“I am calling from Microsoft”
These are scam calls claiming to be from Microsoft Windows support – “I'm calling from Microsoft. We've had a report from your Internet service provider of serious virus problems from your computer.” Kaspersky Lab security researcher, David Jacoby received the scam call and decided to play along to find out facts that can help users to detect and avoid Microsoft Windows support call scams.
You have got the call! Remember, the caller will try to establish the credibility of the call by claiming that it is from Microsoft. Jacoby analysed – from his conversation with the caller – their ability to trap people in their scam is not based on technical sophistication, rather the attackers relay on their social engineering skills to trick people – smooth talking and cashing on people’s fear.
The caller informed Jacoby of signs of malware infection in his PC. To confirm the claim, the caller asked Jacoby to check numerous error messages in the Windows Event Manager. Jacoby found out that the event viewer did show error messages. He explained these messages were not directly caused by an infection in the PC; rather they occur in the log files when computer has not been re-installed for a long period of time and is running lots of programs.
Jacoby said usually people get worried after finding out the errors and this is what the caller takes advantage of – the users fear. After confirming the presence of errors, the caller asked Jacoby to carry out a DOS command to reveal the system’s unique ID to reference the system been infected with malware. The caller confirmed the license ID by tallying it with ID Jacoby was seeing on his screen. Of course, the two IDs matched; but it was sleight of hand that made the two IDs appear the same.
And this is where the drama unfolds. Upon receiving an “off” response when Jacoby send a DOS command, the caller became all hyper and started screaming. Jacoby recalled the caller was pretending to be quite upset when his license was not verified, which, according to her, meant that no security patches could be installed and asserted Jacoby to allow their technician to directly access his PC – to which he agreed.
Through remote assistance, dated 2011, the caller advised Jacoby to install security software which will protect his PC against threats of viruses, malware, Trojans and hackers. Jacoby agreed and let her install an application “G2AX_customer_downloader_win32_x86” on his PC. After the installation, it was indicated that he had “successfully updated the software license for lifetime.”
This is the climax of the drama, when the caller charged Jacoby $250 for installing the ‘much needed’ security software. Money was to be paid via PayPal account, given by the caller to Jacoby. Any other common user would have been fooled into paying this amount for nothing. Jacoby, being a security researcher, played along with the caller to obtain the phone number and IP address of the caller to inform authorities and get the cyber crime gang busted.
In order to be careful in future, make sure that the caller dont install any kind of computer monitoring software or spyware, which is cause for major malwares in your PC.
Author Bio: James Clark has been writing about Computer and Internet Monitoring Software for quite a bit of his career. His articles have been a source of information for those looking to find out more about the latest Computer Spy Software and he's helped many tackle their privacy and security issues along the way.
No comments:
Post a Comment