchange for their "services".

This link has some more great info on how to recognize scams like these before they happen, or report them afterwards, if you or someone you know is a victim.