Don’t be conned by a cold caller deploying “Windows Event Viewer”


Folks are being cold-called by individuals claiming to be a Microsoft employee. The conversation often flows like this

open Event Viewer, oh look, you have lots of  red and yellow alerts, you have a malware attack, but don’t worry, for a fee we can sort it out

It’s a con … don’t play, just hang up. Many are not taken in by this and know enough to understand what the events viewer actually tells you, but what about all those elderly parents, or aunts and uncles out there who do not have the skills to smell a rat because they are not IT professionals?

One variation is that often folks having trouble at some point, post details into an online form where they describe symptoms and also ask for help. The fraudsters tap into this and harvest details, so when called, they have your name and your contact details, thus they appear to be a bit more credible, but even such details are not necessary. Call ten numbers at random, and say you’re calling on behalf of Microsoft (and sound like you know what you’re talking about), and I bet at least one or two will take you up on the offer, and sadly that is why this scam is popular.

Now lets make this 100% clear …

If you don’t have a support issue open with Microsoft, they will NEVER ever call you

[See Link here on Microsoft site]

… so please don’t be conned by these fraudsters.

OK, lets drill into Windows Event Viewer a bit so that you can understand how this scam works.

Event Viewer has been buried inside the operating system for some time now, but don’t fret if you have no idea what it does because most folks tend not to know much about it or how to use it – with good reason, its not for you. In essence, as programs run on your PC (or laptop), they write messages into log files, so “Event Viewer” is just an application that looks across these and gives you a unified view.

Every program that starts on your PC posts a notification in an event log, and every well-behaved program also posts a notification when it stops. Every system access, security change, operating-system twitch, hardware failure, driver hiccup, and more ends up in an event log. As Event Viewer scans those logs, it aggregates them, and puts a pretty interface on an otherwise voluminous — and often deathly dull — set of machine-generated data.

In theory, event logs track significant events on your PC, but in practice, what is significant is a relative term, it might indeed be truly significant to the guy who wrote the app, but from your viewpoint, is nothing to worry about.

OK, lets take a look …

To start the Event Viewer in Windows XP:

  • Start –> Control Panel –> Administrative Tools. Then double-click Event Viewer

In Win7, it’s …

  • Start –> Control Panel –> System and Security –> Administrative Tools. Double-click Event Viewer. (Or just click Start, type event into the Search programs and files box and press Enter.)

You will see something like this …

Oh look, lots of scary looking alerts, I guess I have a virus … right?

Wrong, even the best-kept system boasts hundreds, if not thousands, of lines of scary-looking error messages. That’s normal, and does not indicate anything is amiss. This is why “Event Viewer” is hard to find; its for the techies, not you. This lack of understanding is why it is so easy to utilize it to frighten folks into paying up for supposed “warranty extensions”, or even worse, allowing them to run “diagnostic” software on your PC via remote access.

Event Viewer is not for you and me to use, it’s just for techies to diagnose what is happening, so you can safely ignore everything in it. If you experience problems, don’t accept cold-calls, instead get knowledgeable friends to assist.

If by some chance you have been scammed and let some cold-caller run some stuff on your PC …

  • STOP NOW Do not access or log into anything, get a complete scan of your PC done to look for viruses and hidden keyloggers.
  • You can find help at the Microsoft Security Essentials (info page) and Malwarebytes (site).
  • If you suspect data theft, start with the U.S. Federal Trade Commission’s Identity Theft site. There you’ll find important information about how to recover from — or at least cope with — the loss.
  • If you handed over some money, call your credit card company’s fraud reporting unit right now. Insist that you get your money back.

Final thoughts

  • Don’t accept cold-calls … ever … for anything, no matter how smooth the patter is.
  • If you have been conned, don’t beat yourself up and get all embarrassed about it. These folks have made a profession out of parting you from your money, so report it.
  • If somebody gets as far as talking you into opening up Event Viewer, do not allow yourself to be conned with lots of scary looking messages, you can ignore them all, its safe to do so.

Leave a Reply