PHONE CON: No, that is not "Microsoft" calling

Send to a friend Print
Angus Kidman30 March 2009, 4:18 PM

Have you had a man from Microsoft ring up and advise your computer is virus infected? If so, you're one of many Australians targeted in a phone scam.


Forget email distribution — the latest malware scam to hit Australia involves people making telephone calls and pretending to be from your support provider or PC company, and providing over the phone "instructions" to fix the problem which actually turn your machine into a potential spam-spreading zombie.

Reader Todd Hansen from support firm Wagga Systems contacted APC after a flood of calls from concerned customers. "We've had dozens of clients call us up about the 'Indian man from Microsoft'," he said.

In a typical version of the scam, callers are told that their machine is being monitored either by Microsoft or by their anti-virus provider, and an infection has been detected. The caller then offers to walk the customer through the steps needed to fix the (non-existent) problem. The instructions provided install remote control software on the machine, making it usable as part of a bot network and also potentially allowing it to track personal details such as account numbers or passwords.

Adding insult to injury, in many cases customers are also asked to provide credit card details in order to pay a service fee, with $270 one figure often quoted. Some of Wagga Systems' customers become suspicious when the instructions for "fixing" the machines in turn triggered legitimate warnings from their security software.

Other instances of the scam are being reported around the globe, with a UK county council posting a warning on its site. Security blog The H Security also noted that the people behind the scam don't respond well when challenged: "When confronted with the fact that there was no problem with his PCs and that we already knew they were scammers the caller became steadily more abusive and threatening, repeatedly swearing, apparently from a script, before eventually hanging up. "

The lesson? As ever, ignore anyone who makes an unsolicited phone call and starts asking for information of any kind, especially if it concerns PC security and/or your credit card number. Don't get into a discussion with them — just hang up. If a call makes you suspicious, contact your security software provider directly, and report the incident to the ACCC's Scamwatch line on 1300 302 502.


Post your comment



Comments

 RSS feed Email alert

Tin (Senior Forumologist):

I wonder how many people have been called who don't even have a computer.... And I wonder how they reacted to that.

30 March 2009, 8:04 PM (11 months ago)report abuse Send to a friend reply

 x  (User):

I'd like to hear the calls made to linux users.
pretentious bastards at the best of times, imagine someone calling to tell them they had a virus, especially when claiming to be from M$.

31 March 2009, 12:26 PM (11 months ago)report abuse Send to a friend reply

Raindog (Senior Forumologist):

Quoting  x :
linux users. pretentious bastards at the best of times,

Unlike the annoying Zombie Clicker windows fan boys who are known for their constant use of sweeping and inaccurate generalisations. :>


31 March 2009, 5:17 PM (11 months ago)report abuse Send to a friend reply

Carmar (User):

One thing might be finally working in our favour - phone calls are easier to track than emails. Perhaps some attention from Fraud Squads or similar bodies to track down these serial pests. Or perhaps we'll get the answer I got when I tried to alert ASIC about a scam targetting our business clients - they are overseas and we can't do anything about it. (Or can't be bothered)

31 March 2009, 1:56 PM (11 months ago)report abuse Send to a friend reply

Not signed in
anonymous user Anonymous user


Tags