You would think these things get old, but as long as someone is willing to pay money, the bad guys will remain employed. This particular scam rings close to home, I can recall a phone call I received last year advising that my machine was infected with a virus and it was critical that I purchase their software to remove it and even better yet, allow the caller access to clean things up! This had me interested, I asked the caller to explain in detail "exactly" what virus and most importantly, how did they know. Am I participating in a botnet? As I fired off some questions the caller became increasingly frustrated and insisted this was the only solution. I felt like I was at the dentist telling him why I didn't need to get a crown, or fill a cavity that didn't hurt. Simple questions like what OS am I running? What's my IP address? Do you actually get paid for this? Obviously they couldn't answer any of my questions, except for operating system - they said Windows XP. Not even remotely close. Please remember no one is going to call you and offer to fix your machine out of the blue. I don't care how good you have been lately. Have a process to validate all incoming support requests. One solution we used to deploy to lock down remote dial in access was a call back number. This meant that when Bob dials in from home with his laptop, the answering remote access device would verify authentication, then (if successful) disconnect and call Bob back at a predefined number. While the bad guys can spoof their source number, it's much more difficult for [...]The post End User Security Awareness: New Twist to the Telephone Tech Support Scam appeared first on Sentryworx.
