The Windows Support Scam

Friday, July 30, 2010

Simon Heron


Recent articles published in the Guardian have revealed that fraudsters are continuing to cold call people, claiming to be a Windows support tech and getting the users to give them remote access to their PCs in the guise of helping them update their systems – as long as the user hands over £185.

This scam has actually been around for quite some time and whilst police may struggle to stop criminals from setting up business under a new name once they have been shut down, the potential victims can take control of the situation by putting the phone down.

It is, however, concerning that people are still willing to not only give a cold caller their card details, but also allow them remote access to their computers.

These people are taking huge risks with their personal data, not to mention the potential illegal content that could be installed whilst the machine is under someone else’s control.

It’s not clear where these criminals are getting their call lists from. Comments on a Guardian article reveal that the data could be leaking from other Indian call centres that call people for legitimate reasons.

What is clear is that the callers know what they are talking about.

They seem to be highly trained technicians and can therefore easily befuddle the less technical-minded computer user into granting unfettered access to their PC and handing over their card details for the privilege.

The easiest way to prevent becoming a victim of this scam is by knowing that you only allow someone you know and trust to have access to your computer, and by putting down that phone on all others.

Cross-posted from NetworkBox

Possibly Related Articles:
Phishing Security Awareness
Post Rating I Like this!
Mister Reiner "It’s not clear where these criminals are getting their call lists from...What is clear is that the callers know what they are talking about."

Insider threat, Trojan or physically compromised network are good possibilities. Can organizations attest to the security posture of any of their remote call centers or the trustworthiness of the personnel who operate them? This sounds like a good investigative reporting opportunity to me! ;)
Ather Alam Khan Same question, how the fraudsters are getting the contact information of users? and how the impostors know that the user is online or offline
Simon Heron I think that the calls are largely speculative with the assumption that during office hours people will be at their deska and logged on. So probably some abortive calls but many going through as planned.

The evidence seems to suggest that his is becoming a business like scareware. Support teams are being set up to continue the scam.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.