Microsoft Calling? Hang Up!

TRG NetworkingNews, Notices

As if all the ransomware and email schemes trying to sneak past your defenses weren’t bad enough, now hackers and thieves are going old-school and using the telephone to compromise your security … and your money.

Combining the worst parts of hacking and telemarketing, cybercriminals are calling and claiming to be from Microsoft. They might offer to help fix a computer problem, or say there’s an issue with a software license. And from there, the scams take a number of forms:

  • The caller may attempt to trick you into installing malicious software to capture sensitive data like your banking usernames and passwords.
  • They might have you install legitimate software that allows them to take control of your computer. From there they can change settings that leave your PC vulnerable to future attacks.
  • Often they will request credit card information over the phone (to charge you for the “tech support”) or direct you to a shady site that requests your financial information.

Now, if you’ve ever tried to contact Microsoft’s tech support, you know how unlikely it is that they would ever take the time to reach out to users pro-actively. And yet, these scams produce new victims every day. Callers often use public directories so they know the name of their victim, and they’ll guess at the operating system so the call appears legitimate.

Here’s how to protect yourself:

Understand that Microsoft never makes “cold calls” (unsolicited outbound calls). Well, almost never. According to the MS website:

There are some cases where Microsoft will work with your Internet service provider and call you to fix a malware-infected computer—such as during the recent cleanup effort begun in our botnet takedown actions. These calls will be made by someone with whom you can verify you already are a customer. You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.

Don’t provide any personal information, including passwords, and never allow someone to take control of your computer unless you initiated the contact.

Not sure? Go to the phone scams page on Microsoft’s website where you’ll find legitimate contact information as well as links to report scam attempts to Microsoft and the FTC.

Finally, if it’s too late and you think you’ve been fooled by a phone scammer, immediately change your passwords for your computer login, email accounts and banks or other financial institutions. Then contact us so we can see if your security has been compromised and protect you from future incidents.

TRG NetworkingMicrosoft Calling? Hang Up!