Phone phishing scam posing as tech support is on the rise

The bad guys are getting worse. And more clever.

Ever since the telephone was invented, people have found ways to abuse it. Since it provided almost complete anonymity, skilled phone operators could bilk thousands of dollars from unsuspecting and unaware masses unfamiliar with scammers. Fortunately, the public got wise to strangers asking for credit card information over the phone out of the blue, and the invention of Caller ID really helped as well.

Then came the internet, and the scammers rejoiced. Letters from royalty in Africa and lottery firms in England went out, and many fell for the bizarre ploys. After many fell for these crazy schemes, the word got out, and the public stopped falling for it. (If you want to know why those scamming e-mails still wind up in your spam folder, it’s because unfortunately, they still work on some people!)

But scammers and phishers are not easily thwarted. They come up with new angles.

Most recently, it was reported that there are “one ring” phone scammers, who will call you and purposely hang up, tempting you to call them back. If you do, you’re hit with a ton of phone charges, because you’re now actually calling an international adult entertainment call center. Just being connected for two minutes could cost you $30 or more.

But now, we’re under a new, and well designed, phone-phishing-computer attack.

Just within the last 24 hours, I received two phone calls to my home. The first was from an unpublished number, the second from a number with Caller ID (if you want to know the number, please contact me and I’ll let you know!). The operator wasted no time: He (and she on the second call) asked for me by name. He then went on to tell me that my personal computer was experiencing some vague problem (it was downloading unusual software, had a virus, etc.) that his security firm detected and that I needed help.

I was instantly on the alert for a phishing scam. So I first asked him how he got my number. He told me that I had registered with their firm when I first got my computer. So I pushed him a little further. “What kind of computer do I have,” I asked. “You have a Windows computer.” Now, we have one PC in the house, but it was purchased by my wife. I have two Macs (we Make Tech Better, remember? We have a few computers–and know quite a bit about scammers!). I replied, “No, I have a Mac.” He insisted, “No, you have a Windows computer.”

At this point, both he knows and I know that he’s lying through his teeth. So I bait him further.

“Uh… no. I really don’t.”

He went on to insist that I was lying. And then–and this always kills me with the scammers–he starts yelling at me, as if I was the criminal here.

Out of frustration, he hung up.

The insidiousness of this particular scam really bothered me: Many people know about plain old phone scammers. Others know about computer phishing. But combining the two: Calling out of the blue and telling people there’s something wrong with their home computer–it sounds plausible to unsuspecting and somewhat novice computer users.

I’m writing this at 7:30 in the morning because after yesterday’s scammer, I got another this morning at 7. This time, it was a scammer with a huge call center and a listed phone number. Thinking it might be a school delay (it is pretty snowy and icy out there!), I picked up. The background noise on the other end of the call sounded like hundreds of operators phishing for victims. My operator, a woman, didn’t even ask me my name, but simply reported that a Windows computer in my home had some unusual download activity on it, and that I’d need her services. She was polite (and I wanted to know more about this scam), so I said, “Oh my! Wow. Really? Hey, could you tell me the name of your firm and its phone number?” CLICK. Yeah. That did it.

Since I hadn’t heard of this scam before, and because it’s a convincing enough argument for possibly many, I wanted to be sure to get the word out now.

If anyone calls you who isn’t actively monitoring your computer via a path that you or the tech firm haven’t formally configured on your computer, they are a scammer. There are so many ways people can find your home phone number and name, and since there are still a majority of Windows users out there, it’s a safe bet for the scammer to say there’s a problem with your Windows computer.

I’d love to hear from anyone else who has been hit with this devious call.