It seems obvious, doesn’t it? You receive a telephone call from overseas by someone speaking English in a foreign accent saying they are from Microsoft. Without waiting further you slam the phone down, often preceded by a few choice words. End of problem – or is it?
The sad fact is that there are many victims who fall victims to phone scams and this is why the problem not only continues but appears to be increasing at an alarming rate.
In the UK, according to one report, the number of fraud incidents involving phone calls to residents claiming to be from a bank or the police has increased three-fold in the last year, estimated to have cost £23.9 million.
Typically, the fraudsters call members of the public pretending to be from a trusted organisation – like your bank, the police or a computer company – and once they have your trust, they will ask for your financial information, encourage you to hand over cards or cash to a courier, or get you to transfer money into accounts they control.
The people behind these scams are organised and highly professional – so spotting whether the call is genuine, or fake, can be very difficult.
Example of bank/police frauds
The following was posted on a Facebook page here in the Algarve a few days ago: “My 83 year old mother was called by a person claiming to be the fraud squad at Hammersmith police station. They then told her that they had a person in custody who had taken money fraudulently out of her bank account.
“They told her to call her bank immediately and confirm what had happened. When she put the phone down and called the bank, the scammers were in fact still on the line so as she called what she thought was her bank she was in fact speaking to the criminals. They then took all of the victim’s personal details.
“They asked her to go to the bank and transfer money into a safe account, so my mother went to the bank and attempted to transfer money from her savings account to her current account, an account that the scammers had by then the information for. At this point the bank became suspicious and she was taken into a room and the real police were called. It transpired that these criminals had already been to her home and stolen thousands of pounds.”
In response to the last example, Safe Communities Algarve contacted Action Fraud in the UK on February 24 and they confirmed that this MO was common.
The Microsoft scam
This has been around for a number of years but there appears recently to have been an upsurge. This has prompted the Judicial Police here in the Algarve to issue a recent alert to be aware of such scams.
Basically the caller, usually speaking in English in an Indian accent, states there is something wrong with the operating system on your computer, such as infection by a virus or the system needs to be updated; and that solving them requires the implementation of a series of instructions and commands, for which the caller offers to help.
This requires paying for alleged updates of the Windows system through purchasing support packages and other assistance. They ask details of victims’ credit cards and use these details to install malicious software, obtain confidential data, or even remotely access your computer and changing the settings or commit other fraud.
Recently a security researcher played along with, and fell victim, to a Microsoft technical support scammer.
The caller said that his software warranty had expired and asked him to click the System Configuration Utility services tab, explaining that only a Microsoft technician could restart the system.
A “technician” took over to get the victim to register for a warranty renewal at €250.
He was asked to download a TeamViewer program to allow a third party to control his computer. They then opened a browser and instructed him to enter his banking information and make a PayPal payment of €250. However, the victim thought he would trick the fraudster by entering incorrect banking details.
The scammer got spiteful, took control of the victim’s computer and deleted all his documents from his computer before corrupting the system.
Criminals are using a new scam to make people believe they are speaking to someone from their bank by fooling their phone handset into displaying the bank’s correct contact number. The scam, known as “number spoofing”, involves fraudsters cloning the telephone number of an organisation they want to impersonate and then making it appear on the victim’s caller ID display when they telephone them.
I have highlighted these examples to show what can go wrong. Of course the immediate action should be to terminate the call immediately and not pass on any information. However, this is easier said than done. The art of the scammer is to sound plausible, often preying on the vulnerable, and this is why these scams continue – it is a lucrative business!
If you have received a call like this, it is best not to call out on the same phone again for at least 10 minutes.
Banks or police will never ring you and say that they are coming to your home to pick up your card, so never hand it over to anyone who comes to collect it. Your bank will never ask you to authorise anything by entering your PIN into the telephone, or ask you to email or text any personal details.
If you have passed any compromising information giving a clue to your passwords, you should change all your passwords and usernames, starting with your main email account and any bank- and credit card logins.
Use up-to-date security software to scan and cleanse your PC, and if the scammer did get you to do something to your PC, using System Restore to roll back the settings is always a good idea.
By David Thomas
|| [email protected]
David Thomas is a former Assistant Commissioner of the Hong Kong Police, consultant to INTERPOL and the United Nations Office on Drugs and Crime. In October 2011 he founded Safe Communities Algarve an on-line platform here in the Algarve to help the authorities and the community prevent crime. It is now registered as Associação Safe Communities Algarve, the first association of its type in Portugal. 913 045 093