Imagine surfing the Internet at home, or coming back from a day at the office, and the phone rings. Upon answering, a voice with an Indian accent greets the person by name, verifies his or her address, then tells the person being called that they work for Microsoft. They proceed to say that there’s been a report from the individual’s Internet provider of severe virus problems from the person’s computer. The voice on the phone recommends opening a program called Windows Event Viewer and downloading another program from a specific website to get rid of the virus. The caller helpfully offers to install the program by controlling the person’s computer remotely. After the program is installed, it’s time to pay the bill. For UK residents, who have been receiving such calls since 2008, the charge has been equal to nearly $300.

Well, if Microsoft is calling it must be legitimate, right? Guess again. Not only is the caller not really from Microsoft, there was actually nothing wrong with the victim’s computer. However, the victim has just given someone full access to everything on his or her computer, and paid a fee that is unlikely to ever be refunded for the so-called repair.

According to investigators in the UK, the scam originates from call centers in Kolkata, India. All of the call centers are believed to be headed by one man, also in India. The investigators theorize that the scammers are getting victims’ names and addresses through access to computer and software company sales databases.The scam has also spread to Australia in a slightly different form. There, the victim receives a phone call from someone with an Indian accent who claims to be calling from the Windows Service Center in Sydney. The caller says the victim’s firewall is infected with a virus, and offers a cure for $80 AU. Australian victims have been instructed to connect to a site called teamviewer.com.

It is important for all Microsoft customers to know that Microsoft does not make unsolicited calls or send unsolicited email messages offering to repair a customer’s computer. Nor do they call or email requesting financial information. In addition to actions taken by Microsoft regarding scams using their name, some of the sites that have been used for payment, including PayPal and AlertPay, have been closing accounts associated with the scammers.

For anyone who receives an unsolicited phone call or email from an individual claiming to be from Microsoft, it is best to follow Microsoft’s advice: hang up the phone or delete the email.

Fake antivirus programs or scareware rakes in more than $130 million each year for internet criminals. One moment, an innocent web surfer clicks onto a website and the next a window appears claiming to be from Microsoft Windows announcing that their computer is being scanned for malicious software or malware. Unless the computer is switched off immediately, the fake antivirus program will block a computer user’s Internet access and begin destroying data. Even then, it may be too late.

The program then insists that the only way to eliminate the computer’s virus is to download their software and pay the software fee. Since the program appears to resemble Microsoft Windows browser command windows and the user no longer has Internet access, the user is scared enough to pay the fee. Even for users familiar with the scam that do not pay the fee lose money by having to get the virus removed from their hard drive by a professional computer serviceperson.

What’s In a Name?

There are over 100 known name variations of and more names get added every day. These include Vista Security 2012, XP Anti-spyware 2012 and SpySherrif. Depending on which program a user comes across, they may be taken to a screen listing a dozen names including respectable brand names such as Norton and MacAfee.

The original scareware program is thought to be NightMare, which was created in 1991. The user can click on any of these names, but links to names like Norton are dead, forcing the user to choose a live link to an unknown name. These names change rapidly, depending on how well news spreads about these fake security names. Some of these names include Red Cross Antivirus, Pest Detector, Major Defense Kit and Peak Protection. They may or may not have the names of Windows, Internet Explorer, Mac or Safari included with them. Names also may resemble real anti-spyware programs but are slightly changed. “Norton” becomes “Morton.”

Avoiding Scareware

Never click on any link from any pop-up browser window to avoid downloading a rogue antivirus program. Both Microsoft and Mac have repeatedly announced that their security programs do not ask for money and do not initiate a security scan by themselves. The user must initiate security scans.

A real antivirus program like Avast will show a temporary window stating that a piece of malware was blocked. This screen slides offscreen or fades away in a few seconds. Always carefully check the name of the security program giving the warning. Never click on the window of a security program that was not installed on the individual computer, even if the name is of a reputable antivirus company.