As more and more people become acquainted by the tricks used by internet scammers and cybercriminals, so they are pressed to find new social engineering tricks in their hope of tricking the unwary.
One of the schemes we have heard of involves unsolicited calls via Skype, where an automated message (what I like to call a “Digital Dorothy”) warns you in a semi-robotic voice that your computer’s security is not up-to-date.
A Naked Security reader has pointed us to the following YouTube video, showing just such a scam call caught on camera. Fortunately, in this case, the recipient of the bogus call about his computer’s security was wise to the scam and knew not to act upon it.
Warning: Some of the language used in this video is a little fruity.
In case you couldn’t make it out on the video’s soundtrack, here’s what the automated call was saying:
"Attention: this is an automated computer system alert. Your computer protection service is not active. To activate computer protection, and repair your computer, go to [LINK]"
If you weren’t aware of fake anti-virus (also known as scareware) scams like this you might well be worried enough to visit the website referred to in the message, where it will pretend to scan your computer’s security.
Surprise surprise.. the website claims that you are not properly protected – and it urges you to install its software (a steal at $19.95).
I’m not sure I would want to trust any product which uses Skype spam techniques to advertise itself, and presented itself in such an underhand manner.
They seem to be keen for you to hand over your contact details (including your email address). For test purposes, I entered an email address – but haven’t received a communication yet. One thing is for sure – I am not going to trust whatever they say in that email.
Of course, if you don’t want to receive unsolicited Skype calls the best thing to do is change your privacy settings so only users listed in your contacts list are allowed to get in touch with you.
If you want to find out more about fake anti-virus or scareware attacks download the technical paper from SophosLabs: “What is Fake AV?” [PDF]Follow @gcluley
Hat-tip: Thanks to Naked Security reader Morgan for bringing this video to our attention.