Social engineering – the act of manipulating people into giving up confidential information – has long been a threat to businesses. One of the more common social engineering tricks, in terms of IT, is scammers posing as Windows technicians who call Windows users and try to trick them into believing their computers have viruses, and that they need to pay to have the problem fixed.
These scams have long been a part of the Windows environment. Despite users being fully aware of these attacks, some people are still falling into the trap.
These deceptions generally follow the same formula. A person calls you pretending to be from a Windows technical team at Microsoft. The scammer tells you that they need to renew their software protection licenses to keep their computer running.
Most of the time, these scammers spread the conversation out over a number of phone calls and emails, the goal being to gain the trust of the user. Once trust is established, or the user seems interested enough, the scammer will offer a seeming sweet deal: They will offer a service that will make your computer run like new, usually for a seemingly reasonable price.
The scammer will then use remote PC support software to show you ‘problems’ your computer is having. They will usually show you the Windows Event Viewer – a part of the OS that shows errors, usually harmless, that your computer has generated. The scammer will then convince the user that these errors are harmful, and if you have paid, they will make it look like they are cleaning your computer.
If you give them your credit card number, you will likely see ridiculous charges, or even have people trying to access your accounts.
What’s being done?
Governments are aware of this increasingly common trend, and some organizations, like the FTC, have taken measures to shut down scammers. This article from ars technica gives a good overview of what exactly the FTC is doing, while another article provides a first-hand account of how the scammers operate.
What can we do?
While action is being taken, these scams continue. Here are five tips to keep in mind when you suspect a scam is at play:
- Microsoft doesn’t call people.
- Windows Event Manager is a log of errors for ALL programs.
- Microsoft employees will never ask for your passwords.
- Most of these scammers operate out of call centers in India, but bill your account from the US.
- Microsoft employees won’t usually ask you to install software that’s not made by Microsoft.
If the person calling you provides you with a website, do a quick Google search to see if there have been any scam reports related to that URL. And as a general rule of thumb: If you get an unsolicited call about your computers and IT security, it’s likely not genuine.