🎣 Don’t Take the Bait: Outsmarting Scammers Who Seem to Know You

Author

Ivan Roganov
April 29, 2025

A few years ago, I got a call that stopped me in my tracks.

“Hi Ivan, I’m calling from Microsoft Support. We’ve detected suspicious activity from your Windows computer, and it looks like your IP address has been compromised. Are you near your device?”

The caller knew my name. He referenced my operating system. He sounded calm, professional, and just concerned enough to make it seem urgent—but not pushy. It wasn’t the usual scam.

For a moment, it felt real. But after years in tech, I knew the truth:
Microsoft doesn’t cold-call people. Ever.

So I asked a simple question.

“Sure, happy to help. Can you tell me which device exactly?”
“Your Windows device.”
“Right. I have three. Which one?”
[pause]
“It’s the one with the Windows operating system.”
“Great, and what’s the IP address that’s been compromised?”
[longer pause]
click.

That was it. Game over.

⚠️ Scammers Are Evolving — You Should Too

They’re using real names. Referencing your city. Maybe even your email or job title from LinkedIn.

But no matter how convincing they sound, here’s what they never have:

  • Your actual device details

  • Secure access to your system

  • Any legitimate reason to contact you first

🚫 The Golden Rule: Don’t Engage

You don’t owe strangers your time just because they know your name.

If someone claims:

  • Your computer is compromised,

  • There’s a fraud alert on your bank account,

  • You’re owed a refund or a surprise payment...

...then hang up, don’t respond, and never click anything.

âś… What Real Companies Actually Do:

  • Microsoft will never call you unless you request it.

  • Your bank won’t ask you to confirm account details via text.

  • Law enforcement does not demand gift cards or wire transfers.

If it’s legit, it’ll come through secure, official channels — with clear identification, case numbers, and usually your full information.

🧠 Staying Safe is Simple:

You don’t always need fancy software or technical training. Just follow one mindset:

If it’s unexpected and urgent, it’s probably fake.

Let it go to voicemail. Don’t click links. And when in doubt, go directly to the company’s website and contact them yourself.

You’re not being rude by ignoring strangers — you’re being smart.

It’s your data. It’s your money.
Don’t hand it over to a convincing voice on the phone.

Have questions about staying secure or want to suggest a topic for a future newsletter? I’d love to hear from you. Email me: [email protected]

If you found this helpful, please share it with friends, coworkers, or anyone who might need a little digital safety boost.

New readers can subscribe and access past issues at:
👉 https://newsletter.thecybersafety.company

Stay safe,
Peter Oram
Chief Cyber Safety Officer