This is your headquarters for resources, tips, training and content for the crime prevention services provider.
I received a voice mail this week that claimed to be from a Microsoft Certified Technician. The message claimed that my computer has been sending error messages to Microsoft and that the technician was going to help me fix my computer. I play the actual voice mail in the podcast.
The scam works by hoping that the person receiving the call doesn’t realize that Microsoft will never initiate a call to anyone that hasn’t called them for support first. If the scammer finds someone who answers their phone, they try to convince them to do one (or both!) of two things.
First, they may try to get the victim to give them their banking or credit card information to purchase software that will “fix” the problem. This could result in the victim’s bank account being drained or their credit card being hit for hundreds or thousands of dollars in false charges.
Second, if the victim agrees to the software purchase, the victim’s computer is loaded with malware that does far more harm than the initial problem. Rather than repairing any problems, the program installs keyloggers, viruses, trojans and other information stealing software that grabs your banking information, passwords and other account details off your computer and provides them to the criminal to hack into your accounts at will.
The more common report, however, is that the criminal asks for your IP (Internet Protocol) address and gives you instructions to change the settings on your PC to allow a “RAT” inside your computer. This RAT (Remote Access Tool) allows the criminal access to your computer from anywhere in the world. Once inside, they have a free reign to steal your passwords, grab your identity information and install any manner of malware they like. Remote Access Tools are actual programs used by real Information Technology (IT) departments and services for bona fide customer service reasons. They allow companies to fix problems remotely without having to physically be at the customer’s computer. The problem comes when these real tools are used for nefarious purposes by criminals like these scammers.
What can we do?
- Remind everyone that Microsoft will never call them first to tell them about a problem with their computer.
- Post the information on your web page.
- Link to information such as Snopes.com.
- Post on Facebook.
- Tweet a link to your warning.
- Do radio or TV Public Service Announcements (PSAs).
- Tell people not to answer these calls in the first place. Use voice mail to screen out the scam artists.
- Never call them back if you’re not sure about the validity of the call.
- Don’t give anyone banking or credit card information if you did not initiate the call.
You don’t have to be a law enforcement officer to help
- If you are a member of a homeowner’s association, post the information on your HOA bulletin board or in your newsletter.
- Neighborhood Watch and Crime Watch groups can share the message with their members.
- School Resource Officers can include the warning in messages to their school staff and parents.
- Volunteers and civilians can share with their church, Rotary, Lions and other social groups.