Social engineering scam

with Neville Fursdon, technical manager

Scammers are calling people up pretending to work for Microsoft in the latest social engineering hack. The phone rings at someone’s home, and the caller, usually with an Indian accent, asks for the householder, quoting their name and address before saying “I’m calling from Microsoft”.

The caller claims that Microsoft has had a report from their ISP of “serious virus problems” from your computer. After predicting the end of the world if the problem is not solved, the caller asks the user to open a program called ‘Windows Event Viewer’. Of course it lists errors, some labelled ‘critical’ which causes most people to make the fatal mistake of trusting the caller. The computer owner is directed to a website and told to download a program that hands over remote control of the computer, and the caller ‘installs’ various ‘fixes’ for the problem. You are told not to switch off the computer for two hours.

Then the bloke from ‘Microsoft’ asks for a sum of money for a subscription to the preventative service. Not ony has the person paid for something they don’t need, but they have also given their entire computer over to the scammers.
The scam has been going on since 2008, but lately it has grown after being run from call centres based in Kolkata. The scam is run by teams believed to have access to sales databases from computer and software companies and is being done without the legitimate outsourcing company’s knowledge. Of course the real Microsoft never rings anyone.

If you fall for this:
• immediately pull the computer power cord and modem cord from the wall, or hold down the on/off key on a laptop for 5 or 10 seconds to shut down the computer
• immediately ring your bank’s 24 hour hotline and get them to cancel your credit card and block and reverse any unauthorised transactions
• take your computer to a specialist who can clean your hard disk and delete and overwrite any worm code. SeniorNet members should contact us for assistance.

Similar scams are circulating for ASB, Westpac, Paypal, Clearnet, and a bunch of others, all after your money or your identity. Beware!