How to sniff out the Microsoft phone call scam

Sunday, August 26, 2012

How to sniff out the Microsoft phone call scam

This phone-based scam has been around since 2008 and the scammers are using more sophisticated social engineering tactics to make them appear to be legitimate.

Based on the number of people asking us about these phone calls on our free help Facebook page , it's obvious that the scammers have cranked up their efforts.

Remote service is completely safe and a great way to get your computer taken care of, but only when YOU initiate the call to a service provider. Microsoft does not have a random task force that monitors infected Windows computers around the world and calls when they see a problem.

Here are some of the ways that they are currently trying to trick people:

The caller ID generally says 'Home Security' and includes what appears to be a valid number. In general, you will likely hear a strange accent.

In the past, if you were to ask them for a phone number and name so you can call them back, they would hang up. Today, they will gladly give you their direct extension and name in an effort to get you to let your guard down.

Whatever number they give you will generally ring busy if you were to try calling it (part of the scam).

If they can convince you to stay on the line, they quickly try to convince you that your computer has been compromised by having you run some 'diagnostics' yourself as proof.

A recent tactic is to get the victim to open the Windows Event Viewer, which has a log of any errors that Windows has detected. Unless you just recently installed Windows, your Event Log is bound to show some errors (very normal), which can be made to seem scary to non-technical users.

Another trick that they use is to get you to drop to a command prompt (black background with white text) to check your system ID and to have you run a verify command, which will return the message that 'verify is off'.

They will then tell you that your computer ID can't be verified which means your computer hasn't been able to get Windows updates (which is completely false; the verify command is to verify that data has been written to a drive correctly).

They may even guide you to pull up something that they claim is a system certificate that has a 2011 date, which they will try to convince you means your computer hasn't been updated since last year.

0 comments:

Post a Comment

About Blue Pointer Technologies

Our Company Blue Pointer Technologies was created to assist companies in the design, deployment and implementation of Unified Communications solutions. Blue Pointer is a spinoff of Pointer Systems, a telephony systems integrator since 2003. Pointer Systems wanted to create a company that would specialize in Unified Communications with an emphasis on the Microsoft Lync UC platform. We believe that the promise of Unified Communications technologies offers companies of all sizes a revolutionary approach to their communications infrastructure, one which cannot be matched by the proprietary path embraced by most traditional legacy PBX vendors. Our Philosophy Blue Pointer assist companies in designing a migration strategy that protects and utilizes their existing infrastructure while migrating to new technologies. Blue Pointer offers companies three main strategies: 1. Unified Communications 2. Migration to New Enterprise Voice Technologies 3. Supplement to Technical Team

Pages

Sunday, August 26, 2012