- 10 July 2012 10:27
Spread the Word, Protect a Friend – Don’t Fall for the ‘Microsoft Technical Support’ Scam Phone Call
If you receive a phone call from someone claiming to be from ‘Microsoft’, ‘Windows Technical Support’, or something similar, advising that your computer has a virus, they are likely to be a scammer. Microsoft never contacts customers in this way. (For details of how the scam operates and how best to respond, see below.)
Michael McKinnon, Security Advisor at AVG (AU/NZ), distributor of AVG Technologies’ award-winning AVG Internet and mobile security software in Australia, New Zealand and South Pacific, confirmed that: “People continue to fall for this scam, despite all the warnings, so it is obviously a very lucrative business for cybercriminals. Every day, our Technical Support Team in Melbourne assists customers who have been contacted by scammers and told their computers are infected – when in reality, they aren’t. Just this week, one of our customers told us that he had paid more than $4,000 to a scammer. ”
This dangerous scam takes advantage of consumer vulnerabilities. Computers and gadgets are evolving so rapidly that users are, understandably, often unsure how to use them properly and securely, or who trusted vendors might be. “Because many people are fearful of malfunction or online infections, it is no surprise they respond to what sounds like expert technical intervention,” McKinnon said.
AVG (AU/NZ) advises that, in Australia, if your computer really does become infected with malware, it is possible you may receive a legitimate phone call from your Internet Service Provider (ISP), as many of them participate in the Australian Internet Security Initiative. And you will have protocols in place with your ISP for online or phone communications. A call from any other organisation should not be trusted.
How the scam works
• You receive a call from someone claiming to be from a reputable company, such as Microsoft, saying that your computer has a virus.
• The caller might suggest your Internet security software licence has ‘expired’. They won’t be too specific because they’re really just trying to establish whether you will believe them.
• They might ask you to pay a fee for them to fix the problem, often the ruse will be for you to pay for remote access software so the ‘technician’ can get into your computer to immediately clean your machine. To convince you, the level of cogent instruction can be quite detailed.
• Their preferred method of payment is credit card and they will ask you to visit a website so you can transact securely with them.
• During the remote support session, the technician will bring up misleading configuration windows that most people will be completely confused by, and suggest that what they are showing you is evidence of a ‘virus’ – when in reality they are just normal system settings.
• They will once again ask that you pay money for the ‘virus’ to be removed.
• If you still don’t pay, they may then deliberately disable your computer by turning off a number of critical services that your computer needs to restart. They will then reboot your computer remotely, leaving you with a computer that no longer starts at all. Shockingly, they may then proceed to demand even more money to fix it, because you chose not to act on their earlier advice.
A YouTube Fake Scammer clip can be seen here (http://www.youtube.com/watch?v=jb69H7l0vJA).
5 quick tips to avoid falling victim
• Be cautious when allowing someone remote access to your computer – especially if they call unexpectedly. Always make sure you know and absolutely trust who your supplier and support vendors are.
• Avoid international technical support unless they have a local office: having a website or even a telephone number that works still doesn’t mean they are legitimate.
• Keep up to date backups of your computer: use automatic, always running backup solutions, such as AVG’s LiveKIve, to protect your important data.
• Protect your computer from viruses and other infections – with a solution like AVG Internet Security.
• Stay informed about the latest scams – view the latest reports at SCAMwatch.gov.au and connect with AVG (AU/NZ) on Facebook and Twitter.
### ENDS ###
Keep in touch with AVG (AU/NZ)
• For breaking news, follow AVG (AU/NZ) on Twitter at twitter.com/avgaunz • Join our Facebook community at www.facebook.com/avgaunz • For security trends, analysis, follow the AVG (AU/NZ) blog at resources.avg.com.au
AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/. For video tips from AVG (AU/NZ), see http://www.youtube.com/user/avgaunz.
About AVG (AU/NZ) Pty Ltd — www.avg.com.au
Based in Melbourne, AVG (AU/NZ) Pty Ltd, an Avalanche Technology Group company, distributes AVG Technologies’ software, namely the AVG Internet Security and Mobile Security product range in Australia, New Zealand and the South Pacific.
AVG Technologies’ mission is to simplify, optimise and secure the Internet experience, providing peace of mind to a connected world. AVG’s powerful yet easy-to-use software and online services put users in control of their Internet experience. By choosing AVG’s software and services, users become part of a trusted global community that benefits from inherent network effects, mutual protection and support. AVG has grown its user base to 114 million active users as of March 31, 2012 and offers a product portfolio that targets the consumer and small business markets and includes Internet security, PC performance optimisation, online backup, mobile security and identity protection.
AVG (AU/NZ) Media Contacts: Michael McKinnon AVG (AU/NZ) 03 9581 0845 firstname.lastname@example.org
Shuna Boyd BoydPR 02 9418 8100 email@example.com
Sign up now »
- FTSenior Python Web Applications DeveloperNSW
- FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
- FTSenior Python DeveloperNSW
- FTTest EngineerVIC
- FTSenior Python DeveloperNSW
- FTR&D EngineerSA
- FTOS Web Applications DeveloperNSW
- FTTest Analyst (MS Environment) .netNSW
- FTQuality ManagerSA
- FTLead Software EngineerSA
- FTTest Analyst (MS Environment) .netNSW
- FT.NET - Sitecore Developer - Melbourne - PermNSW
- FTFlash / ActionScript Developer - ContractNSW
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.