"Hello, I am calling from the Windows Support Center, we are partners of Microsoft. We are calling you about your Windows computer..."
The man was speaking very quickly, in a manner that would likely be very effective in confusing people who are not necessarily IT professionals. He quickly explained that my computer was infected and that every time I connected to the internet I was downloading viruses to my hard drive. I quickly began cutting him off and asking him basic questions that, if this were a legitimate call, he should know the answer to; things that would have explained how they were able to identify my router as being the source of the problems he was explaining, or that I even had a Windows machine in my house. He blew off every question I asked with a simple "we don't have your personal information" and continued on with his obviously rehearsed speech. I even asked him how he got my contact information, and told me he got it from the Global Internet Foundation, or some other fictitious organization. He wasn't even able to name the virus he was calling about.
After (not so) politely telling him to sit on an acorn, I searched online to see how big of a scam this was. I was not so surprised to learn that this is a global problem. Apparently, the calls are initiated from a call center in India. After convincing the victim that their computer is infected, he will then walk the victim through the steps to grant remote access to the computer so that he can help remove the virus from the victim's computer.
The victim's computer is now completely comprimized giving the attacker the ability to do whatever he wants.
I've also heard of some situations where the victim has given away his credit card information so that the service of removing the virus can be paid for.
Things to remember:
- There is no such thing as the "Windows Support Center." And while we're at it, there is no such thing as the "Global Internet Foundation."
- No one cares if you have an infected computer. Your computer could be so infested with malicious software that it is unusable, and no one outside of your local network would care.
- If you get any information that seems suspicious, Google it. If the first page is full of results suggesting it's a scam, then chances are it's a scam. Do this before you believe anyone that phones you for no apparent reason, or click on any links you don't recognize.
- If someone randomly phones you and starts telling you that you have a problem, at the very least get a second opinion before giving up any personal information or money. Ask for a number to call them back if necessary. Chances are, they won't give you one.
I know of at least one person in my area who fell victim to this scam, and ended up giving away remote access to their computer. Don't be the next victim!
- Mark Bass
No comments:
Post a Comment