We are receiving a steady increase of support calls from clients who are falling foul of fake support calls – scammers pretending to be from either Microsoft, BT or your bank!
This activity has been ongoing for many years – however, the scammers are upping-their-game; and targeting more users, more frequently.
Typically, the scammers will call their potential victim - you - pretending to call on behalf of Microsoft or your bank etc., saying that they are investigating unusual activity on your user accounts or computer. They explain that they are “here to help” and would like to “help protect you from suspect activity” – all lies – they are in fact doing quite the opposite.
They often use a clever tactic to increase their credibility, such as asking you to look at a specific place on your computer where a list of errors are listed (but which aren't really errors). They use this as part of the social engineering element to gain your trust.
The scammers will request remote access to your computer, saying that they can remote in and fix the problem and protect you from the threat. You're asked to navigate to a particular support website address to download a support tool to enable the scammer remote access to your computer.
The website address in question, on the surface will look totally legitimate, using a recognised word such as "Microsoft" at the start of the address – for example www.microsoft.something.com. However, the Microsoft part of the web address is just a subdomain for the fraudulent website.
Once they have navigated you to their website and they have persuaded you to download their support plugin, they then have full control of your computer. Full control...
They will then either explore your computer, and then demand a payment for "fixing" a non-existent issue. Or worse still, will ask you to log in to your internet banking to "check everything is OK". Remember, once they have remote access to your computer they can cause a lot of damage.
- Microsoft never call you to tell you of an error on your computer!
- If in doubt, contact a trusted IT partner to assist you
Do something now:
- Make sure you have quality anti-virus software installed on your computers
- Ensure your data is regularly backed up.
- Communicate with your team or associates - give them the heads up of these types of scams
For advice about security for you and your users contact claireLOGIC, Microsoft Certified security experts.