The scam always starts the same way: the phone rings at someone's home, the caller asks for the computer owner, quoting their name and address before saying "I'm calling for Microsoft. We've had a report from your Internet service provider of serious virus problems from your computer." Dire forecasts are made that if the problem is not solved, the computer will become unusable.
To make the case that the PC showed signs of malware infection, the user is instructed to open the Windows Event Manager, where the numerous error messages are touted as evidence that the system had been compromised. [Note: The event viewer does show error messages, but not directly related to an infection. Almost all computers have errors in the log files, especially if Windows has not been re-installed lately and is running a lot of programs.]
The computer owner is directed to a website and told to download a program that hands over remote control of the computer, and the caller “installs” various “fixes” for the problem. Then it’s time to pay a fee for a “subscription” to the “preventative service”. [Under no circumstances should you provide the caller with credit card information]
The only catch: there was never anything wrong with the computer, the caller is not working for Microsoft or the internet service provider, and the owner has given a complete stranger access to every piece of data on their machine.
Such scams are unusually successful as they are a type of social engineering attack, which succeeds not through attackers' technical sophistication, but rather by tricking people via smooth talking and playing on their fears. So if you did let them into your computer. We highly recommend that you do both of the following immediately:
Microsoft does not make unsolicited phone calls to help you fix your computer.