Do you have calls from Microsoft tech support? It could be a scam
Warning against misuse of offers for technical support of technology companies
Maybe, it happened to you too. You were contacted by a number from another country informing you that your computer is infected and offering you security solutions. But do not be fooled. These scams are constantly gaining momentum, with a large number of people being tricked every day.
Tech support scams are a global problem in which a scammer contacts a victim by phone and offers them technical support services. Currently, the National Cyber Security Centre SK-CERT monitors an increased activity of scams targeted at users of Windows operating systems. In this type of attack, attackers use scare tactics to trick their victims into buying a non-existent service, or try to get their victims to pay to fix a non-existent problem with their device. Actually, scammers try to steal the victim’s personal and financial information. If you allow them a remote access to your device under the pretext of fixing and debugging, they may install malicious code, such as ransomware or malicious programmes for data collection that can steal your personal information or damage your device.
Attack vector
Scammers may call you directly on your phone and pretend to be representatives of Microsoft company. Phone calls are made in English, though the scammer often has an Asian accent. After introducing themselves, they will guide you to the command line, where they will dictate a sequence of commands, and after entering them, a string of characters which is the same for all Windows devices will be displayed. The scammer, in order to evoke legitimacy, dictates this number. Then, you may be asked to install applications that allow remote access to your device. Scammers can also offer fake solutions for your problems and ask for payment in the form of a one-time fee or subscription to a purported service or support.
Scammers can also initiate contact with the victim by displaying fake error messages through compromised websites, advertisements, applications, displaying a technical support contact, and enticing you to call. The aim of these messages is to convince you that you are at risk and to trick you into calling an indicated technical support hotline.
Recommendations
The most important thing is that you do not allow an attacker to access your device remotely.
If you have a suspicion that the scammer obtained any personal or sensitive information, it is necessary to:
- change passwords on all services that the attacker could gain access to,
- contact services that the attacker could gain access to, such as banking applications and so on.
If the scammer was able to gain remote access to your computer:
- uninstall applications that scammers have asked you to install,
- apply all security updates as soon as they are available,
- perform a system scan using an antivirus system,
- consider resetting the device and report the incident to the National Cyber Security Centre SK-CERT and the police.
For feeling secure, keep in mind:
- Microsoft or any other large companies do not send e-mail messages or contact their users by phone in order to request personal or financial information or to provide technical support to fix your computer.
- If you see a phone number with a warning message from Microsoft or other company, do not call it. Error messages never include a phone number.
- Download software updates only from the company’s official websites.
- The technical support of any software company will never require you to pay for services in the form of cryptocurrencies or gift vouchers such as google play card, paysafecard, etc. Attackers often require a payment by gift vouchers, mainly due to difficult traceability.
Sources
https://support.microsoft.com/en-us/help/4013405/windows-protect-from-tech-support-scams
https://www.consumer.ftc.gov/articles/how-spot-avoid-and-report-tech-support-scams
« Späť na zoznam
