Windows Support Scam Update

Friday, April 01, 2011

Simon Heron

A88973e7d0943d295c99820ab9aeed27

The Windows Support Scam just seems to run and run.  I cannot believe that I am writing an update on this scam that has been around since 2008. 

Just recently I was on BBC Radio Nottingham talking about this issue as a number of listeners had reported that they had been targeted. 

Interestingly, this came up in Nottingham this time, last time I was on, the area concerned was Kent.  Made me wonder if the calling lists are regionally based but I guess this is a small sample set to work with.

For those that don’t know, this scam involves fraudsters cold calling people, claiming to be a Windows support tech and getting the victim to give them remote access to their PCs in the guise of helping them ‘cleanse’ their systems – as long as the victim hands over £185 or in some cases much more.

The ploy is to ask the victims to look at the event viewer on their PC which invariably has plenty of rather worrying (but totally harmless) warnings and alerts. 

The victim is then told that these harmless warnings show that their PC is infested with viruses and that they are in deep trouble.

Once the seeds of Fear, Uncertainty and Doubt (FUD) are well sown, the fraudsters persuade the victim to let them access their PC.  They do this using the perfectly legitimate logmein123.com service to logon to the victim’s PC, with the victim’s agreement. 

They then ‘cleanse’ the PC running some bogus software which does nothing in the way of cleansing the PC and frequently, they logoff without leaving anything more than the logmein123.com client behind. 

Recently however, reports are coming in that some fraudsters seem to be leaving behind evidence that work was done by another, legitimate company.

The issues to remember here is that Microsoft does not monitor all the PC’s in the World looking for ones generating signs of infection so if someone rings up suggesting that they are from or work on behalf of Microsoft, you can rely on it being a hoax. 

Sometimes they claim to come from the victim’s ISP but again this is rare and if you do not know someone intimately, do not let them on your PC.

Cross-posted from RedScan

Possibly Related Articles:
21440
Impersonation
Service Provider
Microsoft scam Social Engineering Windows Remote Access
Post Rating I Like this!
Default-avatar
timm luca You know what works better in a content? Info graphs. they are really entertaining and fascinating. Good for the viewers to read. golden wing angel leather jacket

1402901488
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.