I pointed out before that there are a lot of scams on the internet. Today, I want to focus on one that seems to be having a resurgence in occurrence - at least as far as I've noticed.
The way this one starts off seems simple enough. A telephone call comes in, and a gentleman with an Indian accent is on the line. He claims to be with some outfit, which he may never specifically mention, but says he is a "Microsoft Certified Technician". For some reason, that I have yet to figure out, my number has not been listed as fitting somewhere between "waste of time and money" and "very bad idea", so I've gotten to field quite a few of these calls since the summer. Sometimes the names of the "company" sounds plausible, other times not ("Joe" called from "Microsoft Geek Squad" once...) Invariably the reason you received this telephone call was because either your computer stopped communicating with Microsoft, or is infected with something bad, or has been hacked (or something).
Let's start with a critical piece of information: Microsoft does not contact licensees of Windows software. There is no master computer that somehow is monitoring every PC with Windows loaded on it, receiving red lights when one is "infected". Also, in general, Microsoft does not have a database of users telephone numbers. Similarly, Best Buy (home of Geek Squad) does not know when your PC (especially one not purchased or warranted there) is off kilter. These callers are not PC technicians. They are criminals!
To be clear, this particular scam tends to come from India, but it should not be used as an indictment against legitimate call centers or technicians in or from there.
Here is how this scam plays out:
Caller - I am [lies] from [more lies] and your computer. is not communicating with Microsoft (or something)
You - Oh? (or some response)
The caller will guide the victim to turn on their computer, and use the Windows-R shortcut to open a "run" box, typing in "eventvwr"for the Event Viewer. He'll guide you through a couple of the menus, showing you errors and warnings and telling you that they mean you have an infection, or may be hacked. The reality is that these are very benign "errors" and you're about as "hacked" as a celebrity that regrets what they typed on Twitter.
Next our caller will offer to help you fix these problems. This will start with them telling you to open a web link, and download/install a piece of software. The two most popular ones, presently, are Team Viewer and AMMYY. Technically, both programs are fairly innocent, and offer for legitimate options in remote assistance or login. Not in this case.
If one follows the instructions and installs/runs the program suggested by the scammer, they will ask for info on your screen , pin number and such from the program, which will allow them to slide in over your connection, and control your desktop. They may even tell you to take your hand off the mouseand (from what I've heard) they get mad if you try to control while they're doing their thing. What they may do may actually start as benign, cleaning something out or just looking around. However the likelihood next is that they'll either try to pitch a subscription service in which they'll charge you for 1,2 or 3 year deal, or they'll start deleting things and try to charge you to fix them. Even more malevolent, they may install a key logger that will snatch your passwords (especially banking) so they may help themselves to your money, and other accounts.
What can you do?
First and foremost, the easiest thing may be to take advantage of Caller ID, and not answer numbers you're unfamiliar with. If you do have them on the phone, telling them to "begone" (as politely or rudely as you choose) can be effective. For me, I enjoy "playing dumb" with them, and keeping them busy for a good period of time. If I keep them on the horn for an hour, while I'm doing other stuff, that's an hour that they're not scamming someone who may not know better.
I've gotten to a point here where the family finds watching me scambait almost as fun as watching a good movie. It's not for everyone, especially if you're a "rookie". If you do decide to scam bait, make sure you pay attention to what you're doing, don't give them an edge, Most importantly, don't do anything that may surrender access to your PC or personal information. If you decide to play with them, have fun, keep them going for a long time, until make things difficult for them.
Be safe online! Watch out for scammers. If you believe you may have fallen victim, immediately see your bank/credit card company/credit union, and make sure that your PC is protected.
No comments:
Post a Comment