Monday, February 27, 2017

Getting Fooled by Scammers – Your Computer

I don’t think more than a few days go by before I get a phone call – “Hi, I’m calling from Microsoft Technical department. We’ve identified problems with your computer.”  This phrase has ALWAYS been uttered in broken, pretty heavily accented English when I’ve taken these calls. If it was an actual native English speaking person on the other end, it would probably throw me, but I haven’t had that issue yet.

Sadly, I have gotten this “technical support” phone call several times in the same day. I’m not really sure if this is the SAME bank of phone scammers sharing a list or if there truly are THAT many offices doing this stuff and they just end up tripping over each other. Anyway, you’re going to hear someone pretending to be from Microsoft – or occasionally giving a vague answer about it, but Microsoft will ALWAYS be mentioned in my experience. As a brief side note, unless you truly HAVE contacted Microsoft and given them the info to call you, you will NOT be contacted by Microsoft. Even THEN, you’re most likely to get an email from them. Microsoft does NOT get into helping you proactively with a purported virus issue. They, to MY knowledge, will not even help you if you DO call them with a virus issue. For THAT, you need a good local Raleigh computer repair company – betting you can figure out who WE would recommend….

Now, no matter WHAT you say at this point – other than calling them on their scam, and even THEN, sometimes they continue to try – their primary goal is to get you in front of your computer and let them in.

“My house is on fire.”
“Okay. Are you in front of your computer?”
“NO, MY HOUSE IS ON FIRE!”
“I need you to go to the Start button.”

Seriously, these people have that mindset. They likely are not overly familiar with the words that you are using other than “Yes” or “No”. If it falls outside of technical verbiage, they’ll be lost. Just remember, English is almost assuredly NOT their first language.

The last time I got this call, it was even MORE fun. The only machines that were on at that time were a Linux fileserver and a Mac. After confirming that my “Windows machine” was causing problems RIGHT THEN, I asked him how that was possible with only a Linux box and a Mac running in the house. This time, he DID hang up. It’s always fun to back them into a corner though so there’s no way out before you spring your trap. Though I have a feeling that it wasn’t that he wanted to save face, I suspect it was more that there was no money to be made there.

They will try to get you on the computer and PROVE their legitimacy by showing things to you that make you feel like they really DO know what is going on in your computer and they are legit.  IF you don’t know computers – and the registry – it will seem like magic as they show you all these things. It’s sort of like someone saying,

“Go ahead and lift up the hood of your car. I’m going to show you something. Is there a big metal thing there?”
“You mean an engine? Yes.”
“See what I’m talking about? You’re going to see one or two rubber belts there too. You see them?”
“Yes.”
“Exactly as I thought.”
“Now there will be 4 wheels on the car. I bet they ALSO have rubber wrapped around them, don’t they?”
“Yes.”
“Yeah, that’s what we saw too.”

That’s realistically exactly what they’re doing. Inside your Windows software, there are certain things that are just GOING to be there. So they take you in and act like they are geniuses and point out things like that.

What CAN they do to your computer?

THAT is the problem.d Not that they call you – though wasting your time IS an annoyance. The real problem is that should you follow their directions, they are going to have access to poke around your computer, download things like files that maybe have the word “password” in it, download your email file – that big Outlook PST file maybe that has every email and password hint, bank communications, list of all your friends’ email addresses and SOOOOO much more in it? They can install keylogger software and have it phone home with your usernames and passwords to any site you visit. They can THEN visit your bank AS YOU and do some nasty things – thinking you can imagine.

They can install remote control software that STAYS there even after you THINK they have gone. They can now send email as you (they can also install a quiet little email server right ON your computer….) to all your friends or create other mayhem. They can choose to setup that “FBI virus” or to install the encrypting virus on your computer.

In short, if you let these people in, you no longer can be guaranteed that you DO have sole access to your computer. You can have the equivalent of a thief sitting in front of your computer with FULL ACCESS every day going forward. Full access to everything you do, you have and you create going forward. All your documents, every website you visit, every password you use or even create.

What can YOU do?

  1. DON’T EVER EVER EVER LET ANYONE ONTO YOUR COMPUTER THAT CALLS YOU UP CLAIMING TO BE TECHNICAL SUPPORT.  If you call Buckeye PC up and want us to help you, we will do so, but NO company will call you and give you the premise line above. There truly are only a few organizations that will contact you about any type of problem with your computer that are legit. These all focus on the email and/or traffic coming from your computer. Time Warner has sent out alerts via email that unusual traffic is coming from my IP address to me in the past. It was a customer computer that was being fixed at that time thankfully. Secondarily, your email server people may contact you or cut you off from sending email if they detect large amounts of spam coming out of your IP address/computer.  You will either get an email (most likely) or an actual letter.
  2. IF it’s already too late, you fell for it and they were all over your computer, we suggest a few things. First off – call a LEGIT reputable computer repair place and explain what occurred. Make this a priority. Don’t pull a “Yeah, I’ll get to it later” thing. IF your computer and data have been compromised, the scammers will NOT be waiting to check your bank balances and arranging transfers until THEY get to it later. They’ll be hot on it NOW.   A phone call to the bank to put a watch on your account is likely NOT overkill.  Once you get your computer fixed, you will want to go back and CHANGE YOUR PASSWORDS. You’ll want to change all of them ideally. If that is NOT really possible, then at least change the vital ones – your email, your financials, and your FB/Twitter/other social ones.  Hackers getting into your FoodNetwork profile is NOT going to be the end of the world – you may need to go find that perfect mac and cheese recipe again… But at least you’ll have money in your bank account to MAKE it if you focus on the most important things NOW.  Protect the most vital accounts immediately and the others as you get to them.

There’s a whole lot of this going around these days. DON’T become a victim. When they launch into the “From Microsoft technical support” speech, just hang up.  Of course if you WANT to have fun and waste THEIR time, have AT it!


No comments:

Post a Comment