I work at a small ISP in a rural state, yet even this isn't enough to escape from a thing that's going around. The thing is the tech support cold-call scam, and even though it's been going on for two years in the US (three now in the UK, EU, and Commonwealth countries), few people know about it.
How many of you dear furry readers out there use Windows? A lot.
How many of you Windows users use Windows 7? Right now, about half of you. The other half are using Windows 10, Windows 8, or Windows XP, with a tiny few hanging on to Windows Vista.
How many of you are having either occasional or frequent problems with Windows? An awful lot of you, right? Some occasional, some frequent, and not nearly enough of you without any big issues. Such is life with Windows.
So with this setup, now comes the call.
You get a call from someone who says they're from "Windows technical support," and they're calling because your computer is sending them errors. They could also say they're from Dell or HP, or from your ISP. Anyway, they say your computer has errors, or it has viruses on it, or it has hackers on it. Of course, now you're scared.
They offer to fix the problem for you. You're too scared to think, so you agree to let them. Or maybe you're not so sure, and you ask them how they can be so sure. They'll walk you through opening the Event Viewer and filtering the logs to show you only errors. These errors, they tell you, are viruses or hacking. If you had any doubt and weren't scare before, you're scared now.
Next, they tell you to go to some Web site, and they'll be as patient with you as they can while you type in the address they give you. At this address, they'll walk you through downloading a remote access program, running it, and entering a code that will let them in to fix your computer. Now you've let them in, and they can do anything and everything you could do if you knew how.
Once in, they'll poke around, download and install a wide variety of "cleaner" programs through affiliate networks, delete as much of your ability to undo their changes as they can, and open up a Web page to demand payment from you for their "helpful" service. Here's where they've got you.
If you fall for it, you part with the money if you're lucky, or with your identity if you're not. They thank you, hang up, and leave you with a PC that's now a thousand times worse than before.
If you catch wise, then you'll pay even more dearly than that. If you refuse to pay, or if you hang up on them, then you've forgotten that you gave them control of your PC when you downloaded what they told you, and they still have it. And there's a really neat and powerful tool in every version of Windows from XP on called SysKey. They'll use it to lock out a Windows registry hive called SAM with a password, and they'll scramble the password so you can't guess it. With the SAM hive password-locked, Windows can't recognize any user accounts, and it must recognize an administrator account in order to run its repair/recovery tools. Congratulations, you're now the proud owner of a paperweight. A tech-savvy person like me might get lucky and be able to fix the damage, but it won't be easy or cheap.
So what do you do?
Well, remember this: Whenever you have a problem with your PC, you call the experts, the experts never call you.
You will never get an unexpected call from any tech support group unless you have spoken to them before and entered into a support contract with them. Home PC fuzzies, I can safely guess that none of you have done this. Hang up the phone.
If you have any doubts at all, if you have that nagging feeling that maybe they're who they say they are and that maybe they're right, then get a ticket number or issue number from them and hang up, or just hang up anyway. Then call them back, not using any phone number the caller gave you, but using a phone number from your bills, your manufacturer's or ISP's support Web site, your manuals, or even the phone book. If they follow up on it, then everything's supergreen. But if they don't have a clue what issue you tell them they said, then by hanging up earlier you saved yourself from getting scammed.
You wouldn't let anyone calling unsolicited to sell you anything over the phone without a PC. Don't let anyone who calls you unsolicited access your PC remotely for any reason.
Don't fall for the tech support cold-call scam.