Over the last few years we’ve received a few phone calls here and there from clients stating that they were phoned by “Windows” “Microsoft” and even “Google” and were informed they had been scanned by their security experts, having many issues that needed to be fixed immediately; that for a small ($150+) fee they would log in to the person’s computer and ‘fix’ everything. That scan is a scam, folks. Now the incidents are on the rise – we receive calls from customers on a weekly basis that this has happened to. Some were just checking to see if it was for real, others unfortunately had fallen for it, and needed whatever had been done to their computer fixed.
This is a breed of scamming called ‘phishing calls’. It works in a way similar to telemarketing, with your phone number popping up in a call list allowing them to call and try to prompt you into using their services. These ‘services’ are even less useful.
First they try to convince you that they are legit, perhaps walking you through the a few files on your machine to see all the errors they speak of. In which case they are showing you the Windows Event Logs, and yes there are a ton of warnings and even a few critical errors in there. It’s Windows – it is rare to find any PC without any recorded issues, and those warnings are rarely security related.
Now that they have your attention, “Oh my gosh, they were right! There are errors on my computer!” the caller will assure you they can fix the issues remotely and will direct you to a web site to download remote access software.
The fun begins (for the criminal)! They install keyloggers that record every website, username, and password you go to (and your credit cards if you buy anything online) – and it sends that information to them silently in the background, even after they have ‘disconnected’ from your remote session. How? It’s pretty easy, since they disabled your anti-virus software and installed a fake one in its place. They also disabled all Windows Security updates, and Adobe security updates, and JAVA security updates… you get the idea. Oh, and that fake anti-virus program is going to hold you hostage in a week or two saying it was a ‘trial’ and please hand over your credit card to buy the full version.
A few key things to remember here:
- No business goes around checking the entire internet to ensure end user computers are safe. You will never get a phone call at home from Microsoft, Google, or Windows. If you receive a call from anyone claiming to be one of the aforementioned companies, or any company that needs to ‘fix your computer’ for that matter – immediately hang up. And when they call back a minute later, HANG UP again.
- These callers have a distinct foreign accent; they are calling from India, Pakistan, and several Eastern Europe nations.
- If you *do* talk with them (which we highly discourage), do not pay any money or provide any personal information, and do not let them access your computer.
If you have spoken with the ‘fixers’, we would ask you to please contact IC3 (Internet Crime Complaint Center) and log a complaint. They will need:
- The name of the person you spoke with, along with their call back number.
- Their company name
- Email address of the individual you spoke with
- A physical address if possible
The IC3 site can be found here: http://www.ic3.gov/default.aspx
Also, if you have had ‘work’ done by one of these groups, we would ask that you promptly take your computer in to be checked, as well as notifying your bank and credit card companies of a fraud alert; it would not be a bad idea (after having your machine checked) to change all of your passwords for sensitive financial accounts.