Skip to content

The Blue Screen of Death

A new iteration of the tech support scam takes over your whole screen

Blue Screen of Death

Travis Rathbone

Experts say pop-up screens that warn a computer user of a malware or infection is never legitimate.

Sue Sirotti, a 66-year-old retired teacher from western Michigan, was browsing websites when her computer screen suddenly turned blue. A loud voice came through the speakers, telling her to call the provided number to speak to a Microsoft technician.

It was a terrifying moment. No matter what she tried, she couldn't quiet the blaring electronic voice or get past what looked like the "blue screen of death" — a term from the early days of the Windows operating system, when a crash led to a blue error screen telling you to shut down. But in this case, the screen said the opposite — do not shut down.

Out of desperation, Sirotti finally called the toll-free number and spoke to a pleasant-sounding technician. He said her computer had been infected with malware; she should shut it down and take it to a certified Microsoft technician for repair. It would take a week to fix and would cost roughly $350.

Sirotti's reaction: I can't be without a computer for a whole week! No problem, replied the technician; we can repair your machine today, remotely, for $250. Reluctantly she agreed and gave her credit card number. Hours later, the blue screen was removed.

Throughout the transaction, Sirotti said, a small voice in her head warned that this was a scam, but she couldn't see any other way out. She even asked the technician if she was being scammed. "No, but you are asking all the right questions," he replied.

She may have been asking the right questions, but the technician was lying about the answers. Sirotti paid $250 to repair a computer that had nothing wrong with it.

Anatomy of a Tech Scam

Sirotti became a victim of the latest version of a time-tested ploy: the tech support scam. In the more familiar version, a stranger claiming to be from Microsoft calls on the phone. He tells you there is a virus on your computer and instructs you to log on to a website that will allow him to take control of your computer and run a series of bogus diagnostic exercises. Often he installs malware on your computer, then charges you to remove it.

While such calls still happen, most computer users today know to hang up when they receive them. But as is true for all effective scams, the pitch has evolved to work around the increased awareness.

Enter companies like Client Care Experts and more than a dozen others, many located in Florida, that have figured out how to get customers to call them. How? By installing bogus pop-up warnings on your machine.

Client Care Experts, at its peak, had hundreds of salespeople working in an inbound call center in Boynton Beach, Fla. An AARP investigation reveals that many of the employees had had run-ins with the law, and that they were not trained technicians.

Tape recordings of sales calls obtained by the Florida attorney general's office showed how salespeople were instructed to gain the caller's trust by claiming they were affiliated with Microsoft, and that they could diagnose the problem for free. Then, when they inevitably "found a problem," they were instructed to suggest sending the consumer to a retail outlet like Staples, Best Buy or Office Depot that had onsite technicians. This helped to reduce consumers' suspicions.

Sirotti was skeptical at first. But when the technician said he wasn't going to charge her for a diagnosis, that put her mind at ease, she said. But sales scripts obtained by AARP show how salespeople persuade their victims to sign on for their "services."

One part of the script instructs the technicians to say: "A far more convenient option is what's called a remote session. Instead of bringing your computer somewhere, paying $300 to $350 and waiting three to five business days, with a remote session, it will be serviced today."

Salespeople then explain that the remote session will take four to six hours and cost just $250. The script also calls for offering an ongoing protection service for $24.99 a month.

Blue Screen of Death

Travis Rathbone

A recent study by Stony Brook University found close to 9,000 domain names that were affiliated with tech scams on the web.

Pop-up Technology

But how do scammers get the targets' computers to freeze up and display the blue screen of death? There are a few ways:

Software download. When computer users click on an ad for free software, such as "Free PC Cleaner," they might also be sent  malware. "The software can be programmed so that every two hours, a pop-up will appear telling you how badly infected your computer is," says Jeffrey (a fake name), a boiler-room technician who provided testimony to the government about tech scams.

"Malvertising". Malware sometimes gets built into ads that may look benign but actually contain "cloaker" programs — "a piece of software that hides your true ad," Jeffrey says. Scammers apply to an online platform with a legitimate-sounding ad. However, "they use a cloaker to cover up the real ad," Jeffrey says. So unbeknownst to the online platform or the user, a fake blue screen shows up on the computer.

Bogus websites. Scammers also will purchase thousands of domain names that are misspellings of common websites (for example, This is called domain squatting or typo squatting. When you inadvertently misspell the web address, you are taken to a scam site that will redirect you to a tech support scam.

A Shockingly Pervasive Problem

Nick Nikiforakis, assistant professor of computer science at Stony Brook University in New York, recently copublished a study that found close to 9,000 domain names that were affiliated with tech scams on the web. "This approach of luring people in with fake domain names and pop-ups is one of the hottest scams on the web right now," he says.

The Client Care Experts case was one of a dozen actions brought during the past three years by the Florida attorney general's office. Officials say Client Care took in more than $25 million from 100,000 victims before it was shut down. Law enforcement officials say that shutting these companies down is like playing a game of whack-a-mole — one bogus firm closes, and many of the employees just go to work for another company.

A recent Microsoft study showed that a whopping 4 out of 5 Americans reported having had some contact with a tech-support scam. More than a third continued interacting with the fraudulent organization, and about 1 in 5 lost money.

Discover financial freedom with AARP The Magazine’s Special Money & Retirement Issue. Read it online now

Join the Discussion

0 | Add Yours

Please leave your comment below.

You must be logged in to leave a comment.