…scammers have been calling residences and masquerading as representatives of “Microsoft”, “Windows”, “Security Team”, Internet service providers …
For some time now scammers have been cold-calling residences (possibly businesses as well) and masquerading as representatives of “Microsoft”, “Windows”, “Security Team”, Internet service providers (e.g. AT&T, Comcast etc.) or other similar sounding organizations. There are several different versions of these scams, but the conversations typically involve the caller claiming that a computer at your location has a virus or has problems that needs to be fixed right away.
On one such call I received (I pretended to be naive) the caller walked me through opening up the system event logs to look for errors. Note that almost all computer event logs have warnings and errors, many of which are innocuous; but for the average person, having someone who seems to be an authority figure (as in this so-called “Security Team” representative) refer to these lends legitimacy to the call.
The caller will then try to induce the individual to use their web browser to go to a specific web site. Quite often the individual will be asked to download and install something from that site but sometimes it is possible the site will be rigged to take advantage of a security flaw that has not been fixed on that computer. Either way, once the caller’s software has been installed the caller will state that he is “fixing” the system. The caller may try to extract a fee for this work but the big danger is that the caller may have installed virus-like software designed to steal personal information, sending it over the Internet to the caller’s criminal organization. This personal information could potentially be used to access financial accounts or perpetrate identity theft.
Although it is possible that an Internet provider will call if there is a problem with something on your network, this is more often the expection rather than the rule; and a legitimate representative will never offer to fix the problem directly; in my experience, the Internet provider rep will warn the account owner that a system has a virus and recommend that a virus scan be run on the computer.
NEVER visit any website or install/purchase software at the request of a telephone caller.
- Remain calm
- If the caller gets agitated or threatening hang up immediately
- Hang up if the caller refuses to clearly and state their name and company name (write down the information if it is provided)
- Do not provide any personal information
- Never vist any website at the request of a telephone caller
- Never install or purchase software at the request of the caller
- Collect information about the reason for the call, on the off-chance that it is legitimate (i.e., in case it actually is your Internet service provider)
- If you suspect that the computer does have problems or has malicious software (such as a virus) contact a reputable computer consultant and have the system examined.
If you suspect that you have been a victim of computer fraud the FBI has a website for reporting such incidents: http://www.ic3.gov/faq/default.aspx
A detailed report of some of these scams was posted by Ed Bott in November 2011 on ZDNet:
Always keep your computer up to date with security patches, particularly for the operating system (Windows or Mac OS X), web browsers, Adobe Reader, Adobe Flash (a web browser component) and Java (another web plug-in). Windows Automatic Update does an excellent job keeping Microsoft operating systems and software up to date, while the other products mentioned above usually involve responding to installation prompts when logging in after the computer has been restarted.
I am curious to find out what blog system
you’re utilizing? I’m having some small security
issues with my latest blog and I’d like to find something more risk-free.
Do you have any recommendations?
We use WordPress as both our hosting platform, and our blog system. We have a specific theme, of course, as well as a fair number of customizations to brand the website as our own, but the heart of the blog system is native WordPress. If you need assistance with your blog system, we can offer advice, as well as refer you to an excellent, trusted web designer.