Don’t Be Caught by These Common Scams - Part 2

Telephonically

Attackers do not only send fraudulent e-mail messages, as described in Part 1 of this series. They even call individuals telephonically and pretend that they are working for one of the following organisations:

  • Windows Helpdesk
  • Windows Service Centre
  • Microsoft Support
  • Microsoft Tech Support
  • Windows Technical Department Support Group
  • Microsoft Research and Development Team (Microsoft R & D Team)

Attackers introduce themselves as technical engineers who received Windows Automated Error Messages from the individual’s computer. They navigate users to a website or provide users with a link to install software in order to “fix the problem”. This software will not fix any problems but instead, capture sensitive data in the background, such as passwords and banking usernames.
 
An alternative method is to convince the user to visit legitimate websites such as www.ammyy.com in order to download software that will enable attackers to take control of the computer remotely to “fix” the problems, and then adjust settings to leave the computer vulnerable.
 
Cyber criminals often use publicly available personal details, enabling them to know individuals’ names and personal information, while guessing the type of operating system the individual is working on.
 
When individuals receive suspicious phone calls, no information should be provided to the caller and websites linked to these types of phone calls should never be opened. If such phone calls or website links have been received by users, Microsoft should be informed. Microsoft will never proactively reach out to users in order to provide unsolicited computer or technical support. Any communication between Microsoft and a user, will be initiated by the user.