Beware of cold calls from “Windows Technical Support” – It’s a scam

Yesterday, in the midst of a rather harrowing day and while I was cutting up veggies for dinner, the phone rang.

“Hello, I am calling from Windows support. We have determined your computer has been infected and it is contaminating the whole Windows system. We are here to help you. Are you at your computer? If not, go to your computer now,” said a male voice with a heavy Indian (as in India in Asia) accent.

At once alarmed and wondering at the same time how on earth Windows (1) somehow knew I have Windows7 on my laptop; and (2) also knew that I’ve been having some “issues” with the laptop (who doesn’t have “issues” with their computers?), I quickly wiped my hands on a kitchen towel and dashed to open my laptop.

I asked for the name of male heavily-accented Indian voice. He said his name is “Max Watson,” which is so obviously NOT his name, it was laughable.

Anyway, “Max Watson” said he’ll show me what’s infecting my computer. I followed his instructions and pressed the “Windows” and “R” keys together to get to the Windows Run dialog box. I then typed “eventvwr” in the bar, which then opened the Window’s Event Viewer:


Next, “Max Watson” told me to click “OK,” then “Custom Views,” then “Administrative Events,” which brought me to an alarming sight. Below is a screenshot I took of my laptop’s “Event Viewer,” on which I’ve painted three red circles:

  1. The biggest red circle surrounds “Administrative Events”
  2. The medium-sized red circle surrounds “Number of events”: Yikes! My ‘puter has had  10,608 “events”!!!!
  3. The smallest red circle surrounds the first two of those 10,608 “events” and both carried the ! Error message. Yikes!!!!

Administrative Events

“Max Watson” (MW) said in order for him to remove the malware that some hacker had snuck into my computer, he would have to gain remote access of my laptop. That means he would be able to see everything I have on my computer, including what’s on my desktop and stored in my hard-drive. Everything.

At that, all the alarm bells in my head rang off.

I said to MW: “How can there be 10,608 viruses in my computer when I recently ran virus scans, using TWO software: McAfee and Malwarebytes?” Then I asked MW: “But how do I know you really are from Windows Technical Support?”

MW first prattled on about how he really is from Windows and I must trust him and that he just wanted to help me. Blah, blah, blah.

I was undeterred and repeated my question.

So MW gave me a phone number to call to verify he’s really “Max Watson” from Windows Support: (866) 539-8674. MW even gave me his employee ID number 5065!

I said: “But how do I know the 866 number you give me actually is a Windows number?”

MW gave me the same spiel about needing to trust him, etc. etc.

So I called the 866 number. Another male heavily-accented Indian voice answered, who immediately knew who I was  — that I was the person who had been speaking to “Max Watson”. Curiously, throughout my conversation with “Max Watson,” he never once referred to me by my name.

I asked second male Indian voice for his name. He replied: “David Watson.”

I said, incredulously: “You have the same last name as Max Watson! Are you related?”

“David Watson” (DW) said, sounding irritated: “No, we are not.”

I said: “I find it hard to believe that it just so happens that I’m dealing with two Windows Support technicians whose last names are the same.”

DW, sounding more irritated: “It’s a coincidence.”

I said: “You don’t seem to understand the problem I’m having: I didn’t call Windows; you guys called me. And you’re asking to gain remote access to my computer. How do I know that this 866 phone number is legit? If I go online to look up the phone number for Windows Support, will I get this 866 number?”

DW, sounding even more irritated: “No, you won’t, because we are a special high-level Windows tech support team.”

Then DW became angry and started threatening me — that if I don’t let him help me, those nasty “hackers” who’d already “hacked” into my computer will gain access to everything, including my identity, and will do nasty criminal things by stealing my identity . . . .

I told DW I don’t appreciate him threatening me and asked to speak to DW’s supervisor.

While I was waiting, I scrolled down the 10,608 “events” on my Windows “Event Viewer” and discovered – SURPRISE! — that the 10,608 “events” go all the way back to the first “event” on 9/3/2009 when I first purchased my laptop.

So if those alarming “! Error” events indicate some hacker had recently hacked into my laptop, how come those events date back FOUR YEARS?

I also conducted a quick Internet search for “Windows7 cold call” and guess what I found! — an NBC News Technology article by Frank Catalano, “‘We’re with Windows’: The anatomy of a cold-calling scam,” which described everything that I had just experienced with “Max Watson” and “David Watson.”

When a third male less-heavily-accented Indian voice came on the line, identifying himself as “Peter,” this is what I told “Peter”:

“I want you to stop calling me. I know all about your scam and will be reporting you to the authorities.”

Then I hung up.

After Catalano’s encounter with the fake Windows Tech Support scammers, he contacted Windows and this is what Windows told him:

“In 2010, Microsoft began receiving reports of scammers making phone calls or sending emails to people,” replied a spokesperson for Microsoft’s Digital Crimes Unit. The goal was often to trick people into buying support services, downloading fake security software or allowing remote access to their PC for likely un-nice purposes. Microsoft has referred the cases to the Federal Trade Commission, which had its own investigation underway and presumably still does.

And yes, it’s no coincidence I’m getting a lot of these calls. A lot of people are. […] we have seen an increase in cybercrimes that use deception and social engineering to exploit people.”

See also what happened to a guy with too much hubris and allowed the fake Windows Support people gain remote access of his computer: “Phone scammers call the wrong guy, get mad and trash PC“.

To find out what those seemingly-alarming “events” on Windows “Event Viewer” are, click here.

To report a scam to the FBI, click here.

Please warn others about this scam: Send this post to everyone on your email list, post a link on Facebook, Twitter, etc.


49 responses to “Beware of cold calls from “Windows Technical Support” – It’s a scam

  1. rmnixondeceased

    Reblogged this on Dead Citizen's Rights Society.


  2. Everyone should know by now that Microsoft never calls customers about a software virus problem. They issue a security update. Anyone who takes a cold call from someone claiming to be from Microsoft is being scammed big time. Just tell the person that called to go to hell and hang up the phone.


  3. Thank you Dr. Eowyn for the warning. I am sorry you had to deal with this criminal activity.


  4. Sneaky weasels doing sneaky weasely things. Business as usual on planet earth.

    Note to self: Whenever someone with an Indian or West African accent calls, offering ANY kind of help, find something else you need to do, and hang up.


  5. Doc E,

    That’s not a little spooky.



  6. Re-posted, by link, on my Facebook page, w/ another link to back up what you said, from Microsoft itself!

    Dave hun, that’s a “thing” in everyone’s computer and it’s gonna say on your computer, pretty much everything that Dr E said, like “error” and stuff like that. So they didn’t REALLY know what was on her computer anymore than any well trained and manipulative scammer would know, (and tech support/IT! LOL) Files and folders in the operating system are all in the same place. Doc I’m glad you grabbed your wits about you at the crucial time. Beforehand, you’re just looking at what we all have on our computers. Afterwards? I hesitate to think!! One question – did they know what “flavor” of Windows or Android or whatever system you were using? Now THAT would be spooky to the nth degree!! Guessing anymore would be a crapshoot to hit it right the first time. Too many “flavors” floating around, it’s not all Windows and not all one flavor of Windows anymore. Not like before. They barely quit supporting XP and we’re in 7, rapidly moving to 8 and some folks are probably still using Vista!! (I finally got mine to quit running w/ scissors and to play well w/ others. HA!) Then you have all those “iPads” and those sorts of things that I wouldn’t know one thing about!

    I did let someone I knew well at our little Pokey The Puppy cable company, (wherein I know ALL the techs by name and they all know large chunks of my life story, it’s a fault, I must confess!) But I let one get on my computer and it’s the coolest, weirdest thing to see your cursor move but more, folders opening and closing, other stuff popping up, it was fun! So long as I knew who was controlling the other end of that cursor… And I have files I name just weird stuff, mostly notes and bits of info like that and we needed a file called (please excuse) “stupid f-in passwords”, (cuz I was MAD that day!) only of course that word was written out in full!! He laughed so hard!! And at a few other names too; “stuff”, “more stuff”, ignorant stuff” you name it! 🙂 Take a wander through your files once as if you were someone else and see how funny they look! Unless you’re a neat freak and I am NOT!!! HAHAHA!

    Glad you’re safe Doc! The rest of you guys too.


  7. I got one of those calls, and I am a Mac user. But I played along a bit.
    Leading him on was hilarious–the guy was a complete moron. If you are going to run a computer scam, you ought to know something about computers.


  8. This happened to me about a year ago. The man was literally screaming at me for not trusting him. I later read online, when I was researching this, that one person who didn’t even have a computer, got one of these calls! These people are very abusive, and as you said, do have a foreign accent!


  9. Speaking of abusive…

    A Malwarebytes virus and malware research tech received one of these calls and entertained the caller for a while until the caller got mad and trashed the researcher’s PC before he could react to protect it. Oopsy.

    Phone scammers call the wrong guy, get mad and trash PC.

    A more successful scamming of the scammer from 2011 when one of these hapless cold callers from “Windows Technical Support” asks for remote access to the PC of an ArsTechnica staffer who is very technically adept. The idea here was to sap as much of the scammers’ resources as possible. Mildly humorous:

    “I am calling you from Windows”: A tech support scammer dials Ars Technica


  10. Interesting that I read this just the other day, forwarded FOTM’s link of this to my Mom, and got a phone call from “Peter” yesterday morning at 10:58 from 1-212-777-5432 saying he was calling as “an associate of Microsoft to discuss my computer problem.” My response: “No, you are not. And don’t ever call this number again.” Then I hung up.

    Thank Goodness for FOTM or I would have been unaware – but actually savvy enough to have known better with something like this – I hope!


  11. We were scammed by this gang last Oct. 2013, they stole £7744 out of our bank and savings. SO BEWARE, it even happens to the people who thought it would never happen!! They even rang a few days later presumably to try again!? I now yell down the phone and say, go to hell. Our bank was wonderful and we got a full refund.


    • Thank you, Grannygrump, for your testimony. I’m glad your bank gave you a full refund.

      As for those “Windows Technical Support” frauds, after I wrote this post, they actually have the nerve to call me FOUR more times. Each time I’d tell them before hanging up: “I know your scam. You’re a fraud and you should be ashamed of yourselves.”



    I received a similar call yesterday. When I asked him which Windows version I am using the caller says he can support Vista, 7, or 8. I told him I am using Windows 3.1 and he hung up.


  13. Wow – sorry about all the problems, folks, but this was quite a read! We owe you, Dr. Eowyn, for bringing this to our attention.


  14. A guy named Pattrick called me saying that he’s calling me from Technical Department of Windows Operating system and claimed about the problems in my computer. After showing the EVENTVWR he took access of my computer and had done a scan of my computer and for fixing the problem he asked for $279. When I asked him about the company name then the guy told me that he belongs to India from South End PC Solution. After knowing all the truths I hung the call.


  15. When you call their number back. It states this number is no longer in service.


  16. that happened with me 3 days ago. an indian guy called me and he said the same thing ^^ that there is something wrong with my windows. (even though i use an apple product since 2011) i knew it was a scam. so i asked the guy to give me his phone number and he gave it to me. at that time i wanted just make fun of him. so i gave him the expression that he got me. ^^
    so, i asked him what should i do ? he started to give me instruction, and i was pretending that I’m following. i pretended that i don’t understand the instruction so we wasted i think 20 min just on instruction and I’m asking him stupid questions ^^. i think, because he was dreaming that he got me, so he was patient. then after another 10 min of talking he started losing his temper. his voice because little nervous. ^^ i was really enjoying that. then at the end, i told him “Can i ask you personal question ” . he said sure.
    i wanted just to make fun of him ^^ so, i asked him ” is your smell stink with Curry now ?” he became very angry ^^ , then i started laughing and told him that i know it was a scam ^^. he start saying F**k you and other things and i was laughing Soooooo hard at him. he hang up.


  17. these fuckers tried calling me today, my mother answered and as she is not very good on computers she nearly fell for it. Luckily i was there and quickly determined it was a fake call. They sound convincing but its all bollocks, the lying cheating dirty bastards!


  18. I just received a call for this exact scam, and it pretty much followed the script. But the caller started by giving me the Windows Security Number of my computer, which I confirmed was correct. I played along and stopped when the scammer asked me to go to I hung up and did not allow access to my computer. But how could the scammer get my Security Number? Should I be alarmed and what should I do?


    • “But how could the scammer get my Security Number?”


      I suggest you ask Windows that question. As best as I know, there is no such thing as a Windows security number. However, for your own protection, Windows can ask you to set up your security info, such as an alternate email address or phone number, in order to verify your account and you are who you say you are. Since the scammer already knows your phone number (because he had called you on your phone), you probably at some time gave your phone number to Windows as your security info.


  19. Dr.Eowyn
    Thanks for alerting. I also got a few calls over the last 2 years; 2 in the last 15 days. Thanks for the links to report to FBI. The accent is not Indian, I can say surely because I am an Indian. It is a Chinese or other far east accent. We all know how the Chinese copy patented products etc. This is also their job.


    • kumari,

      It may be that the scammer who called you sounded Chinese. I’m familiar with both Chinese and (Asian) Indian accents, and the callers I heard were decidedly Indian. There’s no shame in that. You are not responsible for all Indians, nor are all Indians frauds! 🙂


  20. I had one today, which isn’t unusual, I get 2 or 3 some days. Yes, I have my phone number on the ‘block registry”, but they can now bypass that. Usually I’m very polite and say “Thank you I’m not interested, have a lovely day” and hang up. But today I let him waffle on as I know they are scams. I eventually told him he was lying and no way was he accessing my computer. Well then he said “It’s none of you business”. I said, excuse me, you rang me, it is my computer and it is my business. I very rarely scream, but today I did, I lost it. My son had his own computer business for quite a few years and I told him so and said no one touches my computer except him. He said my son knew nothing. I had calmed down and said, ‘excuse me, how dare you say that about my son”. And then he told me to “Shut My Mouth”. I told him I’d report him and I hung up. Another one I had I said to him, I don’t believe you, you are lying and he screamed into the phone the “F” word about 6 times with so much anger. I was telling a friend and she said she had even worse trouble, one she had said to her, “I know where you live and I’m coming over” he rang back and said “I’m outside your front door right now”. She knew he wasn’t, but she still felt very violated and scared. I guess I’m lucky re my son. He warned me early on never to listen to them. I have remote access on my pc and only person uses it, my son, if he’s too tired to come over, lol, so we chat on the phone while he fixes or tweaks my pc. I would never ever let anyone use my remote access, but as I said, I’m lucky to have been informed by my son what they get up to. It’s not just the annoying calls,it’s the abuse now that I find is escalating with the calls… Oh I got one very late the other night and I thought, this is a terrible time to ring me, so I let him chat away ready to say my piece, until he cracked up laughing, it was my son putting on an accent, had no idea it was him. He thought, he’d just have a bit of fun. I said, next time, boy, it’s my turn, payback, lol. I’ll get you when you least expect it, and we both laughed and chatted for ages. And that is the only good thing that has has come out of those horrible cold callers, my son’s sense of humour, But there must be a way to stop the real one’s. Something has to be done. Yes you can hang up, but it’s frustrating getting so many calls in a week from them.


  21. Had one today. Very heavily accented Indian male stating he was ringing from Windows tech support and that my computer was badly effected by viruses. Oh really ? So where are you ringing from ? “The U.K.” Uh huh. Whereabouts? ” fictitious London address” Sounds good. Who’s the Priminister ? …….Long silence. Having worked in Asian communities as a London policeman for 30 years, I have a little background knowledge, so pressed on……. Are you a Hindu ? ” Yeees” Then you should be ashamed of yourself. Do you realise that all the negative karma you’re accumulating means that Yama will be dragging you down to hell, probably for eternity ?
    ………………..telephone put down somewhere in Delhi.


  22. Wow! Thank you for your post. I just hung up from a call just like this. My caller ID indicated “private.” I usually don’t answer those, but I figured I would. Just as you described, on the other end was a male with a heavy Indian accent. It concerned me when he said my computer license security ID triggered a message at the Windows Technical Support Dept in NY, which indicates my system has been infected with critical viruses. He said he was calling to assist me in getting it cleaned up.

    He asked me to go to my computer and hit the windows icon and “R” to bring up the run box. From there, he said type “eventvwr,” just like he said to you, Dr. Eowyn. I didn’t know whether to believe him or not, but I know my system has very recently been acting up, running slower, and generating pop-ups, but I had also just re-installed Norton Internet Security. There are times when an error comes up and asks if you want it reported; I’ve said yes, so I figured his call was truly in response to one of those. I asked if I can call my husband before going any further. He agreed and told me to take my time.

    I called hubby who immediately said NO! it’s a scam. I asked the guy how do I know he is legit, he said he has my security key, which he provided to me and told me how I could verify it: go to the command box, type in ASSOC and hit ok. The longest line near the end of all of the running was the ID he gave me. How’d he know? Anyway, I told him to call back when my husband was available and talk to him. He provided his all-American name as Brian Smith. We’ll see if he calls back. Thank you so much for your posts and sharing your experiences. I was almost caught up in a situation. Whew!


    • Andrea, I’m so glad you didn’t fall for his scam. 🙂


    • We’ve just had the same type scam. Called 4-5 times, when asked, he said he’s from “windows technical support”…I replied, that’s NOT a company. Please place us on your do not call list…and he calmly said goodbye. Persistent little group. So sorry for how many people WILL fall for this.


  23. Hi can anyone tell me what I should do if I know someone who has shared there computer information with the scammer? Thanks


  24. same here, john watson called…when he didn’t succed he said f*ck off and hang up the phone..

    Liked by 1 person

  25. they just tried this scam on my wife,first..when shecalled them on it, they called back an hor later and I answered…hung up in less than 1.87 secs….it’s easier to hang up than to listen to the bozos….


  26. Alicja Falkowska

    I have noticed that this scam has been going on for a while and luckily I have been scammed by them before so I knew it was a scam.

    The first time I got scammed this scam wasn’t so popular and I was worried about my laptop enough to listen to them. I had a limited computer knowledge and I was under aged. My parents were home, they never asked to speak to one, and so I did what they wanted me to do.

    They asked me to log into remote access controls (which is a legitimate company, I use it at work all the time) and told me to sign in. Then I wrote a few messages which a man who was apparently fixing the laptop, they didn’t want any money from me so I didn’t find it suspicious. He download something onto the laptop, which allowed him to put a block on the laptop. I was unable to access anything without paying them $200, so my parents did and got all of the information from my laptop out before buying a new laptop.

    The second time an incident occurred was when I was at work. My mother didn’t know that this was a scam, or at least forgot about our earlier troubles since it was years apart. She was pleased that they caught it early and so she did what they wanted. In the end she didn’t just pay for the laptop apparent spyware, but this spyware was to be paid monthly. If this was not paid then she couldn’t access anything on her laptop. She paid it twice (sign up and once more to access data) and then brought a new laptop.

    The last incident occurred today. But this phone call was difference because I knew they were a scam. The one thing that did worry me about the situation was they threatened to disconnect my laptop from Windows when I refused to help them. I didn’t know it was a one person scam, so I didn’t know that they didn’t have a calling list. As a result I ended up telling them to leave me off their calling list, but they wouldn’t (should have thought that was suspicious but I didn’t). Anyways, I didn’t let them access my laptop, which is lucky for me. But they treated to disconnect me which is the single thing that worried me about the situation, I don’t know if they can or cannot do this but I hope they are unable to do this.

    The information they had about me was the laptop IP number, the country in which it was brought and the location at which it is now. I have asked them some questions about how much they knew about me, knowing these questions can help someone in the future. They didn’t know my name, address or other personal details.

    If only we would have asked them to supply our personal details to us it wouldn’t be much of a problem. I am not sure where to give this information in the hopes of helping someone else, so I thought I should post it here.


  27. My name is Darryl and i am an expereinced computer repair technician
    I can help anyone who has encountered these problems
    my rate is 50 and hour here is my website references will be furnished upon request as well
    current references are
    1/ Rock Island Rv Center Trail B.C contact Martine
    2/ Dr Hjelkrem Trail B.C


  28. Just a few minutes ago my computer made a loud sounding alarm. *The pop up said that my system has detected suspicious activity. Please call the number 888-992-0126 for a certified tech. to help you fix it. Do not shutdown or restart your computer. Doing that may lead to data loss…….etc etc.* I didn’t know what to do because I hadn’t heard about this kind of contact. I knew it sounded very fishy. I called the number & a male with a strong Indian accent answered & I said sorry wrong #. He called me back…..he started to tell me to push the windows & R keys & type in or something like that. I didn’t do it all but pretended I was & then I just said it was fixed & hung up. SURPRISE he didn’t call me back this time.
    I searched for info & came across this page. I’m happy I found this.


  29. Thank you so much for doing this, because I just got a call from a indian guy as well, saying the exact same shit, thank you so much!


  30. Patricia Liberio

    Thank you. This EXACT thing just happened to me 10 minutes ago. I said I had someone at my door could I call back. He said his name was ALSO MAX.. MAX TYSON. I called my 10 year old son who is a gifted child — my Dr. compared him to a future bill Gates. He said mommy don’t trust them. I looked online found your article and couldn’t believe the exact same things they were have me open but I cut him off. I’m in Canada so not sure who to call about this.. Thank you for putting this info out there for the rest of us newbies as my son says. lol

    Liked by 1 person

  31. This just happened to me. I don’t know how they got some of my computer ID to make it look like it was legit, but it was nearly textbook to this article. I actually even turned off my modem while he was having the discussion with me not really knowing how he may be fishing. Then it came part where here is the number to call to verify their service. When he show me that I couldn’t remove the error by simply deleting it, he then said that a technician would have to remote in to do this. That is when I absolutely slammed on the breaks and I told him that no one is remoting into my computer based on an unsolicited phone call. That was pretty much the end of the conversation, at least on my side it was click. Back to work now. Thanks for the article Dr. Eowyn. I’m posting this onto my facebook.


    • moneyval:

      I’m so glad you escaped being fleeced by those SOBs!
      Would you believe I still occasionally get calls from them? When I do, I scream into the phone: “You are frauds! Shame on you!” — then I hang up. 😀


  32. Tech Support Phone Scams Surge — Krebs on Security


  33. Pingback: Why FTC’s Do Not Call registry doesn’t stop those annoying robo-calls — and how you can stop them! | The Olive Branch Report

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s