I got a call from a guy named Harry (yeah, right, this guy with a middle-eastern Indian-sounding accent's name is Harry), who claimed that he got my number because my Windows was reporting problems to his server, and he was calling to help me out. Good thing too, Harry! (Interesting choice of names - this was Peter Parker's friend who turned out to become a super villain...but that's a different universe.)
I asked him how he got my phone number. Harry told me that everyone who has a Windows computer has a unique computer license ID number (TRUE), which is automatically registered with them (FALSE - it is only registered with Microsoft, and they do not share their customer registration information with any third party companies). And that they receive reports at their technical server that goes to their R&D center, and notifies them of issues. (FALSE: Nobody would do this without a service contract that would bill you periodically.)
He then told me there were a bunch of problems with my Windows computer (I held off, not telling him I have Macs). I decided I would play the dumb user, so I went along with him.
First, he wanted me to run the Event Viewer. OK, harmless enough. Then, he showed me a log of errors that Windows keeps. He had me look at the count of errors, and whatever number I gave him, it was too much (it was 8,232). [FACT CHECK: During the normal operation of any computer system, it will log errors. This is fine - some non-essential part of the computer failed to do something the way it expected, it logs an error. Typically, this is nothing to be concerned about. If you are concerned, take it physically to someone you trust, not to some guy who calls up over the phone.] Then close that window, and run MSCONFIG. This tool shows startup jobs, as well as services. He had me look for any services by Microsoft Corporation that were stopped. There were a lot, and he said this is bad. [FACT CHECK: There are always some stopped, by the way - not every service is turned on. In fact, I had specifically gone through just a few months back and disabled some more non-essential services, to improve performance of my system, but he didn't know that.]
So, he said that the bad software I get from e-mails and browsing the web, disabled important Microsoft services. [FACT CHECK: This is typically the way bad software gets on your computer, but this is the way that the antivirus security software checks and protects most often.] Then, he wanted me to go to a web site, www.mypchelp.us. This one failed to come up, so I can only guess that the domain has been blocked by net monitoring.
So, he had me go to www.fastheal.net, and wanted me to click Connect to Technician. [FACT CHECK: This is the kind of attack that is harder to protect against. They get you to run something over the web browser, or install a program remotely with your permission, during a time when they have obtained your trust.]
This is where they get you. I had played dumb with Harry, stringing him along, and pretending I didn't understand ("how do I find the Control key? Oh, the CTRL key!"). After half an our of having this guy patiently explain to me how to minimize a window, find the CTRL key, and find the Windows key, let alone type in the commands he wanted (all the while I was Googling the stuff he told me, came across this warning by Microsoft), I asked him if the Connect to Technician will fix my problem. I said, because I have a big problem, I have too much money in my bank account, and wanted someone to steal it from me to help me with the problem.
The dude didn't know what to say. I told him I had been a Windows expert for 30 years, and now have Macs, so I don't even have Windows at home. And, that I would be reporting the phone number and web site to the FBI and FTC. Ah, so much fun making the guy squirm in his chair when I asked "Where is the Control key?" - if only I could see his face.