The number of reports of fraudsters calling people and pretending to be Microsoft Support Technicians in voice phishing scams is on the increase. The fake Microsoft support technician would call advising they need to remote onto the user computer to deal with a call that has been logged or to fix an issue the user is unaware about.
Do not let these malicious people onto your system if they remote onto your system, they can:-
- Install malicious software to steal and capture sensitive data, like your banking information
- They could direct you to fraudulent websites and ask you to input your credit card details
- Ask for credit card details for authenticating reasons and then use the information to charge you for the fake services
- They can adjust the system settings making it vulnerable and available for them to access in future.
But, beware these voice phishing campaigns are becoming more elaborate; for example there has been reports the scammers would impersonate other popular companies like Netflix in order to direct the victim to a fake Microsoft support agent.
It is very rare that Microsoft would contact end users directly especially, when you haven’t personally logged a support call with them.
If you do receive a call from a so-called Microsoft Technician you can ask the following questions to help determine whether it is a phishing campaign:-
- the name of the person that logged the support call with them?
- the telephone number they are calling from?
- their name?
- the Microsoft support case reference number?
Genuine Microsoft Technicians would have the answers to these questions. If it is a genuine call Microsoft technician they would provide a support case reference number and ask for the person who logged the call immediately. Also Microsoft will never ask for credit card details during a support call and would provide their contact name and telephone number willingly.
A BBC news article also reported bank and courier voice phishing complaints have increased in the latter part of 2013. It states that the fraudsters tend to target some of the most vulnerable people within society and the average age of victims is 70 years old.
So, act with caution if you receive a call from someone claiming they are from banks, police, utility companies and asking you for personal information like pins, payment, account details, credit card numbers etc. These malicious people are trained to be convincing so, even if they provide you with a number for you to call back on don’t do it! This is because once you put down the phone the criminal can keep the line open at their end so, when you call the number, you are unknowingly connected directly back to the fraudster!
It is sad to think fraudsters have the ability to take advantage of our trust, fear and innocence, to persuade us to part with our personal information. Voice Phishing is not likely to go away anytime soon and judging from the recent NetFlix story they are likely to become more elaborate.
So, be vigilant and do not trust unsolicited calls and treat them like phishing emails, just hang up and go about your day. Whatever you do not provide them with any personal information.