‘Microsoft’ scam still going strong


If someone phones you out of the blue saying there is something wrong with your computer, hang up immediately – unless you want to part with upwards of R4 000 and give cybercriminals remote access to your computer.

Since at least 2009, people across the world have been targeted by the “Microsoft” scam and the Far South has been no exception.

What happens is someone phones you – on your land line – to tell you that they have detected that your Microsoft or Windows is not operating properly, has slowed down or has a virus – or any one of a number of general comments designed to sow confusion or fear.

Generally the scammers, men and women, speak with an Indian accent and give a fake English name such as William in Fish Hoek last week or, as in the first time the Echo reported this scam, Rex Robinson (“Online scammers target Far South”, Echo, October 27 2011). They are always most persistent, phoning back several times. If you are not at your computer they will phone back until you are.

Once you are suitably worried, you agree to download a program – usually from a legitimate site – which allows them to control your computer remotely and install malware (malicious software).

You might see a screen pop up with messages from the scammer – a sort of email – and you will see your cursor move across the screen without you moving it. The scammers have gained access to your computer and are using it from their location.

“They can get your passwords or monitor your banking,” said Roch-elle Vallender of PC-Mac in the new Sun Valley Mall. “It depends on how toxic the malware is, but it allows them remote access and they can turn on your computer from sleep mode.”

You also might be persuaded to give them your bank details on the spot which they claim pays for anti-virus software. In the recent Fish Hoek example, the scammer wanted R4 000.

They also download programmes which freeze or lock your files (such as the Locky virus).

“Locky locks your files away,” said PC-Mac technician Tristan Wills.

“You have to pay a ransom. Once you pay them, they give you a ‘key’ which unlocks the files.”

Ms Vallender said one person paid twice to unfreeze their computer and when he was about to pay for a third time, his daughter whip-ped his computer away and brought it to PC-Mac who cleared the computer of the viruses.

“Generally it is the people who are not too computer literate who are affected and they panic,” said Ms Vallender.

The “faults” the scammers point out are often common, non-problematic issues such as your computer is slower than when you bought it – this will inevitably be the case as your computer fills up with data or programs.

“Sometimes we have to reformat the whole machine,” said Ms Vallender, which means people lose everything on their computer and have to start again. Other times, it is a simple process of running a malware program and several anti-virus programs to clear the infected computer.

PC-Mac sees a regular number of computers coming to be cleared or reformated, with a spike in infected computers two months ago.

“Microsoft will never ever phone end users,” emphasised Mr Wills.

This is confirmed on the Microsoft website which states “Neither Micro-soft nor our partners make unsolicited phone calls … to charge you for computer security or software fixes,” and warns people not to give any personal information.

The Microsoft website is among many which gives useful information about the Microsoft scam and what to do if you are phoned.

If you are phoned, hang up immediately, said Mr Wills. If you have already given them some information before you realise that they are scammers, hang up and unplug the ethernet – take out or switch off the link between your computer and the routers (these look like phone jacks) or just switch off all plugs.

Then phone a computer shop for advice. You can download your own malware and anti-virus software – but this can also be fraught with problems as you might hit a rogue site pretending to be a legitimate site, or download legitimate software with malware viruses attached.