Yes, you read the title correctly, scammers and hackers are resorting to phone calls to trick people into giving them access to their PCs. In fact, it happened to me just this week. Here is how it went down. A call came in on my land line. Being busy, I let it go to the answering machine. When I finally listened to the message a woman said that there was a problem with my Microsoft account and if I was the person who purchased Office 365, I should call back or press 1 for immediate help. Dire circumstances would occur otherwise like corruption of credentials, loss of data, inability to access accounts, etc.
With a snort of disgust. I let the message end. Thinking I might want to get the sordid details for this post, I tried to replay the message. It was gone! The message still showed 26 seconds but there was only silence. In true Mission Impossible fashion, the message had self-destructed. Fortunately for my cell phone and my ear, without the flames and smoke. I was impressed with the sophistication of the scam’s implementation in terms of leaving no trace.
This got me thinking and wondering if this is a widespread occurrence. So off I went to the modern-day Library of Alexandria (the internet) to research the topic. Yup, it’s a thing but most of the references I came across were dated a few years ago like this article from ABC News in 2013. Seems like the hackers and scammers have revitalized an old tactic. I wonder if they are doing what Disney does? Disney re-releases children’s’ movies every few years to appeal to a new batch of youngsters. Maybe scammers have a similar business model.
Here’s how this bit of social engineering works. You get a call and the person gives you some line about your PC having a problem. According to a Guardian article, you are directed to open a Microsoft diagnostic tool and it produces are log of PC events that will be downright alien to anyone unfamiliar with the contents and nearly indecipherable to everyone else. They point to an entry as a problem, have you download a “fix” from a website, and there goes your PC. You are either charged a fee for the “preventive” fix or later are hijacked to remove the malware.
Very clever. The scammers get the victim to do the work for them. The caller even mentioned Office 365 which I do have but there was no other personal data besides my home phone number in use. Unfortunately, many elderly and inexperienced people fall prey to these scams.
I tied the message to a large number of recent calls to my cell phone from the states of California and Arizona. As I do not know anyone in those two states, I ignore them, and no messages are ever left. Later, I go and block the caller in my phone, so they cannot reach me again. I may just answer one in the future to see what they have to say.
We always urge people to use caution when online. Never click a link from a company you are not expecting to hear from. Be very careful about clicking links in messages that seem to be from friends on social media – ask if they sent it. Don’t respond to scammers on the phone or via email. It’s hard to always be vigilant but be sure to try.
When it comes to the best in secured communications, trust CRIP.TO to protect your identity, anonymity, and data. With our unique combination of hardware, software, and stack of services, the chances of any communication being decrypted is practically zero. We give you the freedom to communicate fearlessly.