Windows Security Phone Scam Now Targeting Sweden

Earlier today, I was sitting at home working on a Linux server that was compromised while suddenly, I hear my home phone ringing. Actually, someone has been calling me and just hanging up around the same time everyday for three or four days now. I thought that it was just some telemarketing company profiling me to figure out if I’m home or not, but this time it was different.

When I picked up the phone I heard this guy introducing him as a technician from the Windows Security Support Department. The connection was VERY bad and I could not hear everything he said, I don’t know if this was intended or not.

When I started to talk to him he asked me in English with a indian accent if I had a computer at home, and of course I said “yes”. Then he started to explain that my computer had been compromised and that my firewall was just protecting me against external threats and not internal threats. At this time I knew that something strange was going on, and I started to ask more questions about the malware and trying to get more information about them, then at this point he immediately hung up the phone.

Just after he hung up I realized that this was one of those scams where they trick people to install Remote Access software to be able to control the machines. Once they got access to the machines, they install rootkits and obtain full access to your computer.

In the outside world, I this is quite an effective scam because they called me during the day, and I guess the people who are at home by this hour are not your average security researcher from Kaspersky Lab but maybe people who are sick, or the elderly.

I want to warn everyone about these cams, and at this time I can confirm that they are currently attacking Sweden. Previously, such scams appeared to target UK/US users mostly (, but it seems their business is expanding.

Please let us know if somebody calls you and claims they are from “Windows Security” (or such) and asks you to install remote access software. Most important of all, do not install the software which they recommend!

Windows Security Phone Scam Now Targeting Sweden

Your email address will not be published. Required fields are marked *


  1. Duncan Pennington

    Just had a scam call (I’m in the UK) from an Indian team telling me my internal mother security had expired and I needed to install some software to clean my system. Luckily I smelled a rat as soon as money/payment was suggested. It was pretty convincing stuff though.


APT trends report Q3 2022

This is our latest summary of advanced persistent threat (APT) activities, focusing on events that we observed during Q3 2022.

APT10: Tracking down LODEINFO 2022, part I

The first part of this report will provide technical analysis of the new infection methods such as SFX files and DOWNIISSA, a new downloader shellcode used to deploy the LODEINFO backdoor.

Subscribe to our weekly e-mails

The hottest research right in your inbox