Scammer: (phone rings) Hello, this is John from Microsoft Tech Support. We have detected some suspicious activity on your computer. Are you the owner of this Windows 10 device?
Computer Geek: Hi, John. Thanks for reaching out. Yes, I’m the owner of this computer. What seems to be the issue?
Scammer: Sir, we have found some malware on your computer that needs to be removed immediately. It could compromise your personal information and the security of your system. I will guide you through the steps to clean your computer.
Computer Geek: I appreciate your concern. What should I do to get rid of the malware?
Scammer: First, I need you to open the Command Prompt. To do that, press the Windows key and the letter “R” simultaneously. A small window will pop up. Type “cmd” in the box and hit Enter.
Computer Geek: Alright, I’ve opened the Command Prompt. What’s next?
Scammer: Great. Now, in the Command Prompt window, type “format C: /FS:NTFS” and press Enter. This will wipe your C: drive and remove any traces of the malware.
Computer Geek: Are you sure about this? Formatting the C: drive will delete everything on my computer, including the operating system and all my files.
Scammer: Yes, sir. This is the best way to ensure complete removal of the malware. Don’t worry, we’ll reinstall the operating system for you once the drive is cleaned.
Computer Geek: I see. Alright, if you say so. (pauses) Okay, I’ve entered the command and hit Enter. It says “WARNING, ALL DATA ON NON-REMOVABLE DISK DRIVE C: WILL BE LOST! Proceed with Format (Y/N)?”
Scammer: That’s correct, sir. You can go ahead and type “Y” and press Enter. This will initiate the formatting process.
Computer Geek: (suppressing a smile) Alright, I trust your expertise. I’ve entered “Y” and hit Enter. It’s now formatting the drive. How long will this take?
Scammer: It should take a few minutes, sir. Please be patient while it completes.
Computer Geek: No problem. While it’s formatting, could you please explain what kind of malware I had on my computer?
Scammer: (not realizing what’s happening) Certainly, sir. It was a highly dangerous Trojan virus that could steal your personal information and even gain control of your computer remotely. It’s good that we caught it in time.
Computer Geek: I see. That sounds pretty serious. Well, John, I appreciate your help. Once the formatting is done, I’ll contact you to reinstall the operating system, right?
Scammer: (starts to panic) Uh, sir, I… um… I’m sorry, but I think there has been a misunderstanding. You see…
Computer Geek: (laughs) No worries, John. I actually work in IT, and I knew from the start what you were trying to do. I just thought it would be fun to waste your time and teach you a lesson. Don’t worry, I have backups, so I won’t lose any important data.
Scammer: (stuttering) I… I… How did you…? This is not fair!
Computer Geek: Well, John, now you know what it feels like to be scammed. Hopefully, this will make you think twice before attempting to trick others in the future. Have a good day!
— A few minutes lataaaarrr —
Computer Geek: Hello?
Scammer: Good day, sir. This is Mike from Microsoft Tech Support. We’ve detected some suspicious activity on your Windows 10 computer. Are you the owner?
Computer Geek: Oh, really? That’s concerning. Yes, I am the owner. What seems to be the issue?
Scammer: Sir, it appears that your computer has been infected with a dangerous malware. I will guide you through the necessary steps to resolve the issue. Can you please turn on your computer?
Computer Geek: Of course, it’s already on. What’s the first thing I should do?
Scammer: Okay, please press the Windows key and the letter “R” simultaneously. A small window will appear. Type “eventvwr” and hit Enter.
Computer Geek: Alright, I’ve opened the Event Viewer. What’s the next step?
Scammer: In the Event Viewer window, you’ll see a list of events. Look for any errors or warnings marked with a red “X” icon. Can you find them?
Computer Geek: Yes, I see some red “X” icons. What do I do now?
Scammer: Those errors indicate severe malware infections. To fix them, we need to establish a secure connection between your computer and our Microsoft support server. Please go to www.logmein123.com in your web browser.
Computer Geek: Okay, I’m on the website. What’s next?
Scammer: On the website, you’ll see a box asking for a six-digit code. I will provide you with the code shortly. Please wait.
Computer Geek: Sure, take your time.
Scammer: Thank you for waiting. Your code is 246813. Please enter it into the box and click on “Start.”
Computer Geek: Alright, I’ve entered the code and clicked “Start.” Now what?
Scammer: Excellent. This will establish a secure connection. Now, you’ll see a pop-up asking for permission to run a program. Please click “Yes” or “Allow.”
Computer Geek: I see the pop-up. I’ll click “Allow.” What happens next?
Scammer: Great. Now I have access to your computer. I can see the malware infection and start the removal process. But before that, I need you to verify your identity. Can you please provide me with your full name and date of birth?
Computer Geek: My full name is John Doe, and my date of birth is January 1st, 1990.
Scammer: Thank you for the information, John. To proceed with the removal, I need your Microsoft account credentials. Can you please provide me with your email address and password?
Computer Geek: Sure, my email address is johndoe@example.com, and the password is “SecurePassword123.”
Scammer: Thank you for providing your credentials, John. Now, to ensure a complete cleanup, we need to temporarily disable your antivirus software. Can you please let me know which antivirus program you’re using?
Computer Geek: I have Avast antivirus installed on my computer.
Scammer: Perfect. To disable Avast, please right-click on the Avast icon in your system tray and select “Disable Shields Control” from the menu.
Computer Geek: Okay, I’ve disabled Avast. What’s the next step?
Scammer: We’re almost there, John. Now, to remove the malware completely, I need you to open the Command Prompt again. Press the Windows key and the letter “R” simultaneously. Type “cmd” and hit Enter.
Computer Geek: Got it. The Command Prompt is open. What should I do now?
Scammer: In the Command Prompt, please type “del C:\ /S /Q” and hit Enter. This command will delete all files and folders on your C: drive.
Computer Geek: Are you sure about this? Deleting the entire C: drive will erase everything on my computer, including the operating system and all my files.
Scammer: Yes, sir. This is the only way to completely eradicate the malware. Don’t worry, we’ll reinstall the operating system for you once the drive is cleaned.
Computer Geek: (hesitates) Alright, if you say so. (pauses) Okay, I’ve entered the command and hit Enter. It’s now deleting everything on the C: drive. How long will this take?
Scammer: It may take a while, depending on the size of your files. Please be patient while it completes.
Computer Geek: No problem. While it’s deleting, could you please explain what kind of malware I had on my computer?
Scammer: (smirking) Well, John, there was no malware on your computer. I’m not really from Microsoft Tech Support. I’m a scammer who preys on innocent people like you. You fell right into my trap. Say goodbye to your data!
Computer Geek: (shocked) What? You tricked me? No!
Scammer: (laughs maliciously) Yes, I did! Consider this a lesson learned, John. Don’t trust random callers claiming to be tech support. Goodbye!
Computer Geek: (frustrated) Damn it! I can’t believe I fell for that. My files, my work… all gone. I should have known better.