Welcome to ...

The place where the world comes together in honesty and mirth.
Windmills Tilted, Scared Cows Butchered, Lies Skewered on the Lance of Reality ... or something to that effect.


Wednesday, May 23, 2012

Very, Very Important - You Could Be Scammed!

I've received three of these calls in the last month. The person on the other end is telling you they represent Microsoft or a similar company and that your computer is sending out a virus.

It's a scam.

Has your Internet Explorer browser ever crashed while you were cruising the Web? Of course it has. And you've probably then seen a box informing you that an error message was being sent to Microsoft.

Pretty impressive that Microsoft would want to fix the problem by having one of its tech people call you at home.

Too impressive, it turns out. Calls being made to computer users from the "Windows Maintenance Department" or "Microsoft Tech Support" are actually a scam intended to get you to download some nasty piece of software or reveal confidential information.

"We do not send unsolicited email messages or make unsolicited phone calls to request personal or financial information or fix your computer," Microsoft says. "If you receive an unsolicited call from someone claiming to be from Microsoft tech support, hang up. We do not make these kinds of calls."

Ken Slater, 68, of Long Beach, has been getting these calls about once a week for the last few months.

In each case, the caller claims to be with the Windows Maintenance Department and says an unusually high number of error messages have been coming from Slater's computer.

Slater, a former computer engineer at Hughes Aircraft, told me he knew from the get-go that something was up.

"Microsoft doesn't look at all those error messages it gets," he said. "Maybe they use them to improve their products, but they don't respond individually. It was obvious the callers were up to no good."

Slater's suspicions were confirmed when one of the callers provided instructions for accessing his computer's events log. This is a listing of all alerts and warnings generated by the system. They're all real and they're fairly routine.

It was at this point that Slater hung up. But according to various accounts of the scam available online, the caller will then try to dupe the unwary into believing the events log is evidence of a serious problem, probably a virus infection.

The caller then offers an easy fix. You're instructed to go to a specific website — Fixonclick123.com crops up frequently — where software can be downloaded that will kill the virus and save your computer.

The scam from this point on can work one of two ways. You might be asked for a credit card number to purchase the virus-killing software. Needless to say, your credit card number will be used for more than that.

The other variation of the racket is to offer the virus killer for free. But the software is in fact a malicious program that will be used to either take control of your computer or scan its entire contents.

"These con men and women are very good at this," said Matt Bishop, co-director of the Computer Security Lab at UC Davis. "They take advantage of the fact that computers are very mysterious to a lot people."

He said people should keep in mind that no major computer company calls people at home to troubleshoot their machines.

"If you don't know who you're talking to, don't talk to them," Bishop said. "And don't follow any instructions."

Richard Saunders, director of Microsoft's Trustworthy Computing division, echoed this advice.

"Treat callers as you would treat strangers in the street," he said. "Do not disclose personal or sensitive information to anyone you do not know."

Saunders added that "this is not the first scam of its kind, and it's unlikely to be the last."

Slater hasn't been able to stop the calls, but he's found some easy ways to make the scammers go away. For example, whenever he declares that he's a computer engineer, they immediately hang up.

They also hang up when he says he uses a Mac, or when he says he has no computer in the house.

I wonder what they'd do if, instead of them instructing you to visit a particular website, you told them you had somewhere for them to go: FBI.gov.

No comments: