Extra Dimensions IT

We make IT better for you

Our Blog.

Please stop by again. Thank you for your interest!

03/02/2017

IT Support Scam

road-sign-464653_640.jpgSo, for the last few months, Americans have been plagued by a new IT support scam. Sadly, scammers are now also targeting South Africans. A client of ours have recently been contacted in an attempt to catch them in this scam.

The scam works like this: Someone phones a user and claims to be phoning on behalf of Microsoft. They then inform the user that their systems have detected that the PC is infected with a virus. They convince the user to download a tool that allows them to log into their machine remotely. Once logged in, they then employ a variety of fake tasks designed to convince ill-informed users that their machine is in fact infected by a virus. They can obviously help the user remove the viruses, at a fee of course. Some of them also try to encrypt the users Hard Drive, claiming that it was because of all the viruses, that can ONLY be fixed after they pay the “support fees”. Usually they charge anything between $190 to $500, to “remove” these viruses.

I must say, from an IT perspective, it is rather interesting to see the methods they use to convince users. For example, they will run a command that will list all the files on the Computer Hard drive. This takes a some time to complete and while this screen scrolls through all the files on the PC, they tell the user that they are performing a “scan”. While the “Tree” command executes (in other words scrolls through all the files on the Hard Drive), they type in that there are viruses found. Once the “Tree” command stops, the next “command” is displayed, only this time it is not a valid command, but something typed in by the scammer, saying infections found.

Another trick they employ, is that they display all the services on the PC. Now it should be noted that there are MANY Microsoft services installed on a PC, but not all of them are used. So services that are not being used, will NOT be started and is sometimes Disabled. So scammer will convince you that all Microsoft Services should be enabled and started, then show the user all the disabled services and say that these have been disabled by all the viruses. They might even suggest that other hackers have gained access to the user PC and have full access to their banking.

This of course is all a scam, designed to convince innocent users to part with their hard earned money. So, what can you do? Well, firstly, Microsoft will NEVER phone Joe Soap, because they saw a virus infection on his/her PC. So the moment someone from Microsoft phones you, you should immediately be suspicious. Secondly, you should really make sure that you have an updated Antivirus installed on your PC. Rather be safe than sorry. And if you do get a call from someone claiming to be phoning on behalf of Microsoft, immediately refer them to your trusted IT support guy. He/She would be able to very quickly determine what is going.

At the end of the day, we all have to be very careful and very vigilant. Scammers are everywhere and they put lots of effort into getting their scams good enough to swindle innocent people, rather be over cautious than caught. Should you have any comments or questions, please feel free to contact us immediately.

Willie Strydom - 14:51:50 @ Privacy, Common, Personal View | Add a comment

Add comment

Fill out the form below to add your own comments