Follow Up To Microsoft Warning Alert Computer Scam

In my blog post yesterday, I wrote about a Microsoft Warning Alert computer scam.  I have been using computers for the past 30 years now, and I have never come across this scam before, and I came pretty close to being taken by this one.

This particular computer scam made me angry, but it opened my eyes to a whole new avenue of computer scams and fraud that I had not previously understood.  I want to share this with readers, because of two features about this scam and fraud that they might not have know about or understood.

Two days ago, I bought a new to me, used laptop computer.  This computer was in such excellent condition, and it had so many programs that I wanted, that I did not want the operating system to be updated, I wanted everything to stay just like it was.

Yesterday morning I was using this laptop, when a pop up screen appeared **Microsoft Warning Alert**, that was supposedly the result of a computer virus/malware.  Since I had just got this computer, I didn’t know what the previous owner could have gotten into to have a virus/malware on this computer, or if it was me that caused it, I didn’t know.

Since Microsoft is so domineering in controlling computers with the Microsoft Windows operating system, like automatically downloading software updates, installing software updates, turning off and restarting your computer, interrupting what you are doing with pop up screen messages, it was no surprise to me that Microsoft would lock my screen with this **Microsoft Warning Alert**.

I was skeptical and doubtful about telephoning the 1-800 number on the screen in order to be guided through the virus/malware removal process by Microsoft technical support, but I wanted to see if this was a scam or not.  I telephoned the number, and I got a man from India who said that he was Microsoft Support.

This fake Microsoft Support person wanted me to read him the error message, then hold down the Windows icon key and press “R”, then enter in the dialog box “iexplore http://www.support123.ga”.  Doing this, took me to the ConnectWise connection site, where there was a dialog box to enter in a PIN key.  The fake Microsoft Support person was ready to tell me the PIN key to enter, but I told him that I wasn’t going any further, ConnectWise has nothing to do with Microsoft.

At that moment, I thought that this scam was an attempt to get me to sign up for a technical support service, for a fee, because I did not know what the ConnectWise company did.  However, once I looked into what the ConnectWise company was, I found out that this company allows subscribers/participants to allow remote control and monitoring of their computers.

If I had continued on with this fake Microsoft Support person, and had I entered in the PIN key that he gave me, in just a few more steps, I would have unwittingly downloaded ConnectWise software that would have allowed him to remotely control and monitor everything that I did on my laptop computer.  The danger would be, from that point on, if and when I accessed my bank accounts or credit card accounts on the internet, which I do every month, he would have collected my account usernames and passwords.

Here begins the two features of this scam and fraud that I did not know or understand.  One, antivirus software installed on your computer will in no way prevent/alert/stop this type of scam.  Two, banks and credit card companies may try to deny any kind of liability for fraudulent transactions with your accounts because you voluntarily allowed remote access to your computer, though you did so unwittingly or not understanding the consequences.

The first part of this scam, where you get a pop up screen on your computer with the message **Microsoft Warning Alert**, is not a virus or malware, it is just a pop up advertisement, like you might get while visiting any website.  When you telephone what you think is Microsoft technical support, and the person identifies themself as Microsoft Support, you might voluntarily, though unwittingly follow several steps to download software that allows remote access of your computer.  If you asked, the Microsoft Support person might tell you that he needed to look at your screen and entries to guide you through the virus removal process.

When you voluntarily download remote access software like ConnectWise, your computer’s anti-virus programs do not see ConnectWise as a virus or malware, they see it as legitimate software.  I wish that computer anti-virus programs would identify any kind of software that allows remote access to your computer as a virus, but they don’t.

I telephoned the ConnectWise company in Tampa, and their security person said that they do not knowingly or intentionally cooperate with scammers, but their software that allows remote control and monitoring of your computer, can be used to collect usernames, passwords, bank account information, credit card information, etcetera on your computer.

The only way that you would know that you have downloaded and installed ConnectWise on your computer, would be a small mirror icon symbol on your computer screen in your tool bar section.  I never would have noticed a mirror icon symbol or known what it was for, because I already have about 25 icon symbols in my tool bar section of my computer screen.

The point that I am trying to make about the first feature of this scam, is that you might install or might have already installed on your computer a program that allows remote access to your computer, and you don’t even know it because none of the anti-virus programs recognize this as a virus or malware.

One way to check to see if you have remote access programs installed on your computer, is to hold down the Ctrl and Shift keys at the same time, then press the Esc key, this brings up the Windows Task Manager box.  In this box, select the Processes tab.  Look for the following programs, VNC, RealVNC, TightVNC, UltraVNC, LogMeIn, GoToMyPC, and TeamViewer.

A very good article that explains how to detect if your computer is being remotely accessed is https://www.wikihow.com/Detect-a-Remote-Access-to-My-Computer.  This article is step-by-step, easy to understand, with illustrations.

The article that I just referenced above, suggests that one program that will help identify unwanted harmful software installed on your computer that anti-virus programs will not detect, is MalWareBytes, that you can install for free from the website malwarebytes.org.

I downloaded and installed MalWareBytes on my laptop for free.  I ran a virus scan of my computer using Avast which took 20 minutes, and found nothing wrong.  I then ran a virus scan of my computer using Microsoft Security Essentials which took 3 hours, and found nothing wrong.  Then I ran MalWareBytes which took 30 minutes, and it found seven potentially unwanted programs, which I let it remove.

The second feature of this scam and fraud that I wanted to call attention to, is how banks and credit card companies would respond to unauthorized transactions.

I have had several near misses in the past, where my bank account and credit card information was nearly stolen.  After these incidents, when I telephoned my banks and credit card companies to ask questions about unauthorized transactions, I found out several things.

For one thing, I found out that you will be speaking to a low paid, low skilled, not very knowledgeable person at a call center, who gets paid to take your information to file a claim, and they care very little one way or the other about your situation.  When you experience this for yourself, you should begin to realize how insignificant and unimportant you and your problems are to Bank of America and Wells Fargo.

Bank of America and Wells Fargo, could deny your claim for fraudulent transactions on your account, until you are dead, with no legal justification for doing so, only the fact that they are massive companies, with thousands of employees, and every one of them being personally shielded from any civil or criminal liability for their incompetence or misconduct, from the call center employees, up to the highest levels of management.

The banks and credit card companies will probably try to deny your claim for fraudulent activities on your account.  If you go to the Wells Fargo website, under their security and fraud section, they state that they will correct fraudulent transactions that are made through on-line banking on your account, provided that you follow your Responsibilities.

At Wells Fargo, your Responsibilities are to keep your usernames, passwords, and account information secure, not share them with anyone, and to cooperate with Wells Fargo during their investigation.

You had better say, “I had fraudulent transactions on my account, I did not authorize these transactions, and I did not give anyone my usernames, passwords, or account information.”  If during the investigation, you ever said, “I received a Microsoft Warning Alert, I called the 1-800 number, he said he was Microsoft Support, I did what he directed, that is how I think that someone hacked into my checking account online.”, this is the out that Wells Fargo will try to use to say that you did not keep your information secure because you voluntarily downloaded remote access software to your computer.

You could probably try to explain to Wells Fargo or Bank of America again, and again, that you thought that you were talking to Microsoft Support, that you did not know that you were downloading remote access software onto your computer, you had no idea that someone else could remotely access your computer.  The big banks are not going to care, they are going to use what you just admitted, even though you only figured this out after the fact, they are going to use this to claim that you voluntarily shared your information, and thus they are not liable.

Microsoft, ConnectWise, Wells Fargo, Bank of America, they all want people to use their software because they make money this way, it is easy and convenient for them, they promote the use of all this.  Each of these companies are aware of the scams, frauds, vulnerabilities, and misuse of their software, that leads to complete financial loss to individual users, and they do not care, because there is nothing that you can do to them, especially if you are broke.

The only way to protect yourself against financial loss resulting from one of these scams or frauds, is possibly enrollment in LifeLock.  In a couple of conversations that I have had with LifeLock representatives, it appears that LifeLock is very concerned and pro-active in any situation where people’s account information is stolen, and used fraudulently.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s