Much of what we imagine as the technical complexity of hacking or phishing is actually just good social engineering. Scammers recognize that often the easiest path into a system is through people—the users. It isn’t necessary to take elaborate measures to defeat antivirus or firewall systems if a user can be convinced to simply unlock the door and invite the thief in. In previous posts, we’ve talked about the perils of remote support scams which use frightening messages online that encourage consumers to call 800 numbers, or cold calls from individuals claiming to be from Microsoft (Read more about that here: “Microsoft Calling”). But a further troubling development is scammers using personal information to trick users into thinking that a call is from their computer’s manufacturer or from an internet service provider. What does this mean and what steps can you take to thwart these deceptive tactics?
- What’s In A Name?—In the past, scammers have taken a somewhat random, scattershot approach to targeting their prey, calling arbitrarily selected numbers and hoping that when they say “Your computer is at risk,” the person they are talking to actually has a computer. Recently however, scammers have managed to obtain more identifying information, such as names, email addresses, the make or model of computer, service tags and even past service records. None of these things on their own can be used to defraud someone, but they can be used to attempt to make a phony service call sound more credible. The fact remains that no legitimate company will call you to fix an issue that you have not reported.
- Warning Signs—Any time someone calls to address a computer problem that you have not reported, you can be certain that they are not legitimate. Other red flags are when individuals claiming to be tech support are aggressive, employing scare tactics or are pressuring you to pay for services. Contact could be initiated through a phone call or email, but their ultimate goal is to get control of your computer and access financial data; or claiming credit for fixing non-existent problems in hopes that they will be paid.
- What You Can Do To Stay Safe—If you are unsure about someone claiming to be from a major company, the best thing you can do is end the call immediately. If you are concerned afterward that you may actually have a problem with your computer (or that Microsoft, Dell, HP, etc. is actually attempting to contact you), go directly to that company’s official website, find the proper way to contact customer support and ask them if they have any record of such an interaction. As a general rule, you should never pay anyone claiming to be from a major company or the government in gift cards, with a wire transfer or prepaid credit cards.
Scammers will always strive to update their means of convincing people to part with their money and lower their defenses—they will use whatever information they can get their hands on to make themselves sound more credible. Remember, even if someone claiming to be from Microsoft or another major company knows your name, or what sort of computer you own, you should still be wary. Dell has provided a helpful guide for staying safe here. Of course, when in doubt, talking to someone you know and trust is a great solution; Mankato Computer Repair is always here to advise you on whether something passes the smell test.