Social engineering is a classic part of 'cyber crime' as it often isn't enough for criminals to break into systems, they also need the people involved to innocently/naively take steps to ensure their scams work.. Today I met such an 'engineer'!
There have been a few stories of large groups being hacked and large amounts of data being stolen recently, so be aware that if you receive unexpected phone calls that include unusual claims and asking you unusual questions, the chances are that you are speaking with someone connected to the hackers involved. Today I received a call from an identified Indian/Pakistani sounding Male that went something like this:
x - "Hello Mr. xxx - I am calling from Microsoft about your computer. We can see that you have hackers in your computer - how many computers do you have?"
me - "Hello, Oh, from Microsoft - I see.. Can't you see how many I have from your records?"
x - "How would we do that? I just need to know how many computers you have."
me - "Because I have licenses for them with Microsoft."
x - "I just need to know how many computers you have"
me - "What method did you use to access my network?"
x - "That's a stupid question. Why are you asking stupid questions? (Angry)"
me - "I don't think that someone from Microsoft would...."
Dial Tone....
So yes, he hung up on me as he panicked and realised that I had detected his scamming almost from the moment he opened his mouth. lol
Have you heard of any similar scams in your area? They appear to be increasing and I have been told by a government security specialist that they often hack the national phone systems so that they show up as using phone numbers that don't exist and cannot be traced!
Wishing you well,
Ura Soul
Vote @ura-soul for Steem Witness!
View My Witness Application Here
(Witnesses are the computer servers that run the Steem Blockchain.
Without witnesses there is no Steem, Steemit, DTube, Utopian or
Busy... You can really help Steem by making your 30 witness votes count!)
Used to get these all the time. They then changed to pretending to call from our largest national ISP. I've also had clients that have victims of this type of scam.
The scam goes a little something like this. They will get you to open the event viewer on your computer, and read out any error. They'll then pretend that this is some major issue that requires that they gain access to your PC. They'll then instruct you to download and run a remote package like Teamviewer or GotoAssist.
Once they are in, they configure the remote support software to run automatically at startup, so they can get in any time they like. They'll also likely request some credit card details to fix whatever imaginary problem they find. They may also infect the PC with an actual bit of ransomware, or ferret around looking for personal information, the jackpot being banking details. Remember, once they are in, getting a browser to reveal all your login details for websites is a simple task.
By the way, love the image with the cat !
Ah yes, pretty basic stuff but enough to get rich quick from the small percent of people who do fall for it.
Thanks for filling in the details. Hack-cat salutes you :)
Keep them busy as long as you can, just play along for a while. When they get impatient you tell them all your machines run on Linux. Then inform them that you've traced the call to Bangalore. The more swearwords they use; the more effective you've been at wasting their time. Too bad I didn't have recording set up or I'd share the vast collection of foul language I received. Remember, you are talking to hackers and they can't get into your machine, that's why they called; they need you to let them in. Have fun but don't change the settings on your machine and don't give them any information that could ID you or your machine. Whatever you do, don't ever do what they tell you to.
Hehe - I did once have another call like that where I informed the guy that I had been speaking with the UK government for hours about his case and, yes, he started swearing and asking me how exactly MI5 was going to come and find him.. lol
In the past I actually traced such a call to a call center in Bangalore, India. Thank you Google; that was easy. In the Netherlands they now provide a telephone service that is non-area code specific for on line businesses. The guys from Bangalore are now using that to hide the fact that the call comes from India and make it look like it came from the Netherlands. No matter; I'll gladly waste their time if I've got the time, but they don't call me anymore. I must be on their "do not call" list :)
I mean, why would someone from microsoft call you? What makes you think you're that important? It's just common sense...