The Windows Support Scam

Friday, July 30, 2010

Simon Heron

A88973e7d0943d295c99820ab9aeed27

Recent articles published in the Guardian have revealed that fraudsters are continuing to cold call people, claiming to be a Windows support tech and getting the users to give them remote access to their PCs in the guise of helping them update their systems – as long as the user hands over £185.

This scam has actually been around for quite some time and whilst police may struggle to stop criminals from setting up business under a new name once they have been shut down, the potential victims can take control of the situation by putting the phone down.

It is, however, concerning that people are still willing to not only give a cold caller their card details, but also allow them remote access to their computers.

These people are taking huge risks with their personal data, not to mention the potential illegal content that could be installed whilst the machine is under someone else’s control.

It’s not clear where these criminals are getting their call lists from. Comments on a Guardian article reveal that the data could be leaking from other Indian call centres that call people for legitimate reasons.

What is clear is that the callers know what they are talking about.

They seem to be highly trained technicians and can therefore easily befuddle the less technical-minded computer user into granting unfettered access to their PC and handing over their card details for the privilege.

The easiest way to prevent becoming a victim of this scam is by knowing that you only allow someone you know and trust to have access to your computer, and by putting down that phone on all others.

Cross-posted from NetworkBox

Possibly Related Articles:
17587
Impersonation
Phishing Security Awareness
Post Rating I Like this!
5c857bc159e9c361aebbb1eab4c87c3f
Mister Reiner "It’s not clear where these criminals are getting their call lists from...What is clear is that the callers know what they are talking about."

Insider threat, Trojan or physically compromised network are good possibilities. Can organizations attest to the security posture of any of their remote call centers or the trustworthiness of the personnel who operate them? This sounds like a good investigative reporting opportunity to me! ;)
1280603461
5f3df1f487d87e9623e3da17e9136918
Ather Alam Khan Same question, how the fraudsters are getting the contact information of users? and how the impostors know that the user is online or offline
1280737131
A88973e7d0943d295c99820ab9aeed27
Simon Heron I think that the calls are largely speculative with the assumption that during office hours people will be at their deska and logged on. So probably some abortive calls but many going through as planned.

The evidence seems to suggest that his is becoming a business like scareware. Support teams are being set up to continue the scam.
1280828353
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.