Aggressive, persistent Windows tech support scammers continue to stalk consumers
'No signs of slowing down,' says Microsoft of bogus phone calls; Computerworld sees a spike in reports from readers
Computerworld - Scammers posing as Microsoft support technicians continue to work the phones in search of victims, the company said last week, and have, in fact, grown bolder in their tactics.
And in the last few weeks, Computerworld has seen a spike in the volume of reports from readers who have been targeted by fake support schemes.
"What's really alarming is that this type of scam shows no signs of slowing down," said Kirsten Kliphouse, the Microsoft executive who heads the company's customer service and support group, in a May 2 blog. "Increasingly, we hear via our front-line support team, and even from friends and family, that these scammers are getting bolder, targeting not only individuals but also businesses."
The scams rely on a combination of aggressive sales tactics, lies and half-truths. Cold callers pose as computer support technicians, most often claiming to be from Microsoft, and try to trick victims into believing that their computer is infected, usually by having them look at a Windows log that typically shows scores of harmless or low-level errors. At that point, the sale pitch starts, with the caller trying to convince the consumer or business worker to download software or let the "technician" remotely access the PC.
The fraudsters charge for their worthless "help" or sell subscriptions to useless services, and sometimes install malware on PCs while they have the machines under their control.
These scams became increasing common in 2010, picked up enough steam in 2011 that Microsoft warned Windows users to be on guard, and in October 2012 prompted the U.S. Federal Trade Commission (FTC) to file charges against six operators. Then-FTC chairman Jon Leibowitz said during a news conference announcing the lawsuits that the fraudsters took "scareware to a whole other level of virtual mayhem."
In 2013, the FTC settled with three of the alleged scammers -- in one instance, imposing a $964,000 judgment, in another just $14,000 -- but its investigations, accusations and penalties have done little to stem the tide of calls.
Computerworld has received a steady stream of emails from readers of past news stories about the scams, but the volume of those messages jumped significantly last month. Many knew better than to let the caller into their PC, but simply wanted to tell someone about their experience in the hope of warning others of the danger.
"Got a call last night from India -- I could tell it was a large call center," wrote Kristen H. last month in an email. "I knew immediately that it was a scam but talked to the guy anyway who assured me I had something drastically wrong with my PC. Anyway, when I called him a scammer, he got mad and hung up on me -- I tried to call the number back, but got a message saying the number had been disconnected."
- Microsoft again writes off Surface inventory, renews profitability doubts
- 'Nadella Effect' makes Ballmer $2.8B richer
- Microsoft reveals bankruptcy of devices strategy by dumping Nokia feature phones
- Microsoft may drag out layoffs for a year
- Surface survives Microsoft cuts, but tablet strategy remains muddled
- As it lays off workers, Microsoft also kills its low-end Nokia X smartphones
- How Microsoft announces layoffs will show the company's PR IQ
- Why Microsoft isn't spooked by the Apple-IBM alliance
- Microsoft boosts OneDrive storage to free terabyte
- Microsoft plans price war to stymie Chromebook growth
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Cybercrime and Hacking White Papers | Webcasts