Windows Security and the W3C Validators Telephone Scam

Just had a telephone call from India telling me they were representing the Windows Security Centre and that my Windows Inique ID had been shared with up to 4 other people, that my computer had been hacked and that my operating system would soon be switched off!

At first I thought that this was the old ZFSENDTOTARGET CLSID scam which I blogged about in 2010, but no, they have a faster way to scam you!

Today the scam ran as follows:

  • I was told the above – i.e. that my Windows ID had been hacked and I Microsoft were about to block my operating system in 18 hours time. However, they could fix it.
  • I asked the lady if it was illegal to have my Windows ID used by 5 other people, and she told me yes, it was. So I asked her to block it immediately and to be extra safe, I will throw my computer in the bin and buy a new one.
  • Once I agreed to use their services I was transferred to a 2nd person, this time a man who was apparently an engineer. He explained it all in much more detail. I asked how much it would cost, he could not tell me. He did say it would cost “29”, and after some encouragement he said “£29”, but that was the minimum price, the total price depended on how many errors I had. He then transferred me to a third man.
  • The third guy asked me to “open a Google page” and then in the Google search box to type “W3C validator“. This leads to the first result being
    • Note: is used by web designers to check that all their code is compliant with current HTML standards. If you put into it you will see “23 Errors, 4 warning(s)
  • One the W3C is opened you are asked to enter your email address – yes, suddenly all the errors are in the email! Doing so in my case resulted in 14 errors, 1 warning. By this point  I was bored and told the man I had “25 million errors”. He said “25 errors?” and I said “no, 25 million” to which his response was “oh dear, that is really bad”. I was then told that this meant that my email account had also been hacked.
  • I then begged him to fix it, and tell me how much it would cost. He transferred me again, to the fourth man.
  • The 4th person turned out to be the 2nd person again. He told me I had a lot of errors, to which I replied “no I don’t, the W3C validotor is used for validating the HTML on websites and has nothing to do with my email account“. This did not deter him!
  • I asked again how much? and he replied “29 euro dollars”. To which I said “what??? dollars????” and he said “sorry, sorry, sorry, sorry, I made a mistake, I mean pounds“. Phew!
  • I then noticed that it was time to get my son from playschool, so said “bye, gotta go”.
  • I got as far as the front door and the first lady (not Obama’s wife) phoned me back to say she had my new Windows code. I said “thanks, please email it over, your colleague has my email address – I put it into your error tool” and hung up. They did not call back.

So, a new scam circulating. Sounds like the same people (Indian call centres) being used to sell dodgy software or services which will likely cause a lot more harm than good.

Remember: Microsoft will never call you.

The W3C Markup Validation Service

Note: a tool for web designers only, not for checking errors on your computer or email account.

wc3 validor scam

  5 comments for “Windows Security and the W3C Validators Telephone Scam

  1. nicole
    June 23, 2013 at 6:27 pm

    same thing was happend to me yesterday. did you have any virus, keybloggers or other bad things ledt since the indian calls ob your computer?

  2. Snelvis
    March 27, 2015 at 7:51 am

    My internet was corrupting the neighbour hood so he was going to disconnect it tomorow .
    All bullshit I I got him to google ” validator phone scam” and he read out what he saw on the screen, he says ih no no
    No that’s not us that’s another validator.

  3. Bob
    May 13, 2016 at 1:59 pm

    Phone call today.
    First he asked me to run the command eventvwr, although saying, I am not working on an Windows Computer.
    Then he asked me to check my the Email address on the W3C Markup Validation Service, by getting 15 Validation Output errors.
    “You see, your Computer is infected!”, he said.
    Did he want to make me really scared with the red and blue dots on the screen ?
    This is not serious I mentioned. I do not trust him and I am not interested in his services.

  4. Alan Crombie
    June 15, 2016 at 11:02 am

    They were at it again today (15 Jun 2016) – no caller id, first guy gave the name John but sounded Indian, the second guy gave his name as Mark but sounded Scouse. Quite intrusive background noise but they insisted they were from BT and “Here to help!” though got a bit confused as I didn’t let on I was using an iMac

    Got the full bhoona – I was corrupting everyone on the same exchange, my email would fall over etc etc just about everything IT-ish apart from Hell freezing over. Got sent to Google “Validator” then to click on the W3 Validator but been there and done that – for real!.

    So …

    Kept them going for almost ten mins before I couldn’t stop laughing at the thought I was wasting their time while I was drinking coffee and eating a biscuit and having a laugh and elevenses.

    It would be good for a giggle if there weren’t folk likely to fall for the scam. Roll on the end of anonymous phone calls!

  5. HD
    September 9, 2016 at 8:19 pm

    They texted me a messages saying my email had been accessed from Pakistan and Belgium and to call. The man got very exasperated when I couldn’t access the web during our call and told me to stay on the line. I promptly hung up, as customer service reps are always far more polite than scammers.

Leave a Reply

Your email address will not be published. Required fields are marked *