12 min.
#2: Did a Microsoft Technician Call Me? I Smell a “RAT” – CPHQ Podcast 2 Crime Prevention HQ
-
- Cursussen
This is your headquarters for resources, tips, training and content for the crime prevention services provider.
We do lots of things at Crime Prevention HQ, but we try to concentrate on two areas: using social media tools to spread your crime prevention message and providing some content that you can pass on to your community.
Voice Mail
Let’s start with a voice mail that I received this week at home. Later, we’ll talk about ways you can share this information with your community.
I received a voice mail this week that claimed to be from a Microsoft Certified Technician. The message claimed that my computer has been sending error messages to Microsoft and that the technician was going to help me fix my computer. I play the actual voice mail in the podcast.
The scam
The scam works by hoping that the person receiving the call doesn’t realize that Microsoft will never initiate a call to anyone that hasn’t called them for support first. If the scammer finds someone who answers their phone, they try to convince them to do one (or both!) of two things.
First, they may try to get the victim to give them their banking or credit card information to purchase software that will “fix” the problem. This could result in the victim’s bank account being drained or their credit card being hit for hundreds or thousands of dollars in false charges.
Second, if the victim agrees to the software purchase, the victim’s computer is loaded with malware that does far more harm than the initial problem. Rather than repairing any problems, the program installs keyloggers, viruses, trojans and other information stealing software that grabs your banking information, passwords and other account details off your computer and provides them to the criminal to hack into your accounts at will.
The more common report, however, is that the criminal asks for your IP (Internet Protocol) address and gives you instructions to change the settings on your PC to allow a “RAT” inside your computer. This RAT (Remote Access Tool) allows the criminal access to your computer from anywhere in the world. Once inside, they have a free reign to steal your passwords, grab your identity information and install any manner of malware they like. Remote Access Tools are actual programs used by real Information Technology (IT) departments and services for bona fide customer service reasons. They allow companies to fix problems remotely without having to physically be at the customer’s computer. The problem comes when these real tools are used for nefarious purposes by criminals like these scammers.
What can we do?
What can we do as Crime Prevention Officers to keep our people safe from this trick?
* Remind everyone that Microsoft will never call them first to tell them about a problem with their computer.
* Post the information on your web page.
* Link to information such as Snopes.com.
* Post on Facebook.
* Tweet a link to your warning.
* Do radio or TV Public Service Announcements (PSAs).
* Tell people not to answer these calls in the first place. Use voice mail to screen out the scam artists.
* Never call them back if you’re not sure about the validity of the call.
* Don’t give anyone banking or credit card information if you did not initiate the call.
You don’t have to be a law enforcement officer to help
Whether you are a crime prevention officer, practitioner, or volunteer, community services officer, School Resource Officer, Citizen Observer Patrol coordinator, Volunteer in Policing member, Neighborhood Watch Coordinator or Block Captain, Home Owner’s Association member, or have a different title, if you provide crime prevention services to your c...
This is your headquarters for resources, tips, training and content for the crime prevention services provider.
We do lots of things at Crime Prevention HQ, but we try to concentrate on two areas: using social media tools to spread your crime prevention message and providing some content that you can pass on to your community.
Voice Mail
Let’s start with a voice mail that I received this week at home. Later, we’ll talk about ways you can share this information with your community.
I received a voice mail this week that claimed to be from a Microsoft Certified Technician. The message claimed that my computer has been sending error messages to Microsoft and that the technician was going to help me fix my computer. I play the actual voice mail in the podcast.
The scam
The scam works by hoping that the person receiving the call doesn’t realize that Microsoft will never initiate a call to anyone that hasn’t called them for support first. If the scammer finds someone who answers their phone, they try to convince them to do one (or both!) of two things.
First, they may try to get the victim to give them their banking or credit card information to purchase software that will “fix” the problem. This could result in the victim’s bank account being drained or their credit card being hit for hundreds or thousands of dollars in false charges.
Second, if the victim agrees to the software purchase, the victim’s computer is loaded with malware that does far more harm than the initial problem. Rather than repairing any problems, the program installs keyloggers, viruses, trojans and other information stealing software that grabs your banking information, passwords and other account details off your computer and provides them to the criminal to hack into your accounts at will.
The more common report, however, is that the criminal asks for your IP (Internet Protocol) address and gives you instructions to change the settings on your PC to allow a “RAT” inside your computer. This RAT (Remote Access Tool) allows the criminal access to your computer from anywhere in the world. Once inside, they have a free reign to steal your passwords, grab your identity information and install any manner of malware they like. Remote Access Tools are actual programs used by real Information Technology (IT) departments and services for bona fide customer service reasons. They allow companies to fix problems remotely without having to physically be at the customer’s computer. The problem comes when these real tools are used for nefarious purposes by criminals like these scammers.
What can we do?
What can we do as Crime Prevention Officers to keep our people safe from this trick?
* Remind everyone that Microsoft will never call them first to tell them about a problem with their computer.
* Post the information on your web page.
* Link to information such as Snopes.com.
* Post on Facebook.
* Tweet a link to your warning.
* Do radio or TV Public Service Announcements (PSAs).
* Tell people not to answer these calls in the first place. Use voice mail to screen out the scam artists.
* Never call them back if you’re not sure about the validity of the call.
* Don’t give anyone banking or credit card information if you did not initiate the call.
You don’t have to be a law enforcement officer to help
Whether you are a crime prevention officer, practitioner, or volunteer, community services officer, School Resource Officer, Citizen Observer Patrol coordinator, Volunteer in Policing member, Neighborhood Watch Coordinator or Block Captain, Home Owner’s Association member, or have a different title, if you provide crime prevention services to your c...
12 min.