A company called me and told me that my computer was infected with malware

This is a scam that has been observed for some time. The callers usually claim to be from Microsoft but occasionally impersonate support staff from companies. More information can be found under the heading "Current threats".

The called parties are typically instructed to call up the "Event Viewer" on their computer, with which any events and activities of the computer can be displayed. Even a properly functioning system will occasionally produce error messages. Depending on the age and configuration of the computer, the list of error messages in the Event Viewer can be very long without the system having a fundamental problem. Calling this program is typically used by the "support" callers to present the victims with a credible backdrop or to frighten them. The aim of the scammers is to persuade the called person to download a remote access tool and then allow them remote access to the computer. In this way, the fraudsters gain full access to the system and thus have the same possibilities to manipulate the computer as if they were sitting directly in front of it. Finally, most attempts are made to sell the victim a software license or a service ("system cleaning" or "protection against hacker attacks") by asking for credit card information, suggesting the purchase of iTunes gift cards (or the like), or asking for a cash transfer.

It varies from case to case what these people do on a computer (copy/manipulate/delete data, install programs, set up a "back door" to access the system later or simply "spend time" to demand payment for the "service").

If you gave access to your computer, we recommend to have the computer examined by an expert or to delete the hard disk of the computer completely and to reinstall the operating system since no general statement can be made about the proceedings of the perpetrator (or perpetrators). However, it is important to back up your personal data beforehand so it doesn't get lost.

In addition, after cleaning/reinstalling the computer (or from another device), passwords should be changed for all Internet services used with it.

If you have indicated your credit card details, we recommend that you contact your credit card company so that they can block your credit card.


This answer did not help me / I would like to report an incident.



Last modification 08.05.2013

Top of page