Over the past several days three friends have described a similar scam that impacted someone in their family. I am providing this information to you in hopes of preventing future occurrences.
The scam: A social engineer/scam artist calls and says that he is calling from Microsoft Solutions (or similar) related to an issue with your computer. He says that your computer has been hacked or has an issue. Next, the caller will ask you to go to a website or he may ask if he can access your computer remotely to gather evidence to prove that your machine was hacked or to "fix" the problem. This probably isn't his first rodeo .. he will provide you "proof". The website will show you "proof" that your machine was hacked OR if he accesses your computer remotely, he will demonstrate the problem he identified. He might even offer to 'clean up' some files on your computer. The caller will then demand compensation ($100 - $700) for his services or to prevent future problems. If you hang up or refuse he will be persistent by calling you back. You might even discover that your computer doesn't boot up.
What happened during the scam?: The social engineer used information he may have found posted on one of many websites that provides your name, phone number and address or used some other means to identify and find you. He created an urgent situation to manipulate you into allowing him to access your computer. The website you accessed loaded malware (malicious software) on your computer or the caller installed malware on your computer when you allowed him to access your computer remotely. The caller may have also gathered information from your computer (tax records, data or other information from your computer). You may not be able to use your computer without paying the fee.
What is a social engineer? A social engineer/scam artist is someone who influences you to take an action that may or may not be in your best interest. Social engineering is a tactic used to get information from individuals and businesses regularly. This person will make a situation appear urgent and will manipulate you by exploiting your fears. These people are 'professionals' with an arsenal of people, tools and resources to get you to do what they want. Social engineers use freely available tools to make their call appear to come from Microsoft (or another well known entity), they use computer tools to access unprotected computers and will even take on a persona to trick you.
How to prevent: Stay on your A-game! Just like any reputable institution, Microsoft's technical support does not make random calls to customers or users. Be suspicious of unsolicited callers! The situation described above cannot be prevented with virus protection - the situation involves human interaction. The victim is manipulated unwittingly into allowing someone onto their home computer. Don't be the next victim.
Looking for a good site to find out about computer issues? A good source is Kim Kommando. She does a nice job of providing news about threats in a way that everyone can understand.
No comments:
Post a Comment