5 years on, Windows Event Viewer scam still operating

Cold calling scam emerged in 2009

Hang up on Event Viewer scammers, says the ACCC.

Hang up on Event Viewer scammers, says the ACCC.

A cold calling scam called Windows Event Viewer or `eventvwr’ is still targeting Australians, five years on from Computerworld Australia’s 2009 investigation.

The scam involves telemarketers who claim to be associated with Microsoft calling up unsuspecting users in Australia from an offshore call centre. The scammer than claims that the user’s computer has a virus and that they can remove it for a small fee.

The user is than asked for their details so that the scammer can gain remote access to the victim’s PC.

Once the cold caller has gained access they ask the victim to test the new system by using the Internet and typing in data such as their bank account details.

According to Victoria Police, the scammer can than access passwords and account details before transferring money out of victim’s accounts.

“It is at this stage that spyware is often installed and personal information can be stolen by this software for months to come,” said Victoria Police senior constable Adam West in a statement.

“Microsoft does not make cold calls and people should hang up on unsolicited calls."

West warned consumers not to give out their credit card details or give anyone remote access to their PC.

“If you feel that your computer has been compromised or has a virus then we suggest that you take it to a reputable computer repair shop."

He added that anyone with information about similar cold calling incidents can contact Crime Stoppers on 1800 333 000 or visit its website.

The Australian Competition and Consumer Commission’s (ACCC) SCAMwatch website provides a number of tips for people to avoid being conned by the cold callers.

“Don’t accept anything at face value, if it sounds unlikely or too good to be true, it probably is,” said an ACCC spokesperson.

“If you’re being pressured to act, disclose personal details or send money to a stranger, it’s almost certainly a scam. Never respond. Just hang up and report it to SCAMwatch.”

For more information about the Windows Event Viewer scam, consumers can also visit Microsoft’s security page.

An Australian Communications and Media Authority (ACMA) spokesman said the number of complaints to the Do Not Call Register operator relating to PC Virus/Microsoft impostor calls has "been steady for several months."

However, he added that there is twist on the scam which meant some cold callers claimed to be associated with Telstra or Bigpond. ACMA posted an alert about this on its Facebook page in March 2014.

Have you been affected by the Event Viewer scam? Let us know below!

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Read More:

Tags Windows Event Viewer scamscams and hoaxesscamsMicrosoft Corporation

More about Australian Communications and Media AuthorityAustralian Communications and Media AuthorityAustralian Competition and Consumer CommissionAustralian Competition and Consumer CommissionFacebookFTCMicrosoftWest




I receive about 1 of these a month and love stringing them along, asking them to repeat things, pretending I'm typing stuff in. Make them spend as much as possible on overseas calls before they realise I'm the one scamming them!



I also get about one of these a month. I have become better at stringing them along. I usually keep them going for about 20 minutes. Early on they used to sus me our early because I would only pretend to do what they said. Now I have a VM of Windows (I actually use Ubuntu-Gnome) and do what they say pretending to be concerned about my “Windows problems”. I cooperate right up until they ask me to run the downloaded file. After I pretend to run it, they ask me what I see on screen. Then I give them my spiel as follows.

“A window has popped up filling the screen. It has a large warning message on it. I'll read it out to you.” All said in a bewildered tone.

“This is a message from the Australian Federal Police and INTERPOL Crime Investigation Unit. Our recently installed software has forwarded to us details of your caller...”

The last caller interrupted at this point saying “Close the window. Close the window!”

I said that it won't let me and the message continued to read the “message”...

“Your caller is a criminal trying to get control of your computer. For your safety your computer cannot be rebooted for ten minutes.”

I was expecting them to immediately realise they had been counter scammed but on three occasions they have sounded somewhat worried. Perhaps just enough doubt in their minds to cause them concern for a while.

A previous caller who realised I was wasting his time retorted “well your wasting your time too” to which I told him “but I enjoy doing it.” to which he slammed the phone down.



I regret never being able to string one of these people along. Mum would pick up the phone, realise who it is, and just swear her head off at them.



Microsoft support called me to help me with some error messages and possible virus. Just call me from 767 275 9067. Had me open the RUN screen. Wanted me to type EVENTVRW into the open line. As I was reading scam reports on this he eventually hung up. From India

Comments are now closed

Microsoft at a loss over Event Viewer scam