We're probably all familiar with email scams suggesting we send our bank details to receive lottery prizes, collect unclaimed inheritances and all manner of other scams. But a new one to me was the “Windows key and R” scam.
In case you hadn't come across it either, let me tell you what happened a couple of days ago.
I have just bought a new computer, which has been networked to my old one by my son because the old one was under-powered for a job I needed to do for a client. I was thinking how well it had gone on my first full day using the new one.
Then imagine my horror when the phone rang and I was told that my computer had been identified by Microsoft as transmitting malware. The caller knew my name as well as my phone number. His phone number was “Unavailable”.
To check what I could I said I had 3 computers here and asked which one was causing the problem. He told me it was the one running Windows 7, which of course sounded as if it could be my new machine. Of course, in the cold light of day it could have been any one of hundreds of thousands of PCs all over the world. But in my initial panic that didn’t immediately occur to me LOL.
Nevertheless I was still very doubtful, so the heavily accented voice told me he would prove it was my computer causing the problem by telling me my PC's license number. All I had to do was sit at the keyboard and press the Windows key and R at the same time and then enter some commands he would advise me of.
Immediately alarm bells started clanging loudly as I had visions of welcoming some hacker into my PC, then having to tell my son that all his hard work had been destroyed.
I had no intentions of typing any commands so I said I had an IT person (my son, although I didn't tell him that!) who dealt with anything technical. The caller said he needed to speak to the IT person and when I said he was at lunch the guy got angry with me, said I was wasting his time and put the phone down.
A quick Google tells me that the “Windows key and R” just opens the Run command and is harmless, but obviously the danger is in whatever commands he would have then asked me to type. The Google search shows that many other people have been targeted by this scam, and it's probably not just being perpetrated by the one person.
Most people in the discussion above realized what was going on and just “played with” the caller, not taking it any further. But these are computer savvy people who know enough about being online to be wary and to post warnings in forums etc.
Given that I gave this caller more than the one minute when common sense should have told me to just hang up I can't help but wonder how many people have been taken in by it. Looking on the above discussion the earliest date is August 2012, so for it to be still in operation the scam must have some success rate!
What's the point of the “Windows Key and R” scam?
I'm still not sure, to be honest. Guesswork suggests that at the simplest it could be someone trying to frighten PC owners into buying anti-virus software or “security services”. At worst it could be someone implanting Trojan software onto your machine that does all manner of terrible things.
Personally I use the free Microsoft Security Essentials software to do regular scans of my PC. It's free and was recommended to me several years ago by the person who did one of my early websites.
If this was news to you (and maybe even if it wasn't!) please share this information so that family and friends don't get taken in by it.
PS I created the Scam Warning logo in 10 minutes using Logo Creator, which is now saving me time and money by being able to create my own unique banners and images. Click to learn more.