This oldie and not-so-goodie is back. I received two calls from two separate Member institutions yesterday alone, and I’m seeing an increase in reports across the country. In the case of the two Member institutions who called, I’m a little disturbed at both reports stating a large number of their institution’s staff received the call at home. Makes me curious if fraudsters are targeting FI staff in hopes of gaining remote access into the institution’s main network? (Yes, I do really think like this – the sky is always falling in my world.) Either way, please share because this is valuable regardless.
Intended victims receive a call at home from someone claiming to be from Microsoft, usually claiming that during a routine scan they detected a virus on your computer and offer to fix it. Typically they require a fee, and almost always they want to remote in to your system.
There are a lot of different flavors of this scam, but in the end there is one result – you’re a victim if you don’t just hang up.
According to Microsoft:
1. Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.
2. You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.
Unfortunately, if you do (or did) fall for this, a number of things can happen:
1. The caller tricks you into installing a virus or malware that can collect sensitive data, such as online banking user names and passwords.
2. The caller charges you to remove supposed viruses or malware, when your system wasn’t infected, but is after they are done with it. So, you paid for your own computer infection.
3. They will take control of your computer remotely (sometimes after the call) to adjust settings to leave your computer vulnerable for future attacks.
4. They direct you to fraudulent websites saying you have to enter personal information including payment information to pay for a software license, the service, etc.
If you think you’ve fallen for this scam:
1. Change your computer password and passwords to financial accounts, especially your bank and credit card.
2. Notify your financial institution and credit card company (if you provided card data) immediately requesting a block or monitor of the account.
3. Scan your computer with the
Microsoft Safety Scanner (Windows machines only) or
Malwarebytes (Apple and Windows machines plus mobile devices) to find out if you have malware. Both offer free scans to detect problems.
4. Report the incident to the
Internet Crime Complaint Center (IC3).
Note there are a few other versions floating around, almost always claiming they are Technical Support of some name that will be familiar to you – this is in hopes of gaining your immediate trust because you trust the name. I mean, I doubt you’d give your credit card number and access to your computer to a caller saying “Hi, I’m Rayleen. I’d like to commit fraud against you today so whip out your credit card and give me access to your computer please!”
Stop and question…well, pretty much everything anymore. If in doubt, take down their information (if the caller is legit they won’t have an issue with this – if they’re not legit, they will have a
serious issue with it), try to verify before you do anything, or, join me on the cynical train and just hang up.