Pages

Friday, February 21, 2014

Never, Under Any Circumstance, Give Sensitive Info To Anyone Who Contacts You

Phishing Scams
The Federal Trade Commission
***
Alan: Earlier today I got "phished" by a sweet woman claiming to represent the Occupational Safety and Health Administration. She was very engaging, upbeat and "professional." "Sharon" said that the restaurant I am helping to launch would be denied an OSHA "Compliance Number" unless I made immediate payment of a $139.00. The upshot? NEVER, EVER give ANY information to ANYONE who phones you or emails you without your prior request that they do so. NEVER. EVER. Yes, it will take time and effort to determine whether a caller has an authentic interest in communicating with you. The first thing to do is to get the caller's phone number and then inform them that you are going to talk with your state's FBI office (easily located online) and also the Federal Trade Commission. Then, say goodbye, hang up and proceed with your research. If the caller identifies himself (or herself) as representing a known institution, phone that institution by locating its corporate headquarters through the research desk of your local library. Then, initiate a phone call to corporate headquarters and explain to the person who answers that you think you are the target of an intended scam. Ask the corporate representative for the corporation's "Fraud Desk" and when you learn that dedicated phone number, call it yourself -- do not let the representative call it for you! -- making sure that the person who answers your second call identifies himself/herself as working for the "Fraud Division." Although this process of validation is laborious, it is much more advantageous than falling victim to a scam that plunders your pocket and steals your sensitive information.
***
If you get a call about your computer, it's a scam.
So I've heard rumors that there are fake calls happening lately, where someone from overseas calls and tells you your computer is infected with a virus, or your license has expired, or there's some other problem that you need to deal with, right now.
There are many organizations doing this, and some of them are pretty slick.
The one that called me today wasn't.
My caller ID said "unavailable," and when I answered, a woman speaking in a thick accent informed me that my computer was infected. I solemnly swear that I am not making any of this up, not their grammar, nor their words. This is all exactly what they said:
Me: Hello?
Scammer: Hello, I am calling from Windows operating system. We are calling because we have detected a large number of downloading from your computer, like junk files and virus. Are you aware of this?"
Me:  "You're calling from Windows Operating System."
Scammer: "Yes."
Me: "Windows. Operating. System." "
Scammer: Yes."
Me: "So you're not Microsoft. Who are you exactly?"
Scammer: "We are the security department for windows operating system."
Me: "Well seeing as I've worked as an IT professional, I seriously doubt that you're calling from 'Windows Operating System.'"
Scammer: "We're the security department."
Me: "Okay, since you know so much about what my computer has been downloading, what's my IP address?"
Scammer: "We don't work for IP Address. We work for windows operating system."
Me: "You don't work for IP Address?"
Scammer: "We have your security license certificate and-"
At this point, someone pulled the plug on the call. It was a shame, actually, I was having a lot of fun. I was about to start playing along to see what she wanted, but one of her higher ups listening in must have realized what was going on.
Curious, I did a little bit of research. This stuff is pretty common.
Scammers have been calling people and doing the following:
  • Installing trojans that steal your passwords and information.
  • Getting you to unwittingly give them remote access to your computer, allowing them to get information on your online banking.
  • Pressuring users into paying for phony services.
  • Installing botnets, viruses, or other malicious software.
The most important thing to remember is that not one American, Canadian, or British computer company makes unsolicited phone calls.
If something is broken with your computer, they expect you to call them. They will not call you.
Not everyone is going to be as hilariously incompetent as the folks who called me. DO NOT BE FOOLED. If you ever get a phone call from Dell, Microsoft, Apple, HP, or "Windows Operating System," it's a scam.
If you have time, have fun wasting theirs. Messing with these people can be pretty entertaining. Just don't give them any information or follow any instructions they give you. I was heartbroken when I got disconnected. I was going to enjoy wasting her time.
In any case, be safe, and remember: you call them, they don't call you. If they do call you, they're liars and thieves.
For further reference, here's information from Microsoft, and here's an article by Dellwhich includes the transcript of one of these scam calls.


2 comments: