Recently I got a late night phone-call from a client, and in the background I could hear his computer telling him that it was infected with malware and that his problem could be solved by calling a certain phone number. This was being generated by a pop-up “security alert” window that had materialized when he was on the web comparing the merits of a 1.6 gallon flush to a .6 gallon flush toilet. Evidently the site itself, or one of the ads on the site, was dishing up this fake alert message.
We have all received the fake “Microsoft” support call, or searched for “HP support” on Google only to pick a non-HP computer support company advertising at the top of the search results. (See my earlier post) Also, I have been told by more than a few of my own clients, that this sort of thing happens when they call a support number provided in the paperwork that came with their technology product. Yes, you can call your computer or printer tech support number, be routed to an offshore help desk, and then be transitioned into purchasing an extended support arrangement of some sort. It seems like the price is always around $300. I have no idea if the brand name manufacturers involved know that this is going on, but I have heard this story often enough to believe it is happening.
Even though the FTC has begun going after these scam artists new ones crop up all the time. And some of them are not breaking the law at all, just pushing the boundaries a bit, and this makes it hard to close them up.
I just read a disturbing article in PC World that told the story of a guy who was just looking for a sales job and ended up working briefly for a Portland, Oregon based computer support telemarketing company. Their pop-up advertising on various websites made the phone ring, with confused people on the other end of the call who truly believed their computer had a problem. Their solution was to sell the caller a “lifetime” subscription to a low rated but genuine security product for $300. This product sells elsewhere on the Internet for $29.00. And for another $285 the tech support agent would clean up any problems on the computer.
This amount of money would buy you a lot of pretty good computer support from a reputable local firm, with the service provided at your location, or in a service shop or store you can drive to. Why anyone would give $600 to a stranger on the telephone is beyond me, but evidently many people are easily persuaded that these calls are legitimate. Please, when this happens to you, just hang up the phone and call a reputable, local support firm. At least if money changes hands, it will be supporting a local business instead of a distant scammer.
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com