Beware of the Microsoft Voice Phishing Scams!

The number of reports of fraudsters calling people and pretending to be Microsoft Support Technicians in voice phishing scams is on the increase. The fake Microsoft support technician would call advising they need to remote onto the user computer to deal with a call that has been logged or to fix an issue the user is unaware about.

Do not let these malicious people onto your system if they remote onto your system, they can:-

  • Install malicious software to steal and capture sensitive data, like your banking information
  • They could direct you to fraudulent websites and ask you to input your credit card details
  • Ask for credit card details for authenticating reasons and then use the information to charge you for the fake services
  • They can adjust the system settings making it vulnerable and available for them to access in future.
NetFlix Phishing Scam

Netflix Phishing Scam leads to Fake Microsoft Tech Support

But, beware these voice phishing campaigns are becoming more elaborate; for example there has been reports the scammers would impersonate other popular companies like Netflix in order to direct the victim to a fake Microsoft support agent.

It is very rare that Microsoft would contact end users directly especially, when you haven’t personally logged a support call with them.

If you do receive a call from a so-called Microsoft Technician you can ask the following questions to help determine whether it is a phishing campaign:-

  • the name of the person that logged the support call with them?
  • the telephone number they are calling from?
  • their name?
  • the Microsoft support case reference number?

Genuine Microsoft Technicians would have the answers to these questions. If it is a genuine call Microsoft technician they would provide a support case reference number and ask for the person who logged the call immediately. Also Microsoft will never ask for credit card details during a support call and would provide their contact name and telephone number willingly.

Voice Phishing

A BBC news article also reported bank and courier voice phishing complaints have increased in the latter part of 2013. It states that the fraudsters tend to target some of the most vulnerable people within society and the average age of victims is 70 years old.

So, act with caution if you receive a call from someone claiming they are from banks, police, utility companies and asking you for personal information like pins, payment, account details, credit card numbers etc. These malicious people are trained to be convincing so, even if they provide you with a number for you to call back on don’t do it! This is because once you put down the phone the criminal can keep the line open at their end so, when you call the number, you are unknowingly connected directly back to the fraudster!

Conclusion

It is sad to think fraudsters have the ability to take advantage of our trust, fear and innocence, to persuade us to part with our personal information. Voice Phishing is not likely to go away anytime soon and judging from the recent NetFlix story they are likely to become more elaborate.

So, be vigilant and do not trust unsolicited calls and treat them like phishing emails, just hang up and go about your day. Whatever you do not provide them with any personal information.

Advertisements

2 thoughts on “Beware of the Microsoft Voice Phishing Scams!

  1. Very good. Yes it is an insidious form of phishing that I particularly dislike (not that any!) because people feel a pressure and an anxiety. There are also methods used in Social Engineering.
    I would encourage you to keep raising awareness about this. I regularly add current phishes to the SecurityQuickThink page on our blog and tweet about them using the hashtag of #phishingTackle, please feel free to use it too and maybe we can help prevent some people being taken in and de-frauded.

    • Thank you for your comment Ellie. We will certainly keep raising awareness about this – as we often forget, as new technology emerges so, does new malicious techniques. Everyone needs to be aware and protect themselves against these fraudsters! #dataprotection

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s