Sep 172012

Internet scams always have a target-rich environment, and they exploit it with a little bit of technology and a lot more con-artistry. Here’s a look at three such social-engineering scams to be aware of, including one that targeted me recently.

Scam A: Gary from IT

The caller ID showed an unknown person, which is never a good sign. On a whim, I picked it up instead of letting it roll to voice mail.

“Hello, Mr. Proffitt, this is Gary from the IT department calling about the trouble you are having with your Windows computer.”

(A couple notes about “Gary”: he sounded like he had a bad cell connection, and his accent was that of a Southwestern Asian, thick enough that I had to ask him to repeat himself, thanks to the quality of the call.)

When he repeated his greeting, I was intrigued, mostly because I didn’t currently work for any client that’s providing IT support for me and (this is key) the one Windows machine in my office had been sitting idle for a couple of weeks.

The signs were clear: I was being approached for a clever scam that’s seen a resurgence in recent months. In the con, someone calls pretending to be tech support and attempts to gain access to business or personal computers. The methods vary, ranging from password acquisition to instructing targets to point their browsers at a “diagnostic” site that will actually download malware to the target’s computer. Glancing to make absolutely sure that the Windows PC was powered down, I played along.

“Um, sure… ‘Gary’… though I have to say I wasn’t aware my machine was having any problems.” The truth, and I wanted to see what he would do with it.

He was ready. “You are not having a problem that you can see, but we are showing that your computer needs to have some upgrades soon.”

“I see. Well, I can have the computer run its upgrade cycle and get that fixed.”

Gary paused. Careful, I thought, you just spoke geek, so he knows you’re not dumb.

“No… what you need to do is go to a special Microsoft upgrade site and download the software right away. I will help you install the software.”

That answered that question: He wasn’t phishing for passwords, he was trying to get me to download the malware needed to remotely access and possibly control my computer. At this point, I was standing by my Linux machine and was ready to follow along and see what would happen next. Windows programs don’t run on Linux, so anything that tried to download would be effectively rendered harmless. But then in my arrogance, I tipped my hand.

“Okay, sure, no problem. I wasn’t aware Microsoft had special sites like this set up,” I replied.


Maybe the call was dropped, but he probably figured I was on to him and didn’t want to waste time with me. My life as a sting operator would have to wait.

Fake technical support calls are nothing new, but reports are on the rise of late, and they are getting more sophisticated. Mine, which happened about two weeks ago, called my business line and behaved as if they were from my workplace’s IT department. There is little doubt that had they called a home number, they might have tried a different approach, like claiming they were calling from Microsoft.

Solution: No tech support from any third-party vendor will call you unbidden to offer to fix something. Your own company might, and to make sure that you’re dealing with the home office,  hang up and call your IT department. If anyone asks you for a password, hang up.

Never visit a strange site because you are asked by someone claiming to be from any kind of tech support, whether by phone or email. Legitimate email requests will tell you to visit your company’s support site.

Scam B: Your Computer as Hostage

According to the Better Business Bureau, this is not the only kind of attack that’s on the rise. The association is also reporting more complaints from its members of so-called scareware or ransomware scams.

Ransomware is a form of trojan attack that uses a combination of malware and social engineering that’s a flip on the tech support con. With ransomware, the illicit software is downloaded first and then the victim is tricked into parting with their money and their credit information.

Here’s how ransomware works: After surreptitiously installing itself on a Windows PC, ransomware pretends to be a very realistic-looking antivirus software application that has “found” terrible, bad viruses on a PC. As if to demonstrate just how bad these viruses are, anytime you try to open an application, the attempt is blocked with a message that the “application is infected.” Indeed, the only thing that will run is Internet Explorer, which is key to the next step of the scam.

Why does ransomware need a browser? In order to have the “antivirus” software “clean” your machine, you’ll need to pay a low, low $39.95 to activate the software. If you can’t get to the Internet, you can’t log on to the payment site and enter your credit information.

Victims of this con are lucky if they just lose the initial fee, but usually they’ve just given their credit-card number to the same person who infected their machine.

Solution: There are a number of solutions proffered by blogs and real antivirus-software creators. Note the name of the fake anti-virus software and run it through your search engine to research it. The steps to remove ransomware can be complicated, but it’s not impossible.

Also, don’t run your Windows PC with an all-powerful administrative account. Use a regular user account that won’t let anything install without the administrator’s password. That does a good job blocking malware like this from being installed in the first place.

Scam C: The Grandparent Gambit

Social engineering is very much at the heart of the another scam that the bureau says is being reported: the grandparent scam. Curiously, while this con seems to have a lot of success among the elderly, it’s also targeted at anyone about whom a scam artist has personal information.

There’s not a lot of technology on the front end of the scam: Grandparent, other family members or friends will get an email or phone call from someone who identifying themselves as as a family member or friend who just got mugged, arrested, or has otherwise lost their money on a last-minute international vacation. Could you please wire money, but don’t tell Mom or Dad, the request typically goes. Once the money is wired, of course, it vanishes as quickly as the does the fictional verson of the person.

Usually, the request is peppered with personal details that are gleaned from social media or even email accounts of the person the scammer is impersonating.

This scenario was very close to what Linux Journal editor Shawn Powers encountered in 2010. Powers’ approach was, shall we say, unique.

Solution: Rather than prank the criminal, here’s what the bureau recommends: “The FBI urges grandparents and seniors to resist the pressure to act quickly; try to connect with your grandchild or another family member to determine whether or not the call is legit, and if you believe there is the slightest chance the call could be genuine, ask for details about the last visits with your grandchild or for details a stranger couldn’t know.”

This advice should apply to nearly any scam: Patience. Even if you think a family member is in real danger, telling them to call the local authorities for help is far more of a life-saver than you wiring money. If your computer is infected, disconnect it from the network it’s on and seek help from a knowledgeable friend or computer professional you know.

A lot of patience is a better than a little panic, and can usually thwart attempts to trick you into opening up your computer or accounts for criminals to peruse.

Image Courtesy of Shutterstock