According to security researchers from antivirus vendor Sophos, the callers pose as technical support engineers working for Microsoft, Canadian telecommunication provider TELUS or other trusted companies.
They are usually based overseas in countries like India and probably work for call centers contracted by cyber criminal gangs."They likely are taking advantage of extremely cheap Voice Over IP technologies that allow them to purchase local phone numbers," notes Chester Wisniewski, a senior security advisor at Sophos Canada.
Callers usually claim that the user's computer is sending out errors and offers to help them fix it. After determining the victims’ level of technical knowledge, the callers ask them to go to a website and download a program, usually a scareware application, or instruct them on how to give them remote access to the machines through programs like LogMeIn or other software.
In addition to installing malware or scareware on their computers, callers also ask victims for their credit card numbers and charge them for the assistance provided. The scams have become so widespread that TELUS put out a warning about them.
"TELUS is warning the public to be aware of this scam, and not to turn over personal information online or over the phone to anyone they don’t personally know or have verified are who they say they are, and to protect their online accounts with complex PIN numbers," the company advises.
The scams have spread throughout all English-speaking countries including US, UK, Australia and New Zealand. Users might be more vulnerable to them because they are not used with the attack vector. Also for many people it's more difficult to dismiss a person when speaking on the phone than in online chat or email.
No comments:
Post a Comment