Microsoft at a loss over Event Viewer scam

Australian chief security advisor proposes potential changes to Indian legislation

Microsoft Australia has admitted an inability to effectively shut down an Indian-based telemarketing scam which offers users of its Windows operating system virus protection.

The scam, known as Windows Event Viewer - or simply 'eventvwr' - involves telemarketers requesting the recipient's authority to run a Windows program by the same name in order to fix bugs in the operating system. Other callers claim they can remove the virus for a fee and ask for people's credit card details.

However, the telemarketers only charge the credit card for the amount the customer agrees to and, according to the vendor's research, do not use the card details again.

The scam has been rampant, however, with an initial investigation by Computerworld Australia into the issue in 2009 remaining one of the most active threads on this publication's website.

A global fight against the issue, which appears to have grown in its effect on users, became heated in March when the Australian Communications and Media Authority (ACMA) issued a warning it would impose fines of up to $110,000 on telemarketers which refused to abide by the Do Not Call register.

However the threat was somewhat toothless; as most of those responsible in India, ACMA is unable to fine telemarketers directly involved with the threat.

Microsoft Australia's chief security adviser, Stuart Strathdee, told Computerworld Australia that the vendor was working closely with ACMA and the Australian Competition and Consumer Commission (ACCC) on the issue, but the differences in international law prevented direct action.

"They [ACMA and ACCC] are experts in consumer protection and they also have a wealth of depth in their views on international law," he said.

"The difficulty that we have here [in Australia] is that because the telemarketers seem to be based in India, there are some intricacies of the Indian law which suggest they may not be breaking any laws there.

"Even if they are breaking some consumer laws in Australia, trying to prosecute anyone under Australian law in India is exceptionally challenging."

Strathdee said the vendor has worked with law enforcement agencies across a number of states in the past two years to get clarity on what laws the telemarketers may be breaking.

"We've also had talks with our legal teams in Asia Pacific and counterparts in government to work out what we can and can't do," he said. "We may need to work with the Indian government to have some of their laws changed to create further protection and also make prosecution easier."

Strathdee said at this stage, the vendor was still determining who it could work with in India to highlight the issue and suggest law changes, however, there remained little expectation that any effective changes to legislation would be enforced there.

"What I do know is that from an enforcement perspective in Microsoft, we've been very active in trying to track down people who have used our logos without permission or tried to represent themselves as having an alignment to Microsoft," he said.

Since telemarketers weren't impersonating Microsoft employees or claiming to be from the company - instead mentioning key brand names such as Windows Vista or XP - they were treading a "fine line" on the case.

"It's not just Australia that has been impacted by this," Strathde said. "As the problem has continued for the past few years and we start to apply the blowtorch to draw public attention to it, the scammers focus their attention back to the UK and than sometimes as the press picks up on it there they will shift again to the US."

Srathdee added that security support for the scam was free and it could help customers if they had any concerns about the security of their computers.

Locally, Microsoft has been active to stamp out unauthorised attempts to offer unwarranted support to users for its operating system. In March, the company won a copyright infringement lawsuit against a Queensland-based technician who had owned and operated two domains based on the Windows trademark.

Have you been affected by the Event Viewer scam? Let us know below!

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags MicrosoftscamsWindows Event Viewer scamtelemarketingeventvwr

More about Australian Competition and Consumer CommissionAustralian Competition and Consumer CommissionMicrosoft

Show Comments