Phone scam warning: cyber criminals pretending to be microsoft tech support
We, at Tech Squad, were recently called by someone who has since become a client of ours. He called to receive help to unlock their computer after cyber-scammers claiming to be Microsoft support locked the computer and were demanding payment to unlock it. Microsoft warn on their website that cyber-criminal activity is not occurring just through e-mail or compromised links on websites, but also through phone scams too. Criminals call the unsuspecting public and after gaining access to their computer install software that is used for fraudulent purposes.
Here is some background to the events leading up to the call our client received. Out of the blue, our client had received a call on their cell phone from “Microsoft Support” to inform him that his version of Microsoft Windows was out of date and they were calling him to upgrade him to the latest version. Prior to asking for any credit card payment for the “upgrade”, they asked for him to allow access through a legitimate, well known screen sharing software. to conduct a “free analysis”. By then the damage was done. The scammers installed malware code, also known as “ransomware” on his computer. The code effectively locked access to his files. Then the scammers called to get a credit card to unlock the files. He explained to them that he is working for a non-profit organization and didn’t have limitless access to funds to pay for this “service”. To show how callous the scammers are, they offered him a half price special (non-profit pricing), to gain access to his credit card details. Fortunately, he didn’t hand over his credit card, and called Tech Squad instead. We were able to remove the infected files and give him access once more to his computer.
Based on how common this scam is, we felt it necessary to highlight some helpful hints. Our client is not an uneducated man, and should have probably known better than to give access to his computer to a complete stranger. However, these criminals are very compelling over the phone. They are skilled and have perfected their craft. In the heat of the moment they prey on the element of surprise and create urgency and panic. They come across as being super helpful and supportive, whereas their intentions are far from it.
Microsoft have a page on their website warning users of phone scams purportedly originating from Microsoft support personnel. This content, part of their safety & security centre, provides information on how to protect yourself from scams, or rather how to avoid tech support phone scams.
The criminals convince you to visit legitimate screen sharing/remote access software websites to have you download software that will allow them to take control of your computer remotely. and adjust settings to leave your computer vulnerable.The impact of allowing access to your computer to a cyber criminal.
– Cybercriminals can capture sensitive data, including online banking details, stock trading accounts, user names and passwords to all accounts and e-mail
– Many times they lock the computer and attempt to charge you to remove this software
– They can adjust settings to leave your computer vulnerable
– Once they have your credit card information, they use it to bill you for phony services or just make purchases and you pay for their transactions
– Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there
How is this different from pirates that occupy ships and steal their cargo, or hold the ship for ransomed money? Or getting held up by gun or knife point in a city? Well, apart from the lack of physical violence, there really is not a lot of difference. In both cases the criminals aim is to steal your hard earned money.
So how do you protect yourself?
1. Know that neither Microsoft nor reputable organizations will call you to charge you for computer security or software fixes.
2. Be aware that Cyber-criminals use publicly available phone directories, social media profiles, your friend’s hijacked e-mail accounts and so forth so they might know your name and other personal information when they call you. They might even guess what operating system you’re using.
3. Once they’ve gained your trust, they might ask for your user name and password or ask you to go to a legitimate website (such asĀ www.ammyy.com) to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information are vulnerable.
4. Do not trust unsolicited calls.
5. Do not provide any personal information.
Here are some of the Microsoft organizations that cybercriminals claim to represent:
– Windows Helpdesk
– Windows Service Center
– Microsoft Tech Support
– Microsoft Support
– Windows Technical Department Support Group
– Microsoft Research and Development Team (Microsoft R & D Team)
This article focuses on scammers purporting to be from Microsoft, since that is what our client reported. Criminals use this same type of scam claiming to be from other organizations too. Claiming to be from the police, or intelligence agencies are also common variants.
Report phone scams
Many people are embarrassed to have been caught in a scam. They don’t want to report it to the authorities. It is however important to report the crime as that is the way the authorities can make breakthroughs in bringing the gangs to justice.
If you are hesitant in any way about calls or e-mails you receive, call the organization through numbers listed on their web sites. The scammers may give you a phone number or web page, but in most likelihood it will be fake.
The following advice is from the Microsoft:
If someone claiming to be from Microsoft tech support calls you:
– Don’t purchase any software or services. Rather call the official numbers on Microsoft or work through an official Microsoft reseller.
– If someone asks for money or a credit card, just hang up. Never give out your credit card or personal information.
– Only give control of your computer to a third party if you can confirm the person is a authorized representative of a company that you do business with, and not someone engaged in fraud. To verify the legitimacy of the call, hang up and call the company’s phone number from their official web site.
– Take the caller’s information down and immediately report it to your local authorities.
If you have already given information or control to a third party to your systems:
– Immediately change your computer’s password, email accounts and financial accounts
– Scan your computer with an antivirus or antimalware program installed on your computer
– For more information about how to recognize a phishing scam contact Tech Squad.
If you need help with a virus or other security problems, we are able to help you. Please contact us today.