Sophos Cloud Optix
Naked Security has been hearing from our Canadian readers about more fake technical support calls trying to get people to infect themselves with fake anti-virus software, keyloggers and remote control software. That’s right, they are calling people on the telephone and trying to defraud them in numerous ways.
The fraudulent callers represent themselves as being from Microsoft, Telus (one of the traditional Canadian phone companies) and other brands believed to be trusted by the intended victims.
As we have reported previously the calls seem to originate from overseas call centres, but often use caller ID numbers that appear to be local. They likely are taking advantage of extremely cheap Voice Over IP technologies that allow them to purchase local phone numbers.
They falsely claim the user’s computer has been sending error messages to them and that they are calling to help fix their PCs. Their modus operandi varies, although the outcome is always the same: them stealing your money.
They usually offer to assist you through remote control software, often from legitimate vendors like LogMeIn. Once they are able to access your PC they will install fake anti-virus software or other malware and charge you for the privilege. This way they get two bites at the apple… Once for the technical support incident and another when you pay for the rogue security suite.
This has been common enough recently that Telus has posted an advisory on their website. Telus states that they are working with the Royal Canadian Mounted Police to trace the origin of the calls and recommend Telus customers who believe they have been defrauded call 310-2255.
A recent study by Microsoft showed that the average Canadian victim had $1560 USD stolen from their accounts. It is important to apply the same skepticism to incoming phone calls as you would apply to unsolicited emails or strangers ringing your doorbell.
Paul Ducklin and Sean Richmond of Sophos Australia recorded a podcast explaining these scams and provide advice on how to avoid becoming a victim, I recommend listening to it and sharing it with your friends and family.
(05 November 2010, duration 6:15 minutes, size 4.5MBytes)
These attacks aren’t just affecting Canadians, we have had reports from Australia, the United Kingdom and the United States as well. Stay vigilant and remember, hanging up isn’t rude when someone is calling to scam you.
Thanks to Savio in SophosLabs Canada and Naked Security reader Lystra for contributing information to this story.
I'm in UK and I've had recent spate of this recently …sometimes twice a day ! They'll respond to the voice that answers the phone .." is that Mr/Mrs XXX " ~ They'll have your name and address..very possibly picked up from a phone book or gathered from an online source…take note, sometimes just an initial only ,,ie Mr G Jones…~.
All callers have an Indian accent..but have very English Names and all calling to say they've had reports sent to them from my home computer …that its running slow or has a virus !! All of them claim to be either " Microsoft Technicians/Microsoft Supported Technicians / PC Technical Support etc etc etc.
Don't be fooled !!! Just hang up !! Or do what I did a few times ..tell them that you do not have a Computer ..they hang up on me then π
Yes, I'm in the UK too and I received one such call yesterday from somebody purportedly from Microsoft Support Centre – after quizzing them about their name and the company's name and when they became very cagey about giving me their details, they suddenly hung up.
whats wrong if some one services your computer and you pay them . whats wrong if the technician is microsoft certified .
These calls are also very common in New Zealand – I get as many as six of them every week, which suggests either that there are many criminal groups trying it, or that they have pretty useless record keeping.
I had one of these calls earlier this week. All it took was a couple of questions and he contradicted himself. So I very politely told him where he could take his "advice" and what he could do with it.
I am in Australia and I get these calls all the time, not so much lately after my responses became some what abusive to them π My 11 yr old son even told them to be like the rest of people, get a proper job and stop trying to leach off others. haven't heard from them in a while now. Don't be afraid to abuse them and hang up π It's your right π
to be fair, most legitimate technical support is also a fraud
I am also in Australia and have been getting these calls from a company called Global Tech. My partner pretended to follow their instructions for about twenty minutes before drilling them with questions about how they got information, what company they work for, their names, their location etc. They claimed to be from "London, Arizona" and told her to visit a site and call them back.
They rang back last night again and told me my computer had viruses so I told them that I didn't have a computer and they hung up on me.
RUDE.
We get quite a few in Australia, we sometimes like to play with them and string them along for a while (thus leaving them less time to scam from other people). You can almost hear them rubbing their hands together when they think they have a complete nuff on the line, ripe for the picking, until 30 or 40 minutes goes past and they work out you've been scamming the scammer π Sometimes they even ring back and you can try again!
Ohh so sad to read this. There are many people out there pretending to be a technical support. In cases like this, we really need to be careful. When you're asking for someone to fix your computer, they will be asking you a fee for that and they will also include the tax. So everyone don't be fooled okay? Be careful always with people like this.
Had one of these a couple of weeks ago. I'm in the US. They said when I downloaded something, it was also being received by people in other states. I told them I'd contact my internet provider & let them handle the problem. So far they haven't tried again, & I did notify my internet provider.
I've been following this closely for several months and they are mainly targeting Canada, UK, Austrailia and New Zealand.
The BBB (Better Business Bureau) in the US reported on users who first received a fake AV pop-up, and then got a call. This seems to be somewhat isolated and was probably from a different group than the most common "Microsoft" call center in India scam.
We keep a running list of articles that hit the news. A very small percentage of these calls end up becoming news stories.
7/9/2011 – US – New York – Albany – This one sounds a little different than the Microsoft scammers with India accents. These scammers pretend to be from computer support companies in New York.
7/8/2011 – CA – BC – Comox Valley
7/8/2011 – CA – Manitoba – Phone Scammers At Work Again
7/7/2011 – NZ – Whangarei – Northern Advocate – Virus scammers leave couple at risk
7/4/2011 – CA – Ontario – Another phone scam hits Norfolk County.
7/4/2011 – UK – London – Microsoft scam in our area
6/29/2011 – US – Virginia – Sheriff’s Office warns of telephone scam
6/26/2055 – Canada – Bendigo – Phone scammers targeting Bendigo
6/25/2011 – Canada – Brampton – Fraud Bureau Warning Residents of Computer Scam
6/24/2011 – Canada – Phone scam leads to computer hacking
5/12/2011 – US, Oklahoma Oklahomans Hit By Scam Targeting Computers With Viruses
4/22/2011 – UK, Strath – Beware of 01764 phone scam
4/14/2011 – US, Columbus IN – Sheriff warns of computer-virus scam
4/12/2011 – UK – Users warned of Windows Support Centre scam
4/8/2011 – CA – Strathmore man falls victim to Virtual PC Doctor
4/7/2011 – UK – Warning over computer virus phone scam
4/7/2011 – AU – Fake company scams residents
3/30/2011 – US – Contact 17 Investigation – New computer hacking scam
I've had one of these calls the other week, but at least as they started talking I knew it was a scam, as I was told that they had received a report from my home computer that there was an error with windows……hmmmm I don't use windows, I'm a Linux user, I told them and don't use Microsoft software, but they wouldn't believe me and tried to convince me that I was running window 7 and not snow leopard – thats when I hung up!
My mum also received the same type of call and good on her she told them to go away and hung up on them too!
I am one of the people in Canada who have been targeted. I am also a TELUS customer.
In May, after five phone calls in as many days and armed with Google'd reports from Australia and New Zealand, I decided to "bite" when I saw name "UNKNOWN" and an obviously spoofed number "91797" come up in Call Display.
The caller had an East Indian accent so thick I could have scraped it off with a back-hoe. He claimed to work for <unintelligible> and told me my computer was reporting it had viruses. The next 20 minutes saw the most clumsy and inept attempt at social engineering I could have imagined. Full disclosure: I probably did not help by playing along trying to be as dumb as a sack-of-hammers.
Had I let this painful charade continue and wound up with a self-inflicted wallet-ectomy I would have done the honourable thing: nominate myself for a Darwin Award. Of course making sure I was no longer in the gene-pool in order to win the award could have been a problem. I think laughing myself to death for being so gullible would have been the best way to go.
It's interesting that it was SOPHOS and not TELUS that brought this to my attention. How many customers read their tel-co's press releases? Not many I suspect. Attaboys to SOPHOS.
DON'T HANG UP, keep them on the line as long as poss. They are paying for the call so waste their time and make it less profitable for them.
If your number is a silent number, how did they manage to find out your number?
A friend of mine (over 65) was having problems with her desktop (couldn't connect to the internet) which I was about to fix that same day.
She said it's funny your here, with the Internet not working…….
I just had Microsoft on the phone saying that this machine was sending error messages and that they needed to access the computer to try and fix the issue.
The alarm bells started to ring, I knew it wasn't Microsoft and I asked her if she gave them any details, she replied no because as soon as she mentioned the fact that she had no Internet Access they put the phone down.
I was told the caller had an "Indian Accent" and had her opening command prompt trying various networking commands. She did genuinely believe it was Microsoft.
This worries me as she was clearly old and vulnerable and I'm pretty sure many more will fall for the scam!
But you know there is also a legitimate companies who provide genuine service they show you the reports first then you have to decide does your pc need a maintenance or not.they just cost you 39 to 50$ thats it.I got a good service provider who is providing me service for six months free with a one time fee of 49 bucks thay are really good.
I've received a call for help from an 85 year-old who has just been scammed by some of these scum. I've offered to take a look at his PC and I have a pretty good idea of the sort of things I'm going to do and what I shall be looking for. However, this has now become such a widespread issue that I'd be surprised if no one has yet come up with a standard procedure or at least a check-list of things to do to clean-up and re-secure PCs that have fallen victim to this crime. If anyone can provide such a procedure or check-list I would be very grateful to see it as I am certain it would speed up my task and probably identify some areas that I might otherwise miss.