Scammers pose as Microsoft support, look to install malware
Tripwire warned that scammers are posing as Microsoft call center personnel pretending to remove malware.
Lamar Bailey, senior director of security research and development at Tripwire, told SCMagazine.com cybercriminals use “robo calls” to tell unsuspecting consumers they work for Microsoft and have identified malware on the potential victims' computer. Once a call is answered, the consumer is transferred to a call center in India where a worker will read a script directing the victim to unwittingly install malware.
The researchers spotted several types of malware being unloaded in different cases and said most of it looks to steal financial login credentials and payment card data.
“Most people simply don't imagine that a cyberattack can be initiated over the phone, but these scams ultimately lead to malware being installed on your computer,” Bailey said in comments emailed to SCMagazine.com.
Bailey noted that the call center workers may not be in on the scam and might not know that they are helping to infect users with malware. He said that when potential victims deviate from the script, the call center spokesperson will often become flustered and not know what to do.
“Microsoft won't call you to say something's wrong with your computer,” Bailey said.
“If you're concerned that the call might be legitimate and you want to ensure you're not missing something, hanging up and calling the organization or company back on a verifiable phone number is a good policy," he explained. "If you're having a hard time understanding which actual company to call, that's probably a red flag.”