Naked Security has been hearing from our Canadian readers about more fake technical support calls trying to get people to infect themselves with fake anti-virus software, keyloggers and remote control software. That’s right, they are calling people on the telephone and trying to defraud them in numerous ways.
The fraudulent callers represent themselves as being from Microsoft, Telus (one of the traditional Canadian phone companies) and other brands believed to be trusted by the intended victims.
As we have reported previously the calls seem to originate from overseas call centres, but often use caller ID numbers that appear to be local. They likely are taking advantage of extremely cheap Voice Over IP technologies that allow them to purchase local phone numbers.
They falsely claim the user’s computer has been sending error messages to them and that they are calling to help fix their PCs. Their modus operandi varies, although the outcome is always the same: them stealing your money.
They usually offer to assist you through remote control software, often from legitimate vendors like LogMeIn. Once they are able to access your PC they will install fake anti-virus software or other malware and charge you for the privilege. This way they get two bites at the apple… Once for the technical support incident and another when you pay for the rogue security suite.
This has been common enough recently that Telus has posted an advisory on their website. Telus states that they are working with the Royal Canadian Mounted Police to trace the origin of the calls and recommend Telus customers who believe they have been defrauded call 310-2255.
A recent study by Microsoft showed that the average Canadian victim had $1560 USD stolen from their accounts. It is important to apply the same skepticism to incoming phone calls as you would apply to unsolicited emails or strangers ringing your doorbell.
Paul Ducklin and Sean Richmond of Sophos Australia recorded a podcast explaining these scams and provide advice on how to avoid becoming a victim, I recommend listening to it and sharing it with your friends and family.
(05 November 2010, duration 6:15 minutes, size 4.5MBytes)
These attacks aren’t just affecting Canadians, we have had reports from Australia, the United Kingdom and the United States as well. Stay vigilant and remember, hanging up isn’t rude when someone is calling to scam you.
Thanks to Savio in SophosLabs Canada and Naked Security reader Lystra for contributing information to this story.