About Common Sense Security

  • Biography: Dr. G has a Ph.D. in Computer Science and is a Certified Information Systems Security Professional. Your security friend has two passions: security and teaching. Dr. G worked for Secure Technologies Department at Lucent Technologies, taught Cryptography and Information Assurance at a top 50 American University and provided security testing for the Department of Defense. At present Dr. G teaches people with no security background simple techniques to help them protect themselves from crooks and fraudsters.

Posts by Common Sense Security:

Netflix “Tech Support” scam

Posted on 28. September 2014 with No Comments
in Tech support scams
as ,

Today I had an unexpected call from Unknown Caller. I get a lot of calls from this person and usually just ignore them. However, this time I decided to respond and was greeted by a nice guy, who  introduced himself as Andy and proceeded to tell me that there was a problem with my Windows computer. The script has not changed much in 2 years since I spoke to Sam from the same caring organization.

It used to be a scam run mostly from India, however these days they seem to diversify and expand the operation. Obviously, they find enough victims to make the swindle profitable.

They also vary the pitch in order to trick those who heard about the original scheme.

For example, a blog from a well-known security vendor Malwarebytes describes a variation that pretends your Netflix account have been suspended because of nefarious activity and conveniently provides a link for regaining access. Of course, the link steers you to a malicious website and providing your credentials there leads to identity theft. Once the Malwarebytes employee Jerome Segura provided random bogus information on website, he was told to contact Netfix member services at a [fraudulent] toll-free number. You can watch and listen to the  interaction of Mr. Segura with the fraudsters who pretend to be Netflix tech support and who ask Jerome for a lot of personal information. They also tell him that his computer is badly infected and try to sell him unnecessary and expensive “computer cleaning” services.

Another variation of the con actually plays on your awareness of tech support scam and offers you a refund. Of course, once fraudsters get your financial information they use it to take money from you, rather than give it to you. Federal Trade Commission posted a warning and details of this “Refund” ploy on their web site.

As is often the case, this scam can be easily averted by using Calling Back authentication technique. For Netfix variation you can either go directly to Netflix web site netflix.com and log into your account or you can call legitimate Netflix tech support phone number 1-866-679-7172 which can be found on their official  website. For other organizations you can use their known contact information instead of links and phone numbers so nicely provided by helpful strangers.

While security professionals and techies who thoroughly understand the technology are having a lot of fun at the expense of these scammers, I suggest that if you are neither, you should immediately hang up or should  start your authentication routine, because you don’t want to let strangers into your computer.

 

 

Relief or Foreclosure?

Posted on 22. September 2014 with No Comments
in Mortgage Fraud
as ,

Two years ago I wrote about mortgage fraud and ways to deal with it, but more people have been hurt since then and I would like to remind you to be vigilant. When you are falling behind on your payments and somebody promises to dramatically reduce the amounts you have to pay monthly in exchange […]

Talking Turkey

Posted on 17. August 2014 with No Comments
in Phishing
as ,

Have your friends or relatives ever asked you for help? Are you a kind of person everybody relies upon? Bravo! Helping people is great as long as they really need help and are not fraudsters trying to scam you. Recently I received the following email from my friend, “Joe”. “I really hope you get this […]

Right on Target

Posted on 10. March 2014 with No Comments
in Authentication

Have you received an email recently notifying you of a Target data breach and offering you 1 year of credit monitoring? It claimed to be sent by Target and provided both a link to sign up online and a phone number to call. It was even signed, “Gregg Steinhafel Chairman, President and CEO”. With the […]

Danger of using cards to pay for taxis

Posted on 5. March 2014 with No Comments
in Credit and Debit Cards
as ,

Over the years more and more places were subverted by scammers stealing debit and credit card information. We received warnings from our banks, favorite shopping venues, eateries and gas stations. However, you probably thought that paying with your card for a taxi ride was safe. Not anymore. Chicago bank warns both guests and locals to […]

Fake Utility Bills

Posted on 9. February 2014 with No Comments
in Phishing
as ,

Last time we discussed a phone version of utility payment scam; the email version has not been far behind. It may try to extract money from you or it may try to infect your computer. This scam affects utility customers nationwide. Pepco, MidAmerican Energy and Florida Power and Light warn their customers about this scam. […]

Utility Payment Scam

Posted on 9. October 2013 with No Comments
in phone scams
as ,

This is another scam that seeks to use your fear in order to extract money from you. It has been going around recently. You can read an FTC warning here. Your phone rings. You hear that your account is in such a bad shape that your gas, water or electricity will be switched off now […]