I’ve been helping clients clean malware out from their systems for years, and I’m sorry to report that the technical nature and complexity of the scams keep getting more and more advanced.
To be honest, the complexity of malware now adays is mind boggling, and novice users are falling victim to very complex (and over-the-top invasive) scams more and more.
Years ago you had to only deal with a retrovirus that would attack your local anti-virus suite, now adays the common malware, botnet and RAT (remote access tool) attacks are unfathomably advanced.
Chief among these scareware attacks is what’s known as a “Bogus Microsoft Support Call”, upon which the malware will actually take pictures of you, and show fake “Warnings” saying that you’re guilty of some type of crime.
Additionally, if that wasn’t frightening enough, the same malware will disable your system, and will “sniff” your machine for phone numbers.
Why does the malware want a phone number you ask?
Because often times you’re on the receiving end of a fake “Support Call” from an odious hacker posing as a Microsoft Employee.
What happens, is they call the phone number that was “scraped” from your computer, and pose as a Microsoft Employee letting you know that your machine has been infected.
Naturally, around this time you will have tried to regain access to your system, and will likely be suffering from a panic attack because your computer is locked down, with an image of you (taken illegally from your camera) saying you’re guilty of online piracy, or worse.
So, you’re ELATED that the fake “Microsoft Employee” is contacting you, and you consider them to be a knight in shining armor. But, they’re really a wolf in sheep’s clothing.
Unfortunately, the fake caller will then inform you that they need to gain “remote access” to your machine (which they already have, though illegally) and they can clean your system. Of course, they offer to clean your machine for hundreds of dollars.
Statistically, the runofthemill user is likely to fall victim to this ploy, and there’s really not much I can do about it.
The only thing I can do, is let you know that these scams exist, so if it ever happens to you, you can tell the caller to go snuff off.
In the meantime, it’s always a great idea to tighten the security of your local system.
Here are a few pointers to keep your system safe:
- Harden your web browser – The majority of these types of attacks come through web browser vulnerabilities. One thing you can do, is install “browser hardening” addons, like “NoScript” and “AdBlockPlus”. These addons make your Internet browsing much more safe, and prevents JavaScript and other scripts that haven’t been verified from executing on your machine.
- Keep your anti-virus up to date – This goes without saying, right? But when was the last time you scanned or otherwise ensured your anti-virus is up to date? It doesn’t really matter WHAT type of anti-virus you have, as long as it’s from a commendable company and that it’s automatically set to update, and preferably scan on a scheduled basis.
- Never download pirated material – Hackers love to infect files with their backdoor Trojans, RATware, and keyloggers and then share them with the world. If you want to keep your file clean, only execute files from trusted sources. Pirated material is NEVER a trusted source, so don’t EVER download and execute pirated material. (Trust me, the worm is NOT worth the hook).
- Get an up to date Operating System – How many of you guys are still running Windows XP? You need to have an Operating System that’s constantly updated and still supported. Even Linux users erroneously believe that their system is 100% safe. That goes for MAC users as well; make sure your system is fully patched, still supported by the Operating System vendor, and if you’re still running XP, it’s time to upgrade. Seriously.
- Never Click Shady Links Via Email, or Websites – Statistically, a fair majority of Botnets, malware and scareware applications “trick” people into executing them. This can occur when someone’s email account, Twitter account, Facebook account, or their personal blog has been compromised. The point I’m trying to make, is be VERY cognizant of what types of links you click, and what type attachments you open. Always try to be sure that the original recipient is who they say they are; this can only be accomplished by using common sense. (Speaking of which, common sense is your BEST DEFENSE from being hacked in the first place).
The point of this memo, is that the threats and viruses are running rampant now adays, because quite frankly hackers are making money doing it.
Your only option, is to remain vigilant.
The alternative, is getting a shady phone call from a fake “Call Center Tech Representative” who wants $300 to clean your system.
Avoid that, by staying clean.
And staying safe.
That’s a memo.
Stay cool.
Mike
Mr. Computer Science
PS: People always ask me what anti-virus applications I use. For a detailed list, check out this reference point here.
Later