Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Cyber-Scammers Step Up Volume of Robocall Schemes During Holidays

    By
    Wayne Rash
    -
    December 12, 2015
    Share
    Facebook
    Twitter
    Linkedin
      Cyber Scammer 2

      Today’s call came the same way it has almost daily for the last couple of weeks. Shortly after I got to my desk, the phone rang, and a voice with a thick South Asian accent said, “This is Windows support…”

      Then it went on to tell me that my computer was infected with all sorts of dreaded malware. The person on the other end wanted me to open up a support session so he could look at my computer.

      For a while it was a minor enjoyment to play with the caller, to see how long it would take to throw them completely off of their script. On today’s call it happened when I said, “But my computer runs Linux.”

      While a call to me might be a scammer’s nightmare, the same isn’t true everywhere. In far too many small and medium businesses, the person who answers the phone has only a vague idea of who Windows Support might be and likely will fall for the trick.

      Once that happens, your network security is gone as the scammer breezes through most forms of protection while he installs some handy malware onto the unfortunate employee’s computer.

      This basic scam has been going on for a while now, and apparently it’s successful enough that it’s still going. Worse, this scam and others have been ramping up lately. Robocalls, for example, have peaked during November. According to YouMail, which keeps track of such things, these calls are up 43 percent in the month of November. That comes out to nearly one billion calls in just one month.

      Of course, those are robocalls, but indications from others are that other scam calls are also rising rapidly. One of the most insidious are those calls purporting to be from Microsoft, but of course actually aren’t.

      With those calls, the scammers prey on the ignorance of people who aren’t experts in IT or security, but rather on people who have heard about bad things, but who aren’t familiar enough with their computers or with their company’s IT policies to know when something isn’t right.

      “We hear via our front-line support team, and even from friends and family, that these scammers are getting bolder,” a Microsoft executive said in a recent blog. The blog goes on to explain how these calls work.

      “This tech scam follows a well-known pattern. A phone call comes in from a blocked or international number, and the caller urgently claims to be a Microsoft-certified tech agent who has detected viruses or malware on your Windows PC that must be fixed right away.

      These callers use scare tactics such as telling you to check your Event Viewer to reveal a bunch of ‘errors’ or even ask to take over your PC remotely to reveal more so-called problems. And, inevitably, they demand payment via credit card or online payment system, usually to the tune of several hundred dollars, to clean your PC. If you resist, they often get angry or even threaten to destroy data on your computer.”

      Cyber-Scammers Step Up Volume of Robocall Schemes During Holidays

      What’s worse, unfortunately, is that the scammers are now apparently in league with the same people who try to plant malware on your computer using phishing schemes you’ve heard about. These schemes usually start with an email that requires you to click on a link that seems to be legitimate, but that instead installs malware on your machine.

      Unfortunately, an attacker can move beyond phishing if that’s proven ineffective, and use that tech support scam phone call instead. This works because many companies, in an effort to provide good service, put their employee phone books online. This means that the scammer knows whom to call and who to pretend to be when someone answers the phone.

      Preventing this is certainly possible. First, your employees need to know that Microsoft will never call them to tell them that they have malware on their computer. Second, your IT department needs to be visible enough to the staff that they know what to expect.

      Will your help desk make a phone call in such a circumstance? Or will they come by for a visit? Whatever the policy is, it should be consistent and your employees should know what to expect.

      In addition, your security staff needs to be aware that your employees might get such a call and be asked to connect to a remote control program. A good security system can sometimes detect such a remote control session and raise an alarm. Unfortunately, because these connections go through Websites and use Secure Sockets Layer, detection is hard.

      Meanwhile, train your staff to be alert to these scams and never to provide any credit card or other payment information to someone who calls in offering to fix their computers remotely. Microsoft, for its part is taking action against those scammers when they can find them. If someone on your staff gets such a scam call, you can tell the Federal Trade Commission and you can tell Microsoft.

      In some companies another option, if the scammers are becoming a real problem, is to route calls through a switchboard instead of providing direct dial numbers for most employees. In addition, it’s important to keep as many phone numbers and names off the Internet as you can. That may seem less convenient for doing legitimate business, but it can sure help out security in this scam and others.

      Most of all, help your employees understand that they should never give out information over the phone and that they should never connect their computers to anyone from outside. Then make sure your own help desk and support staff are readily available and that employees know who they are.

      Microsoft, along with other legitimate IT companies, will never ask for personal information over the phone and they won’t call you and ask for credit card information in return for technical services—ever.

      Avatar
      Wayne Rash
      Wayne Rash is a freelance writer and editor with a 35 year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He covers Washington and is Senior Columnist for eWEEK. He is the author of five books, including his most recent, "Politics on the Nets". Rash is a former Executive Editor of eWEEK and Ziff Davis Enterprise, and a former analyst in the eWEEK Test Center. He was also an analyst in the InfoWorld Test Center, and Editor of InternetWeek. He's a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×