MintLife columnist and consumer advocate Christopher Elliott is answering a reader question today. Are you getting unsolicited phone calls from the “help desk?” Here’s what to do:
Question: I’ve gotten a couple of phone calls lately that seem really shady and I wonder if it’s the start of a new form of phishing. Both calls have acted like they were following up on a technical question. One claimed to be from Google and the other claimed to be from Microsoft.
They wanted to “help” me with software that is popular but I don’t currently use. The numbers didn’t show up on my caller ID and the callers didn’t sound as if they were legitimate.
It seems like a way to trap many people who are uncomfortable with technology. Have you heard of anything like this? — Lauren Bear, Minneapolis
Answer: Hang up the phone! These callers are after your credit card numbers, passwords and other personal information, and they are definitely not from Microsoft or Google.
Let’s get one thing straight: neither of these companies will call you about an issue like this.
According to Microsoft, the company will not initiate any such calls. “Cybercriminals have started calling people on the telephone, claiming to be from Microsoft, and offering to help solve their computer problems,” the company says.
Once the scammers are in, they will:
- Trick you into installing malicious software onto your computer.
- Take control of your computer remotely and adjust settings in order to leave the computer vulnerable.
- Request credit card information so that cybercriminals can bill you for phony services.
“Microsoft will not make unsolicited phone calls to help you with your computer,” the company adds. “If you receive a phone call like this, hang up.”
The same thing goes for Google. The company will not call you to tell you your PC is infected with a virus or that your computer is running slowly. The company also won’t ask for your password or credit card number in a cold call.
Scammers have been invoking the names of these tech companies for at least two years to extract information from unsuspecting users. Usually, victims are duped into taking quick action by claiming your computer is infected by a dangerous virus or malware. Also, the scams come and go in waves. The most recent one involves Microsoft tech support calls, but I imagine Google could be dragged into this on a large scale any day now, too.
What to do? After you’ve hung up, report the phishing to the company the call purportedly came from and US-CERT. You can do that online or by email at email@example.com. If you’ve inadvertently given the fake tech support operative any information, quickly change your password and notify your credit card of the fraud.
If you’ve installed any third-party software, uninstall it immediately. It may be used to find additional passwords or to open your PC to additional vulnerability.
And next time someone calls claiming to be from the “help desk” and insisting your computer has a virus, take a deep breath and think about it. When is the last time someone from the “help desk” called you to help you with a problem you didn’t know about?
Can you say, “Too good to be true”?