Microsoft sounds alarm over fake security scam


Microsoft sounds alarm over fake security scam

Alex Scroxton

Hacker - ThinkStock.jpgMicrosoft has warned end users and partners of a growing internet-based scam whereby criminals pose as IT security engineers and cold call potential targets claiming to represent legitimate firms.

The scammers tell their victims they are providing free security checks and mislead them into thinking their equipment is compromised in order to con them out of cash for a patch that never materialises.

The con gained prominence late last year when a survey conducted for the UK's annual Get Safe Online week first highlighted the issue.

MicroScope was subsequently contacted by several IT support services VARs who were left to pick up the pieces when end user businesses fell for the hustle.

At the time Microsoft was named as one company whose name was frequently appropriated by the perpetrators to lull their marks into a false sense of security.

Microsoft has now conducted its own research into the scam, and found that our of 7,000 users in the UK, Ireland and North America, an average of 15 per cent of people had received a cold call from scammers, rising to 26 per cent in Ireland.

Of those who received a call, said Microsoft, 22 per cent, or 3 per cent of the total sample, were decieved into permitting remote access to their computer or downloading fake patches that turned out to be keyloggers other malware.

The majority of people conned in this way suffered some form loss, including money stolen from bank accounts, compromised passwords and identity theft.

Losses ranged from £50 to nearly £1,000, with an average of around £550.

Microsoft UK chief security adviser Stuart Aston said that the rise of deception tactics to trick end users was ironically often a result of improvements in security software.

"We would like to remind users of Microsoft software that the company does not keep track of consumers that purchase their software and does not directly contact consumers for any reason whatsoever.

"Do not trust any caller claiming to be from Microsoft and needing access to your PC. We encourage people to keep safe when online and to always ensure the copy of Windows they are running is genuine and fully up to date," said Aston.

Photo courtesy ThinkStock

Join the conversation Comment



    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.