Tuesday, September 20, 2016

It's Microsoft Calling (Not!)

   The amount of automation and detection in our world today can be scary but it can also be useful.  You can set your lights to come on as you approach your home.  You can have your phone switch to wifi when you get to the office.  And Microsoft will even call you when they detect a problem with your PC!

   OK, maybe not that last one!  As we've discussed before, this is a common scam that has now been around for a few years.

   It works like this... There are 2 basic scenarios:
  1. you get a popup on your computer telling you that "Microsoft" has detected that there is a problem with your PC, and you should call the phone number they provide, or;
  2. you get a phone call directly from "Microsoft" telling you that they have detected a problem on your PC.
   Of course, neither of these are legitimate.  Microsoft will not call you.

   This article has a recording of what one of these calls sounds like.  Here's another.

   I said PC above, but people with Macs have received these as well!

   Here's the thing about these scammer orgs...  they provide very good customer support!  That, of course, is good for them but bad for us.  It's one of the reasons that these scams work.  People are very happy to receive great customer support - it's unfortunately too rare.   So when a friendly, attentive "customer service" rep is telling someone that their computer is infected, it can be convincing.

   Typically the "customer service" rep will ask the victim to pop a web browser and type in what they tell them.  The victim's web browser is directed to a malware site that will give the attacker control of that PC.

   Why do they do this?
 Because, as Willie Sutton famously did not say when asked why he robbed banks... "because that's where the money is".  Control of your computer is valuable for any attacker. They can steal your data.  They can use your computer as part of a "botnet" to attack other computers.  This is all worth money to the attacker.  And sometimes they just ask you to pay for the "support".

    How are they able to do this?  If the scammer calls you on the phone, they're just cold-calling phone numbers.  Some people even receive these calls when they are away from, and not logged in to any, computer!
   If you get a pop-up on your screen telling you there's a problem with your computer and providing a phone number to call, then it's likely because you visited an infected website.  Code on the website gets executed and causes the pop-up to be displayed.

   In either case, the attacker really doesn't know who you are and is likely not even targeting you directly.  These, like many malware attacks, are crimes of opportunity.

   What should you do?

   If you have a real licensing issue or need support or help with a malware issue on your computer, then you should look up the contact information for the vendor you want to contact (maybe it's Microsoft or Apple, but it could be your anti-malware software vendor or the company where you bought the computer) and contact them.

   But if you do get contacted by one of these scammers, you have a few choices:

   If you see a pop-up message after surfing to a website, it's probably the website that is malicious and not malware on your computer.  However, the website could have deposited malware on your computer.  To be sure, download Malwarebytes on a different computer, put that program on a usb stick, and run that on your possible infected computer.  See the instructions here.

   If the scammer called you, you can just hang up.  Or, you can tell them you know what they are doing.

   This article has a good summary of this issue.  Here's Microsoft's advice.  And here's a great resource page from Malwarebytes.

   But... if you'd like to have a little fun and do the world a service at the same time, I've got a little game for you.  It's simple and it goes like this... see how long you can keep them on the phone!  Every minute they are tied up with you is a minute they can't be scamming someone else!

   Have you been contacted by this kind of scam?  If you'd like, post about it in the comments.  And, if you try the game, report back here how long you were able to keep them on the line!

1 comment:

  1. Done it many times, even to the point of getting them to look at THEIR computer as suspect. :) Shannon