Very often, our team is focused on making sure businesses are equipped with all the IT services and supports they require. A huge part of this job is maintaining tight security protocols to keep our client networks safe. However, IT security is not something that only professionals have to worry about. Wondering what threats, you and your family face at home? Read on to learn about one of the latest.
Why email shouldn’t be your only concern when it comes to social engineering scams
We recently heard from a local who was looking for some IT guidance. Her father-in-law had recently told her that he had received a call from a Microsoft representative. The representative informed the gentleman that his computer was infected with a virus and that Microsoft had been notified of the infection. The representative went on to explain that with the right credentials, he could remotely access the machine and correct the infection.
Unwittingly, the man turned over his credential details and gave the caller access to his home computer for a period of 15-20 minutes. The gentleman explained the situation after the fact to his daughter-in-law, who immediately saw the red flags. She reached out to us hoping that we could take a look at her father-in-law’s computer and clean up any messes that had been made. After hearing from and serving this client, we thought it would be worthwhile to help educate others on these phone scams.
Simply put, social engineering is the dark art of manipulating people into handing over confidential credentials and/or information. The kind of information that malicious cybercriminals are looking for varies, but most often they’re looking to fool innocent web users into handing over some kind of information that will provide them with unauthorized access. This could be login information like usernames and passwords, personal banking information or some kind of access to a user’s computer in hopes of stealing data or installing a virus.
Basically, social engineering tactics make it easier for criminals to exploit trusting and naïve users. This tactic is becoming a favorite among malicious cybercriminals. Why? It’s pretty simple. It’s just far easier to try and trick you into handing over your password than trying to guess and hack it from scratch. Unless you have a very weak password, cybercriminals know they have a better chance of hacking your account if they’re able to get you to offer up your password credentials unwittingly.
So, that call we got recently about the father-in-law duped by a ‘Microsoft’ phone scam? Turns out complaints are consistently rising about similar schemes. In fact, Microsoft recently released statistics stating that 153000 complaints have been received and that 15% of complainants were forced to spend hard-earned money to have their data and computers restored.
These cold-calling con artists inform unsuspecting people that their computer has been infected and requires clean up. The phony ‘Microsoft Rep’ then talks the victim through a series of steps which results in some kind of tech disaster, at which time the rep demands a fee be paid to resolve the phony problem.
The fact of the matter is, email isn’t the only way for your personal or business data to be illegally authorized and held hostage. Individuals and professionals of all kinds should be aware that phone scams – often committed by well-rehearsed and friendly people – can be even more difficult to identify and prevent.
Your browsing window and software systems can be protected with malware blocks and firewalls. But protecting an unsuspecting person from making inadvertent mistakes on a convincing phone call with an ‘expert-sounding’ technician is much more difficult. Furthermore, there’s no quick solution that be applied like a patch to solve this exposure to risk.
So, how can you prepare yourself and those around you for identifying and dealing with con artists who call in? Whether you’re worried about the office or home, there are some key strategies for making sure these sophisticated and manipulative criminals don’t get the best of you.
Check out the top three strategies for protecting yourself and those you know:
First things first: keep your finger on the pulse. Staying informed about these scams is truly the best way to be on the lookout for them. Stay in tune with recent news and make note of any potential scams you hear about and make sure to be on guard. Informing yourself about the problem and potential risks is the first step to protecting yourself from scammers.
Next, make it habit to be extra vigilant when you get an unusual or out of the blue call about your computer. Read up on Microsoft policies regarding customer communication – is it normal for a Microsoft rep to be calling you out of the blue claiming your computer is infected? Ask for credentials from callers and tell them you want something in writing before you move forward with anything. If they threaten that your computer is in danger, calmly explain that you will have it looked at by your own expert. Remaining vigilant and level-headed is key!
Finally, if you do get one of these calls, or if you hear about one on the news, spread the word! Word-of-mouth is the worst nightmare of phone scammers who hope to catch their victims off-guard. Tell your friends and your family – particularly elderly or non-tech savvy folks who may be more inclined to believe the scam. By communicating with your community about the scam, you’ll be able to help others remain informed and vigilant and hopefully, you’ll reduce the likelihood of someone losing data or money.
At the end of the day, we can’t get rid of scam artists by snapping our fingers – if only! However, you and those around you can take steps to ensure you’re not sitting ducks waiting to be duped. When in doubt, reach out to an IT expert. Tech professionals are well-versed in the many different scams that exist and can offer key insights to prevent your victimization.
Did you find this article informative? We’re happy to help! If you liked this, check out these other articles we think you’ll love: