Published April 11, 2013
For those of us working in the IT industry, we get used to removing viruses and malware from plenty of machines on a regular basis. Malware is a huge problem that seems to only be getting worse. Part of the problem is a lack of education for the end users. It’s easy for the less tech savvy to get tricked into downloading a piece of software that disguises itself as legitimate piece of software (Java, Flash, Adobe etc.) While browsing the internet, users can also get tricked or scared into downloading and installing “Fake AV” programs that look legit, most times copying the GUI (graphical user interface) of popular Anti-Virus programs (AVG, Norton, Microsoft Security Essentials, ESET etc.) by thinking that their computers are infected.
I can understand how confusing all of this is for end users. Being bombarded with ads and scams online constantly can be overwhelming for the casual computer user. Luckily, places like New River Computing able to help folks clean their machines and equip them with software to thwart off these attacks by using good, reputable AV programs, such as VIPRE and Malwarebytes, and using managed service software to keep machines patches and up-to-date. We also recommend users operate under a “user account” instead of an “admin account”.
Having a good AV program installed is certainly important, as well as being mindful of pop-ups and shifty websites. But, one thing AV software can’t protect a computer from is a fake Microsoft technical support phone call scam. These types of scams have been going on for several years but, seem to be increasing in popularity. Criminals are finding that, while more and more people are becoming educated on how to avoid scams on the computer, they are succeeding in scamming people over the phone in to downloading malicious software. Having someone call your house and act like a Microsoft Representative, telling you that your machine is infected and at risk can be pretty alarming. The purpose of these calls is to get an easy $299 (or whatever amount they choose) by scaring you into thinking there’s something really wrong with your computer and that they can fix it for you.
Fortunately, the methods used by some of these criminals to dupe users were recently captured by Jerome Segura, a senior security researcher at anti-malware company Malwarebytes. The video demonstrates the kinds of tactics used by these scammers to trick users into allowing them to remote in to your machine and take it over. Segura played along with the caller and recorded the entire interaction in a YouTube video. These scams usually start off with the alleged Microsoft representative asking you to turn on your computer to perform some checks for errors. They essentially ask you to open different applications which aren’t typically known by regular users, then tell you that the files you are looking at are malicious viruses and spyware. Usually, these are just event log files and/or temp files—neither of which pose any threat to your computers’ security.
I highly recommend watching this video. Pay attention to what the scammers asks Jerome to do and notice how strange the callers are act when he asks questions. And also, just for the record, Microsoft will NEVER call a user to let them know that their machine is infected…NEVER! That’s not how they operate. To avoid being the next victim, don’t ever take a phone call from someone who claims to be from Microsoft tell you that your machine has a problem. And also, make sure that your computer is up-to-date, remove unwanted software and also use a good anti-virus solution.
Stay safe and be skeptical!