by Dr Greg Chapman
Recently I was contacted by a business claiming to be ‘Microsoft Authorised’ regarding a malware notification they had received from my computer network. The sophistication of the approach was quite convincing, but there were warning signs that I will expose here to protect others who may be contacted by this group.
The person ‘Mark’ claimed to be a Microsoft certified technician tasked with contacting users whose systems had sent automatic notification of their vulnerabilities. The purpose of the call was to show me how I could remove this dangerous malware which would infect all other computers on the network.
Naturally, I was a little cautious as this was an unsolicited call, but Mark said that for security purposes he would demonstrate that this was a genuine call from Microsoft. He asked me to write down a 12 digit code which he said was the unique operating system security code only known by Microsoft and my system. He then gave me some instructions on how to find this code on my system, which of course matched this code. As I’m not tech savvy, I didn’t know whether this code was unique or not, although I later googled this code, and apparently it’s present in 90% of Microsoft operating systems.
Next he directed me to enter the eventvwr command and asked me how many errors it was showing. When I told him, he said this was ten times what you should normally see and this is the fault of the malware. He said that he would now direct me to a site which would remove all the malware on my network in a few minutes.
This was obviously the crucial step. The point where I would be providing system access. As a marketer, I always refer to the sales pipeline, where you move a prospect step-by-step towards the sale. I recognized that we were approaching the close. So I asked some questions.
“Mark” I said, “I’m feeling a bit uncomfortable about this whole process. I need some further verification that this is all legitimate” “That’s very wise of you” he said. “There are lots of scammers out there, but I have proved who I say I am by showing you that we represent Microsoft through knowledge of your unique operating code.”
“I’m still a bit concerned” I replied. “Perhaps you could give me a number which I can call you back on?” (The number on the phone as No Caller Id.) “Or perhaps a sending me an email confirmation?”
At this point, Mark became quite defensive, even a little offended that I was questioning his veracity. While this was happening, I googled to see if there where any scam warnings out there on this topic, and sure enough there were.
I hung up after that. What impressed me was how well defined the script for this scam was and the steps they used to gain trust. Somehow, they had also managed to obtain my direct no. which I had provided previously to Microsoft when I had recently contacted them on an unrelated technical matter. (Possibly a coincidence?)
A lot of effort was spent in building the trust of the mark (me in this case), and although ‘Mark’ didn’t close the sale (scam) on another day he might have.
Make sure you let others know about this dangerous scam.
Subscribe to this Blog to be notified about more Small Business news and tips as soon as they are posted.
Share this article:Microsoft Scam Alert
Over to You. What do You Think? Post Your Comments Below. [Note to those seeking a free ride on our google ranking, blog spam will be deleted, but genuine contributions will be happily approved.]
Dr Greg Chapman is the Director of Empower Business Solutions and is Australia's Lea ding Advisor on Emerging Businesses and provides Coaching and Consulting advice to Australian Small Business Owners in Marketing & Business Strategies Planning & Systems. He is also the author of The Five Pillars of Guaranteed Business Success and Price: How You Can Charge More Without Losing Sales.
Promote Your Business on our Facebook Fan Page