Backup - Online
Data Cabling
Data Recovery
Hardware + Software
Internet Services
Web Design
Data Recovery
Hardware + Software
Internet Services
Booking Request
Client Login

Complete IT Blog                              

Microsoft Warns of the Security Threat Posed by Support Scammers

James David - Monday, June 20, 2011
Maintaining the security and integrity of your system is an ever-evolving challenge. While software itself is generally becoming more secure, efficient and bug-free, those that would take advantage of an insecure system, or unsavvy end-user, are becoming ever more crafty.

Last month, CRN reported on a support scam that sought to trick people into paying for 'remote support' to 'fix' a perfectly fine system, or install malicious software that would mine personal information for nefarious uses. The twist to this scam, is that it took place over the phone.

The scam is similar to one which many will be aware of from its frequent appearance in spam emails and internet ads. An unsuspecting computer user receives an unsolicited call from someone claiming to be from the support department of a (potentially legitimate) software company. The caller then guides the end-user through a series of 'tests' to demonstrate security vulnerabilities or faults with their system, and offers a free security check or system repairs through remote administration.

The goal is to trick a user into giving up personal information, installing malicious software that would attempt to capture sensitive data, or to gain access to a user's machine in order to install said software, or leave the computer more vulnerable to attack. Cheekily, some cases involved charging the user later to remove malicious software.

A report released by Microsoft's Trustworthy Computing Group last week, based on a survey of users in the United Kingdom, Ireland, the United States and Canada, found that three percent of the survey pool were taken in by the scam, with 79% of those suffering some kind of financial loss and 53% experiencing computer problems resulting from downloaded malware or malicious software. The average victim of the English language version lost $824.

Microsoft warned that perpetrators of the scam were known to pose as employees working in several of their own support and research departments.

The important thing to take away from this is that unsolicited support calls, just like email spam, are likely to be untrustworthy at best, and that trustworthy companies, such as Microsoft, are not going to call you out of the blue in this manner. Exercise special caution when dealing with calls such as these, and it is always better not to give out personal information, or access to your machine, unless it's support you specifically requested, from a trusted support provider.

Head to CRN here for the original report, including some transcript from Brett Winterford's own experience, and here for this month's findings, via CRN.com.au  

Bookmark and Share  |