Hello, It’s Google Calling – NOT

Senior man talking on phone and using laptop

For years, I’ve been preaching about phone calls and pop-ups that purport to be from Microsoft and/or Apple. It’s been over three years since I first posted a video warning about these scams. (See the video below. If you’ve never watched it, you should.) Since that time, I’ve written Question of the Week emails about this issue, I’ve preached about this scam at seminars and webinars and I’ve posted warnings here on my blog.

Today, I’m adding another company to the list of names used in this bunco – Google. Yes, Google. For the record, Google will NOT call you and tell you there are issues with your computing device. If someone calls claiming to be from Google, hang up the phone! If you do talk to them, whatever you do, don’t let them onto your computer!

Unfortunately, that’s exactly what one of our customers did a few days ago. Someone called them claiming to be from Google and told them there was an issue with their account. In a panic, our customer allowed the person on the phone access to their computer. He then showed her all the “bad” things on her computer and offered to clean them up for a fee, of course. At this point, she hung up and called us.

The person calling our customer is a scam artist and was using Social Engineering in an attempt to take her money. This person and others like him, will say or do anything to convince a computer user to purchase their (worthless) service. Two rules: 1) if you receive this kind of call, hang up; 2) if you disobey rule #1 and stay on the phone and listen to their pitch, do NOT allow them onto your computer no matter what they say.

You might be wondering what the “bad” things were that this scammer showed our customer. Generally, there are two places these crooks will either guide you to over the phone or, if you make the mistake of letting them onto your computer, they will show you on the screen.

On a Windows computer, one such place is the Administrative Events log. Once there, you might see something like this:

Screenshot of the Administrative Events log.

When this is brought up, the person on the phone will suggest that this is proof that there are major problems on your computer. They’ll point out the error events and scroll up and down the view to show you how many of these there are. Only one problem: this event log always has errors and warnings. There are things going on in the background on your computing device and they sometimes “collide” causing temporary errors and warnings. A brand new computer that we set up in the shop will have errors and warnings in this log even as we are setting it up. This is normal! There are other logs on your computer where these kinds of events DO mean something but this log isn’t one of them. Still, when you see it, it’s scary, isn’t it? That’s what these thieves are counting on – causing you panic so you’ll do something stupid. (Something stupid=letting them onto your computer and/or paying them money.)

The second place these crooks like to show you is this:

Screenshot of Netstat -a (active connections)

I’ve added a red arrow to highlight the “Foreign Address” column. If the person on the phone can get you to this screen, they will tell you that there are hackers on your machine or that hackers have been on your machine. They’ll usually tell you the hackers are Russian or Chinese or North Korean. You get the picture. Of course, these are all lies. In this instance, the word “Foreign” means anything outside of your computer. If you are on our website right now and you ran this list, you would see a foreign connection to our server. This is normal!

In conclusion, I’m going to modify what I preach all the time (and put into every Question of the Week email): Microsoft, Apple and/or Google will never call you out of the blue; they will never cause a pop-up to appear on your device directing you to call them because your computer is infected, etc.