fake-microsoft-support-call-south-west-cyber-security-cluster-bg-008

 

What is it?

You receive a call from someone from Microsoft Helpdesk telling you that they have discovered a problem with your PC. They ask you if you are near your machine, ask you to log in. They use a ‘let me in’ type link which allows them to take control of your machine.

They can then either put some malicious software on your machine which could provide them with information about bank passwords etc.  Alternatively they tell you that you have a major problem, and will fix it for you,  often by selling you some form of ‘anti-virus’ software, usually at an extortionate price. Or worse a combination of both.

First Steps

First things first, how would they ever be able to know your telephone number from your internet address?

How to respond: Hang up…it’s a scam!

If you have already allowed access or responded

You may have already downloaded malicious software onto your system or allowed access to you computer

  1. Change your computer’s password,
  2. Change the password on your main email account
  3. Change the password for any financial accounts, especially your bank and credit card.
  4. Use malware scanner  such as Microsoft Safety Scanner, F-secure, AVG, Kaspersky, Eset, Trend Micro, Bitdefender to find out if you have malware installed on your computer.

 

Advice from Microsoft

“If you are using an old version of Windows (Windows 7, Vista or XP), Install Microsoft Security Essentials. (Microsoft Security Essentials is a free program. If someone calls you to install this product and then charge you for it, this is also a scam.)

Note: In Windows 8, Windows Defender replaces Microsoft Security Essentials. Windows Defender runs in the background and notifies you when you need to take specific action. However, you can use it anytime to scan for malware if your computer isn’t working properly or you clicked a suspicious link online or in an email message.”

 

Who to Contact

Report to Action Fraud

Follow up action

Make sure you make anyone you know who may be susceptible to this aware of this scam and train your staff not to respond.