Microsoft warning of phishers posing as computer security experts in phone scam
June 20, 2011
Posted by on
In independent research commissioned by Microsoft Trustworthy Computing and conducted by Dynamic Markets Ltd. in April 2011, Microsoft released details of a survey conducted into a phishing scam where some individuals were conned into releasing personal and financial information to fix a non-existent problem on their computer. Not only did these individuals lose money regarding the original call but also the subsequent costs to fix the problems. The survey was conducted across 7,000 people which revealed that 15 percent of them across the UK, US, Ireland and Canada reported receiving a call from scammers. Of these, 22 percent (3% of the total survey population) had been deceived by the phishers and so lost money.
“The scam works by criminals posing as computer security engineers and calling people at home to tell them they are at risk of a computer security threat. The scammers tell their victims they are providing free security checks and add authenticity by claiming to represent legitimate companies and using telephone directories to refer to their victims by name.”
The best way for people to protect themselves is to keep their computer’s security software up to date and to be suspicious of unsolicited calls.
Once trust has been established, the scammers attempt to make the victim think there’s something wrong with their computer. They then trick them into downloading software that gives hackers remote access to their computer.
At the moment, the scam appears to only operate in countries where the predominant language is English, however Microsoft’s director of international public relations, Richard Saunders, believes it will broaden out to other languages.
“Fake lottery scams and other forms of internet scams have followed this pattern,” he said.
The following is Microsoft’s advice:
- Be suspicious of unsolicited calls related to a security problem, even if they claim to represent a respected compan
- Never provide personal information, such as credit card or bank details, to an unsolicited caller.
- Do not go to a website, type anything into a computer, install software or follow any other instruction from someone who calls out of the blue.
- Take the caller’s information down and pass it to the authorities.
- Use up-to-date versions of Windows and application software.
- Make sure security updates are installed regularly.
- Use a strong password and change it regularly.
- Make sure the firewall is turned on and that antivirus software is installed and up to date.
- Microsoft Security Essentials is a free antivirus product and is available at http://www.microsoft.com/en-us/security_essentials/default.aspx.
The Microsoft survey showed that 67 percent of people who lost money were able to recover, on average, 42 percent of it. Microsoft advises anyone who thinks they may already have been a victim of a phone scam to do the following:
- Change their computer’s password, change the password on their main email account and change the password for any financial accounts, especially bank and credit cards.
- Scan their computer with the Microsoft Safety Scanner to find out if they have malware installed on their computer
- Contact their bank and credit card companies.