Phone Scam – Microsoft Imposter


We have had several calls the past few weeks from clients stating that Microsoft called them offering to help them clean their systems to some errors which were being reported.

The demographic appears to older citizens, retired, little to no computer knowledge. Where they are obtaining the lists of contacts is still unclear.

The scam begins with the folks stating they are with Alpha PC Care and are partners with Microsoft. They inform you that your system could be at risk and if you will run a simple command than you will see the results for yourself.

The company we have identified is called:
Alpha PC Care

347 709 5945 – United States
360 450 3952 – United States
0203 239 1998 – UK

Our calls to the numbers listed went unanswered.

A recent client stated:

“Had me pull up run box and type in “inf virus.” He then informed me any file that ended in pnf was a virus and wanted me to purchase a “security protection” package.”

To be clear, a PNF file is a System-maintained configuration file that is created when a .INF file is run; stored in the %Windir%Inf or %Systemroot%Inf folder in Windows.

The Scam:
For those that are willing, they will offer to clean your computer system after you purchase the protection package.

A remote control session is started so they can gain access of your system and help with the “fix”.

They do in fact use real cleaning and optimization tools such as CCleaner and Malwarebytes, but in addition they load a custom software package that is also a key logger. The real purpose in addition to obtaining your credit card information is to mine as much personal data as possible for the purposes of identify theft.

If you have been scammed?  

Don’t panic. The sooner you realize you have been scammed you should follow the following guidelines.

  1. Cancel the credit card you used to pay them (contact your financial institution and report it lost or stolen)
  2. Power down the compromised system and disconnect from the internet. 
  3. Using another computer that is known to be infection free, change all your password that you would have used on the compromised system. Change your email, banking, and any other critical online passwords.
  4. Contact a local pc repair company like PrremierePC to help disinfect, clean, and optimize the compromised computer system.

In many cases if you act fast enough, you will suffer no additional loss and be in the clear. Timing is crucial.

Final Thoughts:
It is very unlikely that Microsoft will contact you or that unless you are engaged with a computer monitoring service like PremierePC offers that anyone will be contacting you to alert you to issues. Even when Microsoft has known security flaws they push out updates instead of calling the millions of computer owners around the country.

Never provide any access to your computer unless you are certain of who you are dealing with and have in fact asked for help to begin with.

Prevent computer infections by having a top rated anti virus product like Panda Endpoint, Eset, or Vipre.