Sophos Cloud Optix
Have you received a phone call at your home from someone claiming to be working for Microsoft or your ISP? Did they claim that they weren’t selling anything, but instead wanted to help you clean up a malware infection on your PC?
Well, if so, beware.
More and more people are reporting that they have received bogus support calls out of the blue, offering a free security check of their home PC.
The problem is that the free security check often involves the caller asking you to install software on your PC that gives them remote access to your computer – opening the door for malware infection, data loss and fake anti-virus scams.
Listen to this great podcast by Sophos experts Paul Ducklin and Sean Richmond where they discuss the problem, and ways in which you can avoid falling for the scam yourself:
(Duration 6:15 minutes, size 4.5MBytes)
According to new research published today by Microsoft, a staggering number of people have received such calls – and the financial losses can be significant.
Microsoft surveyed 7,000 computer users in the UK., Ireland, USA, and Canada and discovered that across all four countries, 15 percent of people said they had had received such a call from scammers. In Ireland the figure was as high as a simply jaw-dropping 26 percent.
Of those who received a call, 22 percent, or 3 percent of those asked in total, were tricked into following the scammers’ instructions – which could range from giving hackers remote access to your computer to providing credit card information.
Sadly, this I can well believe. After all, it’s a clever piece of social engineering by the scammers – you believe that they’re doing you a favour, so your natural inclination is to trust them as they appear to be helping you.
Of course, some folks are especially vulnerable. I don’t think I’ll ever forget the story of the 93-year-old pensioner who was tricked into believing that heavy rain had caused her computer to become infected.
Microsoft’s survey reveals that 79 percent of victims say they have suffered sort of financial loss, and more than half (53 percent) say they have suffered subsequent computer problems.
On average, across all four countries surveyed, the amount of money stolen was US $875. The smallest pickings were in Ireland (US $82), whereas Canadians got stung hardest for a whopping US $1560 each on average.
It’s clear that these bogus support calls are a big money spinner for the bad guys. Make sure that you’re clued-up about the threat, by reading our further tips on how to avoid support call scams.
The Ministry of Conumer Affairs here in NZ released figures a while back saying 25% of retirees had had this kind of call.
http://www.consumeraffairs.govt.nz/pdf-library/Mi…
I've had three. The first two answered by family who were wise to it. Finally I got one and led them on. I run Ubuntu at home so couldn't 'click start' or "open internet explorer' like they wanted me to. Finally once they got me to the web page (using FireFox) with the remote admin software to download the game was up. I asked if it would work on Linux.
"What? You have Linux! I've spent all this time talking to you and now you give me this B*%* S@(* !!!"
…like they actually believed they were trying to help me. lol.
WHO falls for this crap?
An elderly chap I help with his computer got one of the calls. The caller claimed he'd been asked to call because of reported problems with the computer running slowly – well, who doesn't think their computer runs slowly? Even though he hadn't called or reported it to anyone, he followed the instructions to run something (he couldn't tell me what although from his description he only started IE) but fortunately before he got too far into the conversation had the gumption to ask if it was going to cost him anything. He was told £60 so then said he wasn't paying out for anything and would get his expert (me!) to look at it. The caller was very abusive and said he'd pay far more than that for anyone else to look at it, whereupon my chap said Thanks but no thanks and hung up.
I still need to get there to look at his laptop, but another friend was asked by someone she works with about one of these calls; her person had allowed the caller remote access and only backed out when asked for money. Fortunately the laptop didn't seem to be infected with anything, although it had some kind of remote access programme installed, which she soon got shot of.
My parents were almost had by this scam. For months and months me and my sister had been nagging them they must update their anti-virus software so when my mum got the call she believed them immediately when they told her she has a virus on her PC, thinking our warnings had come to fruition. She followed their instructions and downloaded the software, only when they asked for her credit card details did she twig and thankfully hang up.
I too have had these phone calls. Following my mum’s story, when I got my first one I got quite angry and said “no, my computer doesn’t have a virus, this is a scam!” to which the caller got very nasty and said they would keep ringing and then put the phone down on me.
After that, when they rang again I played dumb and said, “oh, I haven’t got a computer”, they were then very apologetic and didn’t ring again.
I had two of those calls just today. I hang up. The first time it happened was a few years ago I believe. It took me a minute or so to realize that it was highly unlikely to be on the up and up.