Netflix “Tech Support” scam
Today I had an unexpected call from Unknown Caller. I get a lot of calls from this person and usually just ignore them. However, this time I decided to respond and was greeted by a nice guy, who introduced himself as Andy and proceeded to tell me that there was a problem with my Windows computer. The script has not changed much in 2 years since I spoke to Sam from the same caring organization.
It used to be a scam run mostly from India, however these days they seem to diversify and expand the operation. Obviously, they find enough victims to make the swindle profitable.
They also vary the pitch in order to trick those who heard about the original scheme.
For example, a blog from a well-known security vendor Malwarebytes describes a variation that pretends your Netflix account have been suspended because of nefarious activity and conveniently provides a link for regaining access. Of course, the link steers you to a malicious website and providing your credentials there leads to identity theft. Once the Malwarebytes employee Jerome Segura provided random bogus information on website, he was told to contact Netfix member services at a [fraudulent] toll-free number. You can watch and listen to the interaction of Mr. Segura with the fraudsters who pretend to be Netflix tech support and who ask Jerome for a lot of personal information. They also tell him that his computer is badly infected and try to sell him unnecessary and expensive “computer cleaning” services.
Another variation of the con actually plays on your awareness of tech support scam and offers you a refund. Of course, once fraudsters get your financial information they use it to take money from you, rather than give it to you. Federal Trade Commission posted a warning and details of this “Refund” ploy on their web site.
As is often the case, this scam can be easily averted by using Calling Back authentication technique. For Netfix variation you can either go directly to Netflix web site netflix.com and log into your account or you can call legitimate Netflix tech support phone number 1-866-679-7172 which can be found on their official website. For other organizations you can use their known contact information instead of links and phone numbers so nicely provided by helpful strangers.
While security professionals and techies who thoroughly understand the technology are having a lot of fun at the expense of these scammers, I suggest that if you are neither, you should immediately hang up or should start your authentication routine, because you don’t want to let strangers into your computer.
Your computer is infected …
Have you heard about nice people who call you to let you know that your computer is infected and they can help you to cure it? Maybe one of those people called you or someone you know?
Recently my phone rang. When I answered, a voice with a thick Indian accent said, “Ma’am, I am from Microsoft Technical Support. Your computer is infected. I can help you. Please, go to your computer and I will tell you what to do.”
I was elated. I heard about such people before, but now I had a chance to see for myself how they operated. I said, “Sir, I am very glad you called. I cannot speak right now; can I call you in 10 minutes? Could you tell me your name and your phone number?”
My caller obligingly told me that his name was Sam Pakar (he spelled it for me) and that his phone number was 510-374-4990. He claimed to call from California.
I called the number back and hung up after two rings. A minute later Sam Pakar called me back. He told me to open my browser, providing step by step instructions. Then he told me how to go to www.support.me web address. Most people should stop before going to an unknown web address, because your computer can get infected by a bad website, or even a good website subverted by crooks. However, I have so much protection on my computer, I could afford trying unknown web site. When I got to the web page to which www.support.me redirected my browser, I recognized LogMeIn remote access software that could allow my caller to take over my computer. Of course Sam did not tell me that was his plan; he dictated a six digit number and told me to type it in a box on that page and click a submit button. At that point I decided that the game was getting too hot and disconnected.
However, I was not done. I went to Google and checked that phone number. Not only there were numerous complaints about these crooks, but at least one story mentioned a caller trying to log into the bank account of a woman he duped into giving him control of her computer.
When you hear the words, ‘infection’, ‘malware’, ‘virus’, you may get so nervous that you wish someone could help you. When people offer to do just that for you and mention such well known companies as Microsoft, Dell or whatever manufacturer you bought your computer from, you may feel relieved. However, these companies will never call you out of the blue. If you think something can be wrong with your computer, get help from someone reputable, be it a computer repair shop, your family computer guru or your own computer-literate child. Do not follow instructions from people who cold call you on the phone. They may be trying to steal your information or money.