We Encounter a Serious Issue

   I just received this voice message on my home phone (landline).

   Here's the text:

   We encounter a serious issue coming out of your computer.  It seems to be someone is trying to hijack your computer and try to steal your personal information.  If it's not fixed right away then your computer will become obsolete and all of your credential information may got compromised.  If you are the one who is using Microsoft Windows in your computer then please call 302-316-9259 or press 1 now to speak with security team now.  Please ignore if we called you by mistake.  Thank you.

   The only serious issue here is that people fall for these scams.  Let's break it down:

• The Voice - who wouldn't believe a bad computer-generated voice?  Seriously though, there are plenty of pre-recorded and generated junk voice messages we get all the time.  My general rule of thumb - ignore them all and erase is your friend.
• Bad Grammar - this is practically a throw-back to the old days of spam.  I've written about this in the past.  Someone willing to get past the bad grammar is more likely to continue on to other poor choices.
• Fear Factor - the message is playing on many people's fear of technology and loss of their personal information.  While we've become almost numb to breach announcements, the idea that there is an attack on our personal home computer is still a scary concept.  Words like "hijack", "steal", "obsolete", and "compromised" invoke fear.
• Call To Action - "if it's not fixed right away...".  For a person who doesn't understand the complex issues of their computer, the call for immediacy further plays upon the fear state.
• Microsoft Windows - what are the odds that if a call was made to any household, someone would be using, or would have used int eh past 24 hours, Microsoft Windows?  I'd guess that's pretty high.
• Politeness - bad voice and grammar aside, the call does say please and thank you.  That further instills a sense of confidence in a person already affected by fear and the call to action.

   As I covered in a past posts, while I did not call the number (and I suspect it's already been disconnected), if I did get through to someone I bet that they would be very helpful!  That is, as long as I was cooperating.  If I was not forthcoming with information, then these kinds of folks often get forceful.

   Obviously, the best course of action is to just have a good laugh and hit delete when you get a message like this.  We also need to assure that less technical, or more vulnerable, people understand the issues and are prepared when the call comes.

   Have you, or someone you know, received a call like this?  What happened?

Don't Blame The IRS

  In a post last month, I include a recording of an obviously fake voice message warning about payment and fines due to the IRS.  If you've read my blog in the past, I talk a lot about scams and give tips to avoid them.  We've often discussed that legitimate organizations should not just contact you and ask for personal information.

   That just makes sense.

   But telling the difference between a legitimate call and a scam call has gotten harder.

   A reader let me know that the IRS is now using collection agencies to collect back taxes!  That just makes it even tougher to tell the difference between a legit collection call and a scam!

The Matter at the Hand

   Check this out!...



   Here's a transcript:

   Calling from Criminal Investigation Division of I-R-S.  The matter at the hand is extremely time sensitive and urgent, as after all that, we found that, there was a fraud and misconduct on your tax which you are hiding from the federal government. This need to be rectified immediately so do return the call as soon as you receive the message. The toll free number is 1-8-6-6-9-7-8-6-6-1-8. I repeat again, 1-8-6-6-9-7-8-6-6-1-8. Thank you.

   Needless to say, this is a scam.  You can look at all of these reports on phone number lookup sites.

   Now, you may think that this obviously sounds like a scam.  However, it unfortunately works.

   So what should you do if you or someone you know receives one of these calls?

1. Don't respond.  Just leave that alone.
2. Report it.  Here is the FTC info page on reporting scams, spams, do not call or telemarketing violations and other issues.  Here is the complaint reporting page.

   I did file a report with the FTC.  It doesn't take long and it's the right thing to do.

   While these calls can be either annoying or entertaining, the bottom line is that they work and some people do fall for these scams.  So educate yourself and others.

   Do you have any interesting robo-call or scam stories to share?

It's Microsoft Calling (Not!)

   The amount of automation and detection in our world today can be scary but it can also be useful.  You can set your lights to come on as you approach your home.  You can have your phone switch to wifi when you get to the office.  And Microsoft will even call you when they detect a problem with your PC!

   OK, maybe not that last one!  As we've discussed before, this is a common scam that has now been around for a few years.

   It works like this... There are 2 basic scenarios:

1. you get a popup on your computer telling you that "Microsoft" has detected that there is a problem with your PC, and you should call the phone number they provide, or;
2. you get a phone call directly from "Microsoft" telling you that they have detected a problem on your PC.

   Of course, neither of these are legitimate.  Microsoft will not call you.

   This article has a recording of what one of these calls sounds like.  Here's another.

   I said PC above, but people with Macs have received these as well!

   Here's the thing about these scammer orgs...  they provide very good customer support!  That, of course, is good for them but bad for us.  It's one of the reasons that these scams work.  People are very happy to receive great customer support - it's unfortunately too rare.   So when a friendly, attentive "customer service" rep is telling someone that their computer is infected, it can be convincing.

   Typically the "customer service" rep will ask the victim to pop a web browser and type in what they tell them.  The victim's web browser is directed to a malware site that will give the attacker control of that PC.

   Why do they do this?