In this blog I will be deep explaining to you about Microsoft Scam tech support company operates, the works flow and how do they make
money. The motive behind these scams is very simple, inject a bug, scare the
victim, help them fix this, and steal their money. This is my personal Research and its more phycological than technical on How does Microsoft scam work?
Here is the answer.
What is Microsoft scam or tech support scam?
This is not a new term for many of us around the
world and as the technology grows day by day new types of online scams and
frauds are taking birth. But, one scam which has ruled the world and cost
billions of dollars to the people and to the governments is "Microsoft
scam" or "Phishing". I first heard this in 2011 and this
industry was booming at that time. Today also it's peaking, just things are not
easy as those were before.
How does Microsoft scam work?
When you get a call from someone claiming your
computer has a virus and they are from Microsoft or your computer screen gets
freeze and a pop up appears telling you your computer is at risk please call
this number at Microsoft Security center to resolve this issue for free.
That’s
when a person becomes a victim of this scam. Even if you know how this fraud
works, then also there are 89% chances that you will be a victim of a computer
scam once in your life.
How do these companies operate?
Most of us think that these scams are originated
in countries like Columbia, India, Bangladesh and etc. Yes, the majority of
scammers are organized in these countries but the seed is sown in the United States
only because most of the high-quality calls are generated in the USA itself. Let’s
take India as an example, hundreds of thousands of small to big tech support are
there and they work the same exactly as an organized company with hundreds of
employees, a hierarchy system, HR, Transpiration. The same way a big legal
company would operate. Even in a few of the companies,
where human phycology and tech stuff is taught. The training
includes rebuttals, reading someone mind, creating trust, holding a command,
and other important things that help an agent to crack those dollars. The
base of these companies starts with Calls generation. Either the companies buy
inbound calls, PPC campaigns or they generate their own calls through Blackhat
SEO, PPC, Email boosting which could be inbound or outbound. In most of the
cases companies buys these inbound calls from vendors and they are mostly from
India or the USA. Calls routing from the USA are usually expensive and are of good
quality considering someone is generating them in the US only, which are narrowly
targeted on Geography, Age, Social security, and yearly income. For a tech
support company per call cost them anywhere between $15 to $30 depending on the
quality.
The employees/agents working as Microsoft scam sales representatives earn a bit higher than an average person working in day time Job. Thus, tech support is also known as easy money for many. Also, the incentives for each sale are huge. Any agent with good sales skill would earn Rs.1,00,000 per month that is between $1300 to $1500 monthly.
## there is a training period
of 1-month ##
The employees/agents working as Microsoft scam sales representatives earn a bit higher than an average person working in day time Job. Thus, tech support is also known as easy money for many. Also, the incentives for each sale are huge. Any agent with good sales skill would earn Rs.1,00,000 per month that is between $1300 to $1500 monthly.
The requirement to join these
companies is very basic. One should be good in communication and speaking
English which is most of the Indians is very good with English and basic
knowledge of computers. Other technical stuff is taught once they join the
company like taking remote access, checking default settings, using commands to
scare, running different programs, call flow, sales pitch and etc.
How people get into these scams?
Have you ever noticed when you are trying to look
for something you get hundreds of ads which keeps popping and sometimes by
mistake or intentionally you tend to click on those and nothing happens? Well,
this is where the story begins. Malware is injected into your system at that
moment and you start getting pop-ups on your right corner of the screen telling you
that your Norton is expired or meet local girls in your area. Stuff like that.
The call generators use this kind of pop-ups and sometimes freezing pop up
like this one. (that’s why good inti virus or securities are important)
Your screen gets freeze and it tells you to call
on Microsoft number to get this issue fixed for free.
In the training part of these calling scammers, they
are also taught about the mindset and phycology of a human brain and especially
Americans.
See people in America are trained to follow instructions. You see a board that says don’t spit, you won’t. And especially in computers where you know that an average American shares all of his information on a computer. When your screen freezes with a pop up from Microsoft saying that all your information, credit card details, password are at high risk and can be shared on the network. You will follow the instructions and call on the number. If this happens in India. We will turn off the computer and restart it again and clear all the history and data in our browser and we are good to go. I would say making a sale on these calls is not easy and requires a lot of presence of mind. I am not praising this work in any way, just telling you the inside story. Not just the agent is making a sale, there is a team of experienced sales rep and technicians behind him who might be helping that agent step by step. I heard a team of 5 scamming a person and getting $70,000 from her and the call continued for 1 week.
Call Flow and sales pitch - Microsoft Scam
- Attending the
call with an opening line and creating trust, thank you for calling Microsoft, my name is XYZ, how can I help you.
Few
other probing questions are asked to create trust. If someone asks
the agent and has trust issues whether they are talking to the right person. 1. The pop up you got is a computer-generated
message and gives you an alert whenever there will be some issues with the
machine. 1. This is an MS official helpline number and the call can rout anywhere in
the world. 3. Microsoft doesn’t have their own tech support that why the call
gets route to official support partners around the world. These rebuttals are
given with such confidence and command that anyone would believe them.
- Taking remote
access
Once trust is maintained, the agent takes remote control of the Customer by
repeating a few simple steps to follow. Even if in this process the customer
feels uncomfortable there are hundreds of rebuttals to bring the trust on
track.
- Diagnosing the
pc, Developing a trust
Now the agent has the computer access and he will tell you that he won’t be
touching any of your personal stuff on the computer and will just create a
diagnostic report for you and find the root cause of the problem for you. This
is said to gain trust and to show some level of professionalism. Remember, now
when he is in your commuter, he can even make your screen blank and do whatever
he wants, and all you will see a black screen on your end. He will be using a few
commands to make you believe that he is checking something. Press and hold the
R on your keyboard > Run box will appear, type CMD and hit enter > type
cd.. hit enter > type tree hit enter > this will give u a running screen
like in movie matrix.
Stupid command but very effective in making the first impression.
- Fixing small
issues, asking about the daily usage and what important for them
While checking few programmers on pc the agent will remove a few of the junk
files by giving commands in run box-like “temp” “%temp%” or “prefetch”. This is
where most of the unwanted and temp files are stored. A normal person can go
and delete these files once a week. It helps to keep Pc speed and health in
place. This is how you do it. Another command is called eventvwr
where he will show you a list of errors and warnings and make you believe that your computer has been giving you alert and you never noticed it. Making you feel guilty about your computer condition.
where he will show you a list of errors and warnings and make you believe that your computer has been giving you alert and you never noticed it. Making you feel guilty about your computer condition.
While the agent pretends, he is helping in cleaning the computer. He asks few questions to understand the issue as well as understanding the usage, how many times you do banking, what do you do for a living, what is important on pc for you, it could be pictures, files, or TurboTax. The agent uses all this information to scare the customer at the amount of pitching time. Sometimes they even ask you to open up your internet baking so that they can install internet protection inside your banking. Sounds lame? Well, 90 % of the customer does open the internet banking and the agent does know how much money you have in your account.
- Creating a
diagnostic report and providing them with a solution which is usually an anti-virus system or tech support. Now a fake report is being generated and given to you which looks like this
You will be told Your I.P. has been hacked, your information like credit
card details, SSN is all Vulnerable and will get shared on the network if you
don’t take necessary steps. Even if you deny buying the security and tell the
agent that you don’t have money or you don’t do any kind of internet banking,
they will turn things around to the network issue, not just the computer. A diagram of Firewall is presented in front of you
They make you understand that even if you take your computer outside to a
local store and fix this computer by paying $49 you won’t get a fixed solution.
Once you bring the computer back and connect with your internet. You will be
connected to the network and again the hackers will have access to your
computer. So, we need to fix your network first and your computer after. If even
this trick is not enough for you, the agent will install a Chrome extension in
you're Google Chrome called Browsec while talking to you and he will turn you’re your I.P.
Location as Singapore. The thigs will get on another level now. You will be
told that not just your I.P. is hacked or your information is at risk, but
someone is actually used your I.P. Address in Singapore.
And if that person does any kind of fraud or illegal stuff using your I.P. address, you will be caught not him. The agent will open up your chrome and will type my I.P. address and the top website that appears he will click on it and your I.P. will be reflected as in Singapore.
SO, A straight 1 solution is provided to the customer with no other options. This sales pitch can vary from $150 to $2000 or even more depending on the Customer. Even if that’s not enough for you
- Sale Upgrading
The agent finishes his role and transfers the call to the manager or
superior for verification. The superior Greets the customer and confirms the
plan or support the customer asked for. Before making a final call he upsells
this plan adding few other benefits like insurance, anti-theft insurance, lifetime support which can take a $1000 sale to $3000 sale. At this point the
customers want to cover themselves with all the layers of protection they can
get and doesn’t care about the money anymore.
- Transferring
the call to a tech who then takes remote access and start cleaning up the
computer and installing a free anti-virus.
This is the last step and few documentations are shared with the customer
and that only happens if the customer has paid through credit card, debit card, or e-cheques. If the customer paid by a gift card, the call is still running.
Coming back to the money part. Now you are scared and want to buy the
security, you will go out and buy the gift cards. The agent will tell you to
stay near the store only from where you bought these cards and he is sending
the code for quick verification. After 5 minutes you will be told that these
cards are not working or not active and that they see there might be a
technical glitch at the gift card company side. Once these cards are scratched,
they are non-refundable and the agent doesn’t want your money to be wasted. So,
he will tell you that he is connecting the call with the gift card company and
you have to speak to them as you are the one who bought the card and to tell the
card. He agent dials the call and just after the IVR process is done, he will
disconnect the call from his side and connect the call with another colleague
sitting just right beside him. Now his colleague will talk to you pretending as
a rep from the gift card company. You will be trusting the whole procedure as you
heard that the call was made and you went through the IVR process. The
second agent now will as you what is the issue, the last 4 digits of the gift
cards, and will tell you that there was a tech glitch for 1 hour with the
company so the cards will not be working. But you don’t need to worry as you
will be getting a complete refund within 3-4 hours and id there is any business
remaining using these cards, they would suggest you buy another set and use
them this time. And they will work. Most of the cases the Customer buys another
set of same cards and gives them to the 1st agent. That how a $500 the sale gets converted into $1000 sale. And the number keeps growing till the time
customer feels that he is getting scammed or any other issue occurs. Once these 2 steps are completed and the scammers feels he won't be able to get money out saying the cards are not working, he uses a 3 upgrading that is called Dell Firewall Upgrade. I have written a separate article on it how scammer uses dell firewall to steal thousands of dollars.
You might be thinking how someone can get into this trap, but an agent
closes all the doors for the customer like telling him to shut all other
devices or phone, cuz the bug can jump from one device to another and he keeps
the customer with him on the line throughout this process. Even if you get a
call in between they strictly ask you not to pick that call, as this is a
secure line and they don’t connect to be broken, cuz maybe some hacker knows
that you have taken some action today regarding your identity and computer and
they might try to attack you again. And trust me, people fall into this very
easily.
Mode of payments - Microsoft Scam
A few of the technical supports does the mixing of
ethical and non-ethical work. Like for example, generating calls that are also
called phishing or buying these calls which are nonethical and doing the
payment procedure in a very strict ethical way. That happens just to provide
the income proofs, from where the money is coming from and to file taxes. Which
makes it a bit of clean work in the government's eyes.
So, the first way of doing the payments are
through credit cards, debit cards, Bank transfers, e-cheques, and much more.
This is an ethical way or payment and the company has to take care of the customer
as banks have the refund and chargeback policies. To ensure the company does
get a chargeback, the company has a different customer service department for
the post-sale service, most of the cases one can claim for a chargeback withing
21 days and for few banks its 6 months also. And for most of the ethical way of
payments these companies don’t even work as Microsoft, they will tell you that
they are a 3rd party company which works o Microsoft computers. Now
this happens because the calls are recorded and if anyone claims for a refund
or chargeback, the company does want to show that they are working as
impersonating a Microsoft. In the local language, these kinds of centers are called
genuine supports, but they are buying these calling so nothing is genuine about
it.
Another way of payment is 100 % illegal and effective - GIFT CARDS
I am saying effective because most of the companies prefer the second way or payments which is through Gift Cards, Bitcoin, and fake western union transfers and this mode of payment is 100% non-traceable. Once the company gets the payment, they leave the customer hanging. Meaning not even the computer is fixed or cleaned. It depends on the agent if he has some curtesy and cleans the computer for the customer.
I am saying effective because most of the companies prefer the second way or payments which is through Gift Cards, Bitcoin, and fake western union transfers and this mode of payment is 100% non-traceable. Once the company gets the payment, they leave the customer hanging. Meaning not even the computer is fixed or cleaned. It depends on the agent if he has some curtesy and cleans the computer for the customer.
Why gift cards are preferred mode of payment for scammers.
No one can trace where the cards are going. All
one needs is the 16-digit code at the backside of these cards. The customer is
asked to go out and buy certain cards for the asked denomination and provide
the code at the backside. If a customer asks why they need to buy the cards,
the most common rebuttal is – Sir, your computer has been compromised and we
can’t let you share your personal information like credit card number on this
computer or on your network so the best way to do the payment in such cases is
through a Microsoft gift card or Microsoft Partnered cards also known as
Google Play cards or Walmart card. Wondering that Microsoft and Google and
Walmart are different companies, right? That what these agents are taught. How
to play with words while scaring the shit out of the victim. There is a full-proof technique where you can see how an agent plays with his techniques and
convivence the customer to go out and buy the Gift Cards.
The agents take the customer to Microsoft
official website and make him log in into his account. Now he takes him to
payment and billing and shows him various ways of payments.
Agent tells the customer that for these kinds of
malicious activities and identity theft issues we have provided a more secure
way of payment that is via redeeming a gift card. So, the customer doesn’t need
to worry about anything and the money goes directly to Microsoft only. This is
an effective way of making trust.
Once the company gets the code, they redeem it at
sites like Pax full or there is a dedicated vendor who does money laundering
for these companies via Hawala procedure. Whatever the scale is made by the end
of the day, the company gets the payout the next day in cash.
Since we are talking about the money part, let me
tell you that on an average a 15-seater company generates approx. $10,000 to
$20,000 per day tax-free and without any money trace. Sometimes the number gets
higher.
As the time changes so does the sales pitch and
now since 2020 the game has totally changed. There are even a few scammers making $50,000 to $1,00,000 per day.
Final words?
It is not right to scam someone and to steal the
money one earns through hard work. Even if campaigns are running out in the USA
creating awareness on gift card scams. These agents always have a way to get
the customer to go out and buy these cards. The customer is afraid and vulnerable and
a person in shock or fear will do anything to protect himself or his family.
Every person using a computer should be having
securities for themselves. This might add up some extra bucks to your yearly
expenses. But they are worth spending rather than losing all that you have in
just a matter of the call. This software doesn't let any unwanted program be installed on the computer or won't allow any junk or malware, adware to enter the computer. And I am here not just talking about the money but other
thousands of information one does share like personal credentials, credit card
numbers, emails, login passwords, pictures, videos and much other stuff that
can be used against you and on the internet. Securities like Mac Afee, Norton, Kaspersky’s
are easy to purchase online and have full technical support for any of your
assistance.
You get emails about the services and products,
but then also keep your eyes open and check from where these emails are coming
from. Few might be from the scammers
If you want to ask anything or share your story.
Write to me at scamsalertinfo@gmail.com
If you find this helpful share it with your
fellow friends and make them about the Microsoft Scam
2 Comments
Greatly appreciated for this information.
ReplyDeleteThank you sir/mam.
DeleteIf you want to ask anything, mail me :)