Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

What I learned playing prey to Windows scammers

Fahmida Y. Rashid | July 8, 2016
Three months of phone calls prove Windows scammers are more skilled at social engineering than you think

Many of the callers don't take into consideration that you may have multiple computers. When I asked “Mike” which computer he wanted me to turn on, at first he didn’t understand what I was asking. “I am talking about your Windows computer,” he said.

I explained I didn’t know which of my seven computers had problems. I half-expected him to tell me any would do, but he went through the pretense of looking at his logs and telling me to turn on the one that had been on at noon the day before. I wonder if he would have tried again later with my other computers, but I didn't let him stick around long enough to find out.

My questions must have rattled “Nancy” from “Windows Technical Services,” a bit, since she switched the company name a few times during the course of the call. From “Windows Technical Services,” she switched to “Windows Security Services,” “the Windows Company,” and “Windows Service Center.”

Later on in that call, “Nancy” made another goof. “All I am trying to say, to do, is to explain that your computer is getting hacked by foreign IP addresses, from Texas and from California.”

Yes, Texas was once an independent republic, but come on, “Nancy.” You can do better.

Do not engage the scammer

Never, ever share any personal information. Don’t provide your name. Don’t talk about anything specific to you -- the caller wants to gain your trust and will engage in small talk while waiting for the computer to execute the commands you typed. Don’t go to any website the scammer tells you to visit, don’t accept emails, and most of all, don’t download any software during the call.

A recent variation of the scam depends on victims making the initial phone call. While browsing online, the victim comes across a browser pop-up stating the computer is infected and to call technical support at the listed number for instructions on how to fix it. The message is frequently served up via a malicious advertisement. Don’t call the number. Instead, close the browser and move on. It’s easier to never, ever engage the scammer.

If there really is a problem, you won’t find out over the phone. Microsoft doesn’t have the phone numbers of every user who owns a Windows computer, and the company definitely doesn’t call individuals if something goes wrong. If a problem exists -- say, the ISP thinks your computer is infected and spreading malware to other computers -- the notification will not come via a phone call. More important, there is no such thing as a Windows Global Router monitoring your computer activity.

 

Previous Page  1  2  3  4  5  6  7  Next Page 

Sign up for CIO Asia eNewsletters.