Phone phishing scams for IT support seem to be back in action in late 2014. Consumers are getting phone calls claiming to be from Microsoft or another technology vendor (Internet, antivirus, etc.) about an urgent problem that needs to be fixed right away.
How the scam call works
The scam caller will tell you the reason they are calling is your machine has sent out a virus alert that needs immediate attention. An alternate scam involves expired licenses for software.
The caller will then ask you to allow them to take over your PC using a remote connection in order to remove the virus or update the license information so you don’t lose access to your computer.
Once the scammer is given access to your computer, they will show you a few random errors (which are harmless) to “prove” the presence of the virus or the need for the license update.
Now the scammer will download a program to “protect and update your computer” but the download is actually malware. If you’re on a network, this could compromise everyone connected to the network.
Scammers will use phone directories and other websites to dig up personal information that makes the call sound legitimate. They may know the name of your boss or claim to be working with your company’s IT consultant if you don’t have an in-house IT department.
How to protect yourself
Be VERY skeptical of unsolicited phone calls. Never provide any personal information or remote access in these situations. The caller will paint a bleak picture of what could happen if he or she isn’t allowed to help you right then and there. Don’t give in to the pressure. If you’re concerned and want to confirm the potential issue, tell the caller you will call back using published corporate support numbers and hang up.
Tell your IT provider right away. These kinds of scams rely on tricking people. If you get fooled, don’t let any embarrassment put your company’s network and data at risk. We’ll help you get things fixed and determine what needs to be done to prevent future problems.
Protect your financial data. Bank account information is frequently the target of these scams. Use a different computer to change login information for financial institutions and any other sensitive data. Don’t forget to create a strong password.
Monitor financial accounts for suspicious charges. Online banking is the best way to do this as you can access real-time information. You may even want to add an alert to your credit report.
Consider reporting the call to the authorities. You can do this online at the FCC website.
Avoiding scams has become part of being connected to the Internet. Healthy skepticism of any unexpected message (phone, email and text) you receive is one of the best ways to protect yourself online.
Photo credit: It’s a Trap by Kenny Louie (CC by 2.0)