300 victims report fake support calls to security org
Internet Storm Center collects info on scam for research
Computerworld - The Internet Storm Center (ISC), an arm of the SANS Technology Institute, has started collecting reports of fake support calls in an attempt to figure out how prevalent the scam is among computer owners.
"We are trying to better understand how common 'Fake Tech Support' calls are, and what they are trying to achieve," the security organization said on its website last week.
ISC has published a form where users can report an attempted or successful scam, with fields asking for information on the gender of the caller; whether they have a strong accent, perhaps indicating that the call originated outside the U.S.; whether the caller asked the user to allow remote access to the PC; and whether they requested a credit card.
In the five days since ISC posted the form, it has collected nearly 300 reports, according to a statistics page.
Nearly 93% of the calls were conducted by a human, 84% of the callers were male, and 91% had a discernible accent, ISC said.
Almost half -- 45% -- of the callers asked the user to allow remote access to the PC, but only 15% tried to pry credit card data from the victim. The latter's low percentage was at odds with email that Computerworld has received from readers, but may hint at the ISC website audience's higher level of technical expertise: Those reporting scams to ISC may have ended the call before the swindler asked for a credit card.
Unsolicited support calls have continued to plague computer owners, particularly consumers and small businesses.
The scams are based on a combination of aggressive sales tactics, lies and half-truths. Callers pose as computer support technicians, often from Microsoft, but also from name-brand computer makers such as Dell or large security companies like Symantec, and try to fool people into believing that their computer is infected, often by having them look at a Windows log that typically shows scores of harmless or low-level errors. At that point, the sale pitch starts, with the caller trying to convince the consumer to download software or let the "technician" remotely access the PC.
The con artists charge for their "help" and often get people to pay for worthless software or services. The software may be worse than useless, as some scammers plant malware that steals online account information and passwords from the PC.
Not every fake support scam starts with the victim's phone ringing: Some people find phone numbers after searching the Web with phrases like "Microsoft tech support," and find results that lead to disreputable firms, not the Redmond, Wash. company's help desk.
"I have had three customers fall for the scam and they initiated it," said Nat Garrison, Jr., a North Carolina computer consultant, in an email to Computerworld last month. "Two of them were trying to get technical support for Microsoft Outlook and the third was trying to add another license to his Office 365. All three of them used Google to find the phone number for Microsoft's technical support. They all got connected to someone with a strong Indian accent who wanted to remotely connect to their computers."
ISC said that it may share the collected information with other researchers tracking the scams. "We had one university request a data dump," said Johannes Ullrich, SANS' chief research officer, in an email reply to questions Tuesday. "They where looking at some trends along the lines of what we have [in our statistics] summary."
The scam data project and the ISC reporting form can be found on its website.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts