We had a call recently from a client. He had just received an (unsolicited)  phone call from a foreign call centre. The man on the phone told him “they” (he thinks they called themselves something like Microsoft support) had detected that he had a virus on his computer and that they could remove it for him. Our client, being a trusting type of person, let them talk him through going to a website and then running some Windows commands. Sure enough the results that appeared on his screen proved he had a virus. If he would only give them his credit card details they would remotely remove the virus infection.

At this point our client sensibly rang off and called us. He was seriously worried now that he had somehow got a virus on his system but was suspicious enough to call us first. We were able to reassure him that this was a scam. A quick check over via our support tool proved that his computer was fully up to date with security software.

He has no idea how he was selected for this scam and I have not seen anything on the internet to suggest how they get phone numbers. Presumably he has filled in an online form at some point and that information has either leaked or been sold to the scammers.

This is obviously a very worrying incident on a number of levels. Firstly of course many people might be taking in by this scan. In this case the poor English of the caller made it difficult for him to understand what he was being asked so he ended the call early. Secondly it seems a bunch of criminals now have his phone number and maybe other personal details.

Googling this type of incident revealed that this scam is now quite widespread. I also found one article that said that an Australian ISP is actually calling its’ domestic customers when they detect malware/botnet activity from the customers connection. This is of course quite laudable and we have seen similar activity from Zen (www.zen.co.uk) who pro-actively contact our business clients if they detect botnet traffic over a Zen connection. However this legitimate support activity is going to make it much more difficult to detect the scammers among the genuine support calls.

If in doubt contact your trusted support professionals!

by hostadmin on Nov 19, 2010 at 11:35 PM

tagged:

Comments are closed.