Don't fall for the Microsoft Windows scam

Lobster telephone in Lego

The phone rings and it is Rihanna. I am really excited. Even if I couldn't hum a single one of her songs, I know she is dead famous! And she features on all those websites where you can waste all day reading about celebs and their antics.

Why is she calling me? Does she want investment advice? Is she the victim of a scam?

Within a second or so, I am back down to earth. This Rihanna is a woman working in an Indian call centre – there's the usual buzz in the background. And she's not a Rihanna at all, because they are all told to take on Western sounding names. Perhaps she had a sense of humour in selecting her false identity.

But I had to listen to her because she said this was "an emergency call"! What's happened? Is someone hurt? Has there been an accident?

The emergency turned out to be less dramatic. Rihanna said the urgent call was from Windows Care Support and it was to alert me that her organisation had received notification that my computer had been hacked.

How could she know that – unless she was hacking into my computer herself? The answer, she claimed, was that my computer identification number was registered with Microsoft. She informed me that every computer had a "secure licence ID number" and that it was so confidential that only the owner of the machine and Microsoft could possibly know it.

It was automatically matched up to a list of machines that had been compromised. Therefore, I had received her emergency warning call.

"So if these numbers are so confidential, how do you know them? And how is my phone number linked to my computer?", I asked.

I did not get any answers to these questions, let alone any response when I told her that my computer does not run on Microsoft Windows. This is true – my operating system is Linux-based, so even with the best will in the world Windows would be of no use.

In any case, despite my queries and objections, she just ploughed on with her script, telling me of the horrors that could arise because my computer was no longer safe. And she added that the problem could have easily spread to every computer in the household.

This was frightening stuff. But Rihanna reassured me that she could solve my problems.
"I can fix the errors and notifications provided you help me do this." Helping Rihanna would involve turning on the machine, and allowing her remote access, a legitimate operation only when you can totally trust the person on the other end who is helping with your computer.

I told Rihanna that I found it all very hard, if not impossible, to believe. She suddenly became remarkably frank. "Most people don't believe it. They don't want to believe it. But those who trust us have a problem-free computer, while those who don't will have to live with all the hacking and a huge number of viruses."

Despite her assertion, I obviously did not believe a word of this because it is such a well-established scam. It has nothing to do with Microsoft (who are rather fed up of dealing with this continuing racket) but everything to do with putting malware, such as a virus, on my computer via the remote access and then charging me £199 to remove it.

Loads of people sadly do believe it – especially older folk who tend to be less cynical than youngsters – and they pay their money for about five minutes' work in putting on the evil stuff and then removing it.

I asked her for a business address. She provided me with one with a postcode in Bristol. This turned out to be a block of studio flats which Bristol University uses as accommodation for students and others who need somewhere to stay for between three weeks and a term. Rihanna claimed she was studying for a part-time masters degree.

Finally, I said: "Do your parents know what you do for a living? Do you think they would be proud or ashamed of a daughter who tries to swindle Europeans, often elderly people?"

She chose to remain silent and then terminated the call.

Revealed: The 10 most common scams
See Gallery
Don't fall for the Microsoft Windows scam

More than 12 million pieces of personal information were illegally traded online by identity fraudsters in the first quarter of 2012 alone, according to data from Experian CreditExpert - outstripping the entire of 2010.

The vast majority (90%) of this illegally traded information is password and log in combinations - a result of the spiralling number of online accounts many of us now have. Research shows the average Brit uses around five different passwords online, but with an average of 26 different accounts each – this is nowhere near enough protection.

"Using a different password for each account will minimise risks, but if password information is stolen from a website, all accounts using the same details will be compromised, and this information can spread among fraudsters rapidly," warns Peter Turner, managing director at Experian Consumer Services in the UK and Ireland.

Step up your account protection with this guide to choosing a secure password.

Credit and store cards continue to prove particularly attractive to fraudsters and 2012 year has seen 73% surge in the takeover of plastic card accounts by criminals with nearly one quarter of all identity frauds, and 36% of all account takeovers, taking place on these cards.

Richard Hurley, communications manager at CIFAS explains the threat: "Whether it is through using an innocent party's details to open a new account in the victim's name, or hijacking the victim's details and taking over existing accounts, the modern fraudster will continue to pay specific attention to credit and store card accounts as an easy way of obtaining funds and goods, while leaving someone else to pick up the bill."

Be vigilant with your cards and follow our tips to protect your plastic through safe online shopping.

As if the mis-selling of payment protection insurance (PPI) wasn't scandal enough, 2012 has seen fraudsters preying on PPI victims. Consumers have received phone calls from someone who knows their name, announcing that they have won their PPI claim. The caller may also know the lender's name and an estimate of the loan amount.

However, the caller will then request a payment from the consumer in order to receive their compensation. This should signal warning bells, but many innocent victims have fallen for the scam and parted with money only for the bogus firm to disappear with their cash, and of course the compensation that never existed.

Consumers should be wary of all cold calls, particularly those that request cash upfront. There is no need to pay to make a claim for mis-sold PPI – you can claim direct to your bank for free and receive free advice from debt charities like Citizens Advice and the Consumer Credit Counselling Service.

If you do choose to take on the assistance of a claims management firm – never agree to an upfront payment. Reputable firms will only request payment for their services once you have received your compensation from your lender either by cheque or by payment into your bank account.

Phishing – when an unsolicited email arrives in your inbox requesting details to your personal accounts – continues to rise, leading to a surge in online banking fraud. Online banking fraud losses totaled £21.6 million during January to June 2012, according to CIFAS - a 28% increase on the 2011 half-year figure.

The emails trick customers into visiting fake banking websites – often made to look startlingly similar to the real thing - and disclosing their online banking login details. Online banking customers are also being tricked into divulging their bank login details and passwords over the phone to someone they believe is from their bank but is actually a fraudster.

The key point to remember is that banks will never contact you by phone or email and ask you to disclose your details, so always beware correspondence of this nature. Consumers should also be cautious of emails purporting to be from government bodies such as HMRC, or other financial accounts, such as Paypal.

There were over 50 different scams known to the 2012 Olympic Committee, with fraudsters cashing in on the good-natured spirit of the Games and nationwide scramble for tickets. The vast majority of scams took the form of phishing emails – purporting bogus job offers; prize draws; lottery wins and complimentary tickets – all with the sole purpose of duping consumers into sharing personal details or parting with cash in order to claim prizes.

Official tickets for the London 2012 Games were only available for purchase through the London 2012 website and appointed ticketing partners, so any other sources were offering fake or non-existent tickets. As for competition prizes and lottery wins – consumers should remember that it is impossible to win a competition or draw that you did not knowingly enter and that if a prize seems too be good to be true, it probably is.

Insurance is an incredibly complex area of personal finance and different forms of cover are riddled with different hitches that make it crucial to read the small print. Failure to do so could lead you to pay for a product you would be never be able to claim upon, or unknowingly do something that invalidates your claim.

Always buy the right level of cover for your needs and pay close attention to any exclusions in the policy wording. For example, many travel insurance policies for winter sports won't pay out for treatment of injuries incurred while under the influence of alcohol.

Surely the lowest of the low, charity donation fraud – when fake charities play on our sympathy by requesting donations to a worthy cause – is on the rise. Donation requests come in the form of unsolicited emails; phone calls; house visits or being approached in a public place. In many cases, donation requests are linked to a high-profile event, such as Hurricane Sandy that wreaked havoc across America last month.

Either the charity that the fraudster has asked you to donate to doesn't exist, or they are misusing the name of a genuine, often well-known, charity and pocketing your money.

Don't let fraud risks put you off donating – just make the necessary checks to ensure your money is going to the intended cause. Genuine charities are registered with the Charity Commission and print their registration details on all documentation, collection bags and envelopes, so check these details exist and if in doubt, contact the Charity Commission to confirm that they are authentic. Call the helpline on 0845 300 0218 or check the online charity register by visiting

Cases of cash machine fraud, where a device is used to trap money inside the ATM machine, have increased more than 15-fold in London in the past three months. Reported incidents have risen from 150 across the UK in May, to 2,500 in London alone in August, according to figures from Link and London's Dedicated Cheque and Plastic Crime Unit (DCPCU).

Criminals insert a device called a cash claw behind the guard on the cash drawer of an ATM. The device is undetectable to the public, who use the machine as normal until their cash fails to eject.

"The machine goes out of service and then the criminal comes along, forces open the drawer using a pair of pliers or a screwdriver, forces the device out of the cash machine, bringing the customer's money with it," explains Detective Chief Inspector Dave Carter, head of the DCPCU.

Customers are advised to immediately report any banknotes undelivered from cash machines.

Rogue property developers selling land that they claim has great investment value, when there is little or no chance of it ever being developed, are on the rise again this year. Investigations have lead to a number of convictions in 2012, yet consumers are warned to be remain wary of this big money scam.

Land banking involves plots of land offered for sale, often online, with the promise of sizable returns when planning permission is approved for housing or other development. Yet often the land is located in areas protected from development by planning law.

The companies involved soon disappear with investors' money and as the firms are not protected by the Financial Services Authority, their funds are not covered by the Financial Services Compensation Scheme.

In October, PhonepayPlus (the UK's premium rate telephone regulator) fined two firms a total of £450,000 for running a series of voucher scams on Facebook.

The scams, which claimed to offer free vouchers and supermarket gift cards for Tesco and Asda, resulted in members of the public signing-up for expensive premium-rate phone services.

The scams relied on Facebook users innocently sharing or liking the voucher promotions on their status, which included the promise of a voucher worth up to £250 for major retailers. After clicking on the promotion consumers were duped into participating in premium rate competitions, which involved questions sent to their phone at a cost of £5 each.

Read Full Story