YOUR WEBSITES NAME
The Computer Education Society Of Philadelphia
Is that call from Microsoft a scam? Phone scams
A reader writes:
I received a call from someone who claimed that my computer had been identified by Microsoft as vulnerable. I thought it sounded fake, and I told them that I had no way to know if they were who they said they were. Then they said they could prove that they were from Microsoft by giving me my serial number if I would go to a website called www.ammyy.com.
Is this call a scam?
Yes. This is a scam. This is not a legitimate call from Microsoft. Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) about your computer security or software fixes.
If you receive a call like this one, it’s a scam, and all you need to do is hang up.
Cybercriminals often use publicly available phone directories, so they might know your name and other personal information when they call you. They might even guess what operating system you’re using. It’s still a scam.
Don’t let scammers encourage you to install dangerous software
Once cybercriminals gain your trust, they might ask for your user name and password or ask you to go to a legitimate website (such as www.ammyy.com) to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information are vulnerable.
Do not trust unsolicited calls. Do not provide any personal information.
Although law enforcement can trace phone numbers, perpetrators often use pay phones, disposable cellular phones, or stolen cellular phone numbers. It’s better to avoid being conned rather than try to repair the damage afterwards.Cyber Trust Cloud Computing.
Tips & Talk Topics
Cybersecurity Data Privacy
HOW TO: Report the Microsoft phone scam
September 18, 2014 - Eve Blakemore - Group Manager, Trustworthy Computing
If someone calls you from Microsoft technical support and offers to help you fix your computer, mobile phone, or tablet, this is a scam designed to install malicious software on your computer, steal your personal information, or both.
Do not trust unsolicited calls. Do not provide any personal information.
You can report this scam to the following authorities:
In the United States, use the FTC Complaint Assistant form.
In Canada, the Canadian Anti-Fraud Centre can provide support.
In the United Kingdom, you can report fraud as well as unsolicited calls.
Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at the Microsoft Answer Desk. Or you can simply call us at 1-800-426-9400 or one of our customer service phone numbers for people located around the world.
About the Author
Eve Blakemore is a Group Manager for Trustworthy Computing who delivers consumer guidance around the latest trends in security and privacy. Eve joined Microsoft in 1998 and has worked in corporate and field roles with Microsoft Learning, US Public Sector.
A senior security researcher from Malwarebytes
has played along with a Microsoft technical support scammer, documenting the whole episode in a video, to showcase the social engineering that takes place.
For the Inexperienced person and Senior’s the scam sometimes involves people in Indian call centers calling up and saying that they are representatives from Microsoft technical support.
They then tell the victim that their computer is running slowly because of viruses or because they need an additional piece of software -- at a cost $$$$, of course.
It's been floating around for almost as many years as the Nigerian money transfer scam and is still going strong.
This week, the scammers called the wrong person: Jerome Segura, a senior security researcher at anti-malware company Malwarebytes. Being familiar with the sting, Segura played along with the female caller, recording the entire episode in a handy YouTube video. It's not the first time that scammees have documented scammers -- there are many videos on YouTube such as this one, but Segura made an effort to remain calm, not to alert the scammers and genuinely try and understand the sophistication of the scam.
He didn't expect it to turn nasty at the end when the scammers became impatient and deleted a load of files from his computer.
Most Wired.co.uk readers will have a highly-tuned Windows scammer filter, but we know of less tech-savvy relatives or friends that might be drawn in. Segura told Wired.co.uk: "Many of my family members have received these calls, so I wanted to play the game to see how the scam worked. My aim was to be totally respectful and play the perfect victim."
As soon as Segura received a call, he decided to turn on his virtual machine and start recording the call and his computer screen. The caller -- initially a woman -- directs Segura to look at his Event Viewer, which logs all Microsoft error reports. She asked him to count the number of red cross-marked errors and yellow warnings, before warning him: "These errors and warnings are very much harmful for your computer.
These are major problems and it doesn't matter if you have one or two errors or more than that.
Each one has already started corrupting your whole computer system."
She then instructed Segura to enter in "Prefetch" into the start>run menu, which opens up the prefetch folder, which actually keeps track of how your computer starts and which programs you commonly open. She said that these were "malicious hacking files that are making the computer infected and the system slow". She warned not to delete any of the files as they could be activated and crash the computer. "You have 100 hacking files on your computer, you are very high risk."
Segura explains: "The woman really wanted me to be involved and count the errors. It's all about social engineering. But part of the plan is on Microsoft for having errors that look like this [quite alarming]."
The caller then went on to say that that Segura's software warranty had expired after three years and that she then asked him to have a look at the System Configuration Utility services tab. She explained that the reason that some of the services in that tab were marked with a "stopped" status was because a warranty had expired and only a Microsoft technician could start them again.
At this point a male "technician" takes over to get Segura to register for a warranty renewal that will cost "only" $299.00 (£195). It's a complete one time payment for the whole lifetime of the computer. An absolute bargain.
Segura is asked to download TeamViewer to allow a third party to control his computer. They then open up a browser and instruct Segura to enter in his personal information, including banking information and make a PayPal payment of $299.00 Segura purposefully enters in wrong banking details knowing it will be rejected.
At this point the scammer gets spiteful, takes control of Segura's computer and deletes all of the documents from his computer. The scammer then looks for more ways to corrupt the system, heading to device manager to delete the Ethernet adapter driver. Before deleting, he posts "bye asshole" (sic) in the TeamViewer chat log.
Segura asks the operator who was deleting the files on his computer, and why the technician called him an asshole. A male voice replies that the "technician is always correct. If he is saying that you are something then you must be. He cannot be wrong."
Segura is surprised that this scam -- which has been floating around since 2008 -- is still going on. "Many older people may fall for the trick." He hopes to educate more people about the scam and try and track down the people behind them. http://www.wired.co.uk/news/archive/2013-04/11/malwarebytes
What should you do now?
Review your account statements for any fraudulent purchases, as well as your credit report. Make sure you have different passwords for different accounts: in particular, don’t use the same password for your bank accounts, email and e-commerce accounts.If you were the victim of more than one breach, some security experts recommend freezing your credit. To do so, call Equifax, Experian or TransUnion and ask to have your account frozen. The credit agency will mail you a one-time PIN or password to unfreeze your account later. If you plan on applying for a new job, renting an apartment or buying insurance, you will have to thaw a freeze temporarily and pay a fee to refreeze the account.
Why does this keep happening?
The Internet was built for openness and speed, not for security. As more and more services, infrastructure and personal information move online, they have all become targets for hackers, who constantly scan the Internet for potential security holes and entry points. At government agencies, old, out-of-date systems and budget shortfalls have left information vulnerable. Security experts say there is no way to keep hackers out of systems with traditional defenses like firewalls and antivirus software. With breaches now the norm, organizations are finally moving towards more modern defenses, like monitoring software that can pick up unusual network activity and two-factor authentication, a system that requires employees and Internet users to enter a second, one-time password when they log in from a new computer. But security experts say the only way information can be protected is to scramble it with encryption technology that makes it unreadable to hackers.
How can you protect yourself in the future?
It’s pretty simple: You can’t. But you can take a few steps to make things harder for criminals.
Turn on two-factor authentication, whenever possible.
Most banking sites and ones like Google, Apple, Twitter and Facebook offer two-factor authentication. Change your passwords frequently and do not use the same password across websites.
Vigilantly monitor your bank accounts and credit report. Do not enter sensitive information into websites that do not encrypt your connection.
Look for a lock symbol next to the web address whenever entering sensitive information and do not enter it if you cannot see the lock symbol below.
The "S" in https://www. shows it a secure web site but caution should be taken if you see http://www then it's not secure site.