PHOENIX, Ariz. — This week, a reader asks Data Doctor’s Ken Colburn about falling victim to scam sites and malware.
I think I have fallen for a scam. My desktop said my computer was compromised with some kind of malware and gave me a number to call. I did call and fell for the scam, so what should I do?
It’s unfortunate, but the Internet is loaded with what I refer to as “booby-trapped websites” that can generate very convincing pop-ups on your computer.
This latest scam is replacing the fake Microsoft calls that have been in play for years.
Many of the warning replicate Windows or popular security program’s dialogue boxes, which is why so many are being fooled.
In general, any pop-up warning that encourages you to call someone right away should be considered a scam, as that is not standard operating procedure for any legitimate security program.
In fact, most software companies try to do everything they can to prevent you from calling because it’s the least efficient way for them to work with millions of customers.
Some scams are designed to plant something on your computer so that, on a periodic basis, a warning will pop-up with the hopes that you’ll continue to fall for the trick.
Others are simply a plot to get you to pay for something you don’t actually need.
You may want to have someone you trust take a look at your system to make sure there isn’t any lingering malware or unnecessary programs still hiding in the background.
If you paid with a credit card, you can try disputing the charges with your card vendor, but most of the scams that I’ve seen include a process where you agree to the service electronically just in case you try to dispute the charges.
Another method that I’ve seen used is getting the victim to agree to pay via an electronic check, which makes getting your money back even more difficult.
The sophistication extends to what look like legitimate websites with lots of industry certifications and verbiage proclaiming no-risk money-back guarantees to help convince victims to use them.
Any company that uses these tactics to get customers is obviously not too concerned about its reputation, so it’ll operate under a large variety of names to help keep the scams alive.
As soon as one of the websites gets enough of a bad reputation online, it’ll shut it down a launch a new one.
One way to sniff out suspicious companies in the future is to see how long their websites have been around versus how long they claim they’ve been around.
You can do this using ICANN’s Whois database, which provides lots of details about companies, including where they registered, when they created their websites and when they are set to expire.
When you see a website that was recently created that will expire within a year and has an offshore administrative address or hides the administrative contact information through a proxy service, you should be suspicious.
If it claims that it’s been around for 10 years, but its website was created six months ago, that’s a bit of a red flag, especially if it only registered the site for one year. A company that’s been in business for a long time will want to protect itself by registering the site for an extended period of time.
Remote service is a great tool, but it’s generally best used after you’ve established trust with the organization or individual that wants to use it.
Ken Colburn is founder and CEO of Data Doctors Computer Services. Ask any tech question you have on his Facebook Page.
