New social engineering threat

01-03-2011
New social engineering scam - unwitting victims forking out hundreds of pounds for computer support services they never receive.

There's a social engineering scam that is successfully trapping unwitting victims into forking out hundreds of pounds for computer support services they never receive.

What happens

Individuals are receiving calls at home from what appear to be a UK phone number (often with a 0203 prefix) but these numbers are actually coming via Voice-over-IP from India.

The caller introduces themselves as representing "Microsoft Windows Support" or similar and claims that they have been alerted by the victim's Internet Provider that the victim is suffering from infection by multiple viruses and/or that their Windows PC is running slowly.

How it works

Now those of us using Windows will know that over time and as programs/toolbars et al are installed things tend to run more slowly - so most people will feel they have a problem that needs solving. :)

The scammer generally uses a couple of methods to convince the victim that they are legitimate.

- The victim is instructed to open a file called "Windows Event Viewer"; this is Window's error log and to the average non-expert computer user the contents can look pretty ominous.

- The victim is to execute a command that generates a long list of information about the Windows installation. At the bottom of the list is a line that contains a long ID number that happens to be the same on most Windows PCs. The scammer reads out this number and asks you to verify it - then states "that's the ID for your computer so we can carry on in safety".

Once the victim is both concerned about their 'virus problem' and trusts that the caller is actually authorised by Microsoft there is an attempt to take card details and make a payment of up to £400 for 'IT support".

What to do

If you receive a similar call, make the caller aware you know this an attempted scam and hang up.

If this has already happened to you, contact your bank/card issuer immediately and attempt to reverse the charges.

You should also contact Action Fraud to report the incident.

Action Fraud have a page giving more detailed information about this and similar Microsoft-related scams.

written by Ian Watson, 1/3/2011

Get in touch

We would love to hear from you if you have any questions about your training needs.

Get in touch

or call us on 020 3137 3920