We are busy throughout the day, and we all work hard to keep our businesses going. As a result, when a phone call comes in claiming that a computer has been compromised, we want to help so we can get back to our work. This ‘authorized provider’ says that to prevent further damage, action needs to be taken immediately. The caller is just trying to help, and says they’re from an authorized provider, so it should be fine, right?
It’s not a nice guy, it’s a hacker
In fact, that nice person on the other end of the line is most likely a hacker. If you do what they’re asking, you might be opening your entire company up to a serious security breach. Because we take security so seriously, we make sure our customers do, too. That’s why so many know how to respond in risky situations.
Bob’s story
Here’s a story from a Vice President at a company located in Eden Prairie. Bob recently received a call from someone who said he was a technician from PC Solutions, an authorized service provider for genuine Microsoft computer operating systems.
“The man told me that a Microsoft operating system I own had been corrupted and Microsoft had contacted PC Solutions, advising them to contact the computer owner to deal with the corrupted PC,” Bob says. He asked for an ID number and a phone number to call back because he was skeptical. He also requested an identification number for a corrupted computer.
After providing that information, the man directed Bob to locate the ID number on his computer by opening a CMD prompt and then choosing ASSOC. “I didn’t do it,” Bob says. “I told him I have multiple PCs and I needed to personally verify which one might have this ID number before calling back. He very pleasantly said that we could just check the PC I was at now. I kindly refused and ended the call, stating I would call him back if I needed his assistance.”
Hang up, call us
Not only did Bob handle the call in the correct way, but the next thing he did was brilliant. He called us. Calls like this from “tech support” are a scam. This is a hacker, and their true goal is to gain access to secure data or charge you to “fix” your computer.
Here’s what we always tell our customers: Don’t talk to any “tech support” people from companies you don’t know. Never share passwords or allow remote access to your computer unless it’s from your known and trusted technical support provider. No matter how official their script is or how believable the caller ID number, just hang up.
Next Steps
What to know more? Check out our blog that’s filled with tips and tricks on how to identify these types of attacks.