Microsoft is Not Watching Your Computer

Over the past year we’ve had several clients contact us to tell us that they had received calls from “Microsoft” indicating that they had errors on their computer, and that “Microsoft” wanted to fix those errors.

Having received two of those calls as well, and having promptly hung up on those calls, we thought that most people would do the same.  Apparently this is not the case.  So please read this post so that you can protect yourself from a social-engineering hack.  And share this with others as well, especially those who are not computer savvy.

Here’s how the hack goes:

Your phone will ring and a person on the other end, usually with a foreign accent (ours had an Indian or Pakistani accent both times) identifies himself as being an engineer with Microsoft and they discovered an error on our computer, and they needed to fix it.  The way they want to fix it is to remote into the computer, by the victim going to a web site that installs remote control software.

If the victim seems dubious, the hacker asks them to go to a folder on their C: drive and look for a file called rundll32.exe (or any common Windows file).  Once the victim sees that file (which is on every Windows computer), the hacker says that it’s a dangerous file and that he will remove it.  He then directs the victim to a web site where the remote control software is installed.  Once it is installed, the hacker has complete control of the computer.  They will tell the victim that they are removing the bad files, meanwhile accessing the victims private information.

The hackers are brazen at times.  One of our clients allowed two of his computers to be accessed, and then the hacker had the audacity to tell the victim that they owed $199 for the “clean-up job”, which the victim reluctantly gave.  Then they called us.  It took several hours to remove all the malware installed by the hackers.

Again, they usually prey on people who are not computer savvy, and, since they sound convincing, the hackers are successful many times.

We have received two of these calls.  On the first one, we played along to determine their method.  Although we never let them get to the computer, and then stopped them by telling the hacker what we did, we were able to gather some information.

The hackers are based in India or Pakistan (ours was in Pakistan).  They are in a phone room and randomly call US numbers.  If successful, they are paid $150 US for each hack.

So here’s a very basic thing to remember:  Microsoft does not monitor your PC for errors.  If someone from Microsoft calls you to tell you there’s an error on your PC, HANG UP.  Quickly.

Now, if you’ve received a call like this and have allowed a hacker access to your PC, and have not had your PC cleaned, please contact us right away.  Once the hackers have access, they will continue to have access.  Our contact information can be found on our web site pcmdx.net or on our Facebook page facebook.com/pcmdx .