Reading time ( words)
As some of you may know, I teach computer security and maintence as director of the San Clemente California Cyber Café and for S.C.O.R.E. I provide information on the latest computer scams and threats and what to do about when they are encountered. I've been asked to provide the better and more interesting threats in the form of a newsletter and I thought these might also be of interest to my readers here on I-Connect007.
The Security Tip of the Month
Many scams are perpetrated on unknowing computer users. They come in all flavors and no one--no matter what type of computer you use--is immune. NO ONE!
This month, I want to focus on the “I am from Windows and I'm calling to fix your computer” scam. You get a phone call and there's a slight delay before the person at the other end responds to your “Hello.” This is your first clue this is a robo-call and the call you jsut answered is now being assigned and routed to the next available scam artist. First, the caller says, “I'm from Windows and I'm calling because we see you're having problems with your computer. I'm calling to help.” If you ask if he's from Microsoft he will just repeat “I am from Windows.” We all know there's no such company as "Windows" as that is a Microsoft product. Let me assure you that Microsoft does not monitor your computers health and call to offer help. This is a total scam designed to let a caller take control of your computer and load malware or ransom-ware. The caller tells you of the dangers you face if you don't let him help. Second, the caller asks you to open the "Run a Command" box or go to a website to give him access to your computer. If you hesitate, hw will direct you to look at your diagnostics or event viewer screen in Control Panel and then point out normal caution notices (present on virtually every computer) and indicate you have severe issues going on. This scam has been around since about 2009, but is rearing its head again in a big way--and the scam artists are getting better with their story. You can just hang up on them, which is what I recommend, but sometimes they call you back, sometimes over and over. If you wish, you can get even or just have some fun. I must admit to having done this.
When these people call, say something like, "Could you please hold on a minute--someone is at the door," then keep the caller on hold for as long as it takes for him to finally hang up. His time is valuable and if he get the idea that you're not such an easy target you are more likely to be removed from the list for the next round of calls. Or, you can act stupid: Whatever the caller tells you to do, say that you're doing it. If he tells you to go to a remote access site, claim you're on the site and you typed in the code he gave you. Of course, do not do that. Keep saying that you're trying again and don't know why it's not working. The caller will assume something is wrong on his end and decide you are wasting time and long distance phone resources. Or, you can say you work for Microsoft tech support and ask which office he is in, ask for a staff ID number, ask questions about how long he's worked there, etc., etc. The longer you can keep him on the line, that's one or two fewer people he has time to scam that day. Remember, no matter what, DO NOT go to their requested site, DO NOT enter any code, DO NOT give them access to your computer. I assure you it is a scam and that it will cost you money, time, and aggravation if you do what they say.
This Just In...
Cryptowall is a variant of ransom ware that encrypts files in shared directories which can be accessed from an infected user's computer.
One of the technology advisory companies I work with has seen a number of computers infected with Cryptowall in the last couple of weeks. The infections appear to come from a link in an e-mail that appears to come from ADP. The title of the e-mail is "ADP Past Due Invoice." As always, I strongly recommend that you do not go to links in e-mails you did not expect. You would think those not doing business with ADP would have no reason to visit that link, but apparently they do. Keep your antivirus and anti-malware up to date, do not click on links in unknown e-mails, do not open unexpected zip files. Just delete unfamiliar e-mails: Do not respond to them, do not go to links in them, and do not open attached zip files. JUST DELETE THEM. You will be glad you did.
Over the next few months I will be providing more security tips and updates, as well as provide annual coverage from events such as CES, NAMM, IPC APEX EXPO, and E-3 so stay tuned.