So I got a call tonight from those scammers that try to get you to let them connect to your computer. I
recorded the call if you want to listen to what it sounds like. I’m not as dumb as I sound on the audio; it was an act to drag it out and build rapport to try to get more information. It’s about 30 minutes. Everything I say on the call is made up; I was trying to stretch it out but finally I had other things to do. When I told him there was someone at the door I actually made me some dinner. This is actually a fairly unsophisticated attack, entirely based on social engineering and not technical. Some tips to avoid this type of attack, based on this call (based on my 20 years in IT, some in Director roles);
1) It was a blocked number on caller ID. This alone is already illegal.
2) Who INITIATED the call? If THEY initiated the call, you are at risk. If you have a problem with your computer, go fix it, don’t wait for someone legit to call you.
3) I it was pretty obvious it was a crowded, lots of background noise, and not very good English. A real Microsoft support person has a very professional demeanor.
4) Even without being technical, it was/should be a red flag when the Microsoft guy said they could also fix Apple. One guy said they COULD fix Android, one said they could not.
5) The website they directed me to was a “free” hosted website company. I have already contacted them, and the site is being shut down.
6) Technically; they ask you to open Event Viewer, and look at the Critical Events, and you’re supposed to get panicked, but there are ALWAYS bad looking events in there.
7) Then, they directed me to a website, which had several remote control links on it, I’m sure the next step was to get me to install one of them. The tools listed on that site; Teamviewer, Goto Meeting, etc, are legit tools, just being used for a scam.
8) I started asking about a phone number, for my “friends” to call them. They hung up. Most of their website and phone activity can be faked, but a call back number would be a way to identify them, and they knew it.
From what I’ve read, if it works, they get you to go to a Western Union site and send them money to pay for their “help” fixing your computer.
Here are a couple of searches to see more about the scam;
Microsoft Support scam; https://www.google.com/search?q=microsoft+technicians+are+one+step+ahead+scam&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&gws_rd=ssl