1(630)802-8605 Ravi.das@bn-inc.net

As I have mentioned in some of my previous posts, the Cyber attacker is now shifting their strategies from launching brute force attacks in the hopes of getting anything and everything they can to now taking their own sweet time to study their targets, and from there, launch very slow, and silent type style of attacks.  The latter has been unfortunately, best exemplified by the recent Marriott Hotel Security breach.

But the Cyber attacker is also now adopting less sophisticated means in which to launch their hacks, such as using Social Engineering and using the tactics that are involved with that to play on emotion’s and fears.  As a society, we are so used to now thinking that Cyber attackers are launching high tech attacks that we have let our guard down on the less sophisticated attack vectors.  The Cyber attacker is fully aware of this, and are starting to take advantage of it.

So now, this all comes down to the question:  If you get a call, or if you call somebody for tech support help, how do you really know that the person on the other end is for real?  In other words, suppose you call a support line in order to get some technical assistance on a product that you just bought.  How do you know for sure that the person whom is answering your call is even an authorized person to handle your call?  How do you know that they are not even a Cyber attacker?

This exactly what happened recently in India, as numerous fake call centers were set up.  This whole thing starts when an end user of Windows (especially that of Windows 10) all of a sudden receives a pop-up message stating that their particular computer has been infected with a certain piece of malware, and that they must call the Microsoft tech support line immediately in order to get the problem resolved.

But it is simply not just a pop message that appears, there is also an audio warning that is played back over and over again until the end user actually places the call, or just shuts down the computer.  But, being in a panic sort of state, more than likely, the end user will call the toll-free number thinking that t is legitimate, and that the person on the receiving end will help them to resolve the issue, and that all will be taken care of.  But not so fast.

After the end user calls in, of course, they will be greeted with a warm and friendly voice, but once all that is over, the phony call center rep will then first ask for payment, ranging anywhere from $99.00 to as high as $1,000.00.

At this point in time, the Cyber attacker (whom is actually mimicking the role of the tech support representative) has reached the pinnacle of their Social Engineering scheme, and will now ask the end user for their credit card information. In desperation to get their computer fixed, the end user will agree to this, and now the damage is done.

So how does this story end?  Well, I will leave that up to your imagination.  In an effort to crack down on these phony call centers, Indian law enforcement officials 63 Cyber attackers, whom were posing as tech support representatives from Google, Microsoft, and Apple.

This scam was going on for two consecutive months.  The first raid took place in October in which 10 phony call centers were shut down, and 24 Cyber attackers being arrested.  The second raid took place immediately thereafter, with 16 more phony call centers being shut down, and 39 more Cyber attackers being arrested.

It should be noted here that this kind of Social Engineering scheme has been going since 2014, but it isn’t until now that the intensity of it has actually picked up.  Microsoft said that it has received well over 7,000 phone calls from concerned end users about these phony call centers.  The victims were primarily targeted in both Canada and the United States.  In fact, one out of every five Windows users fell prey to this Social Engineering attack back in 2017.

Also, in response to this, Microsoft says that it will never initiate tech support related calls on its own, the end user must take the initiative in order to make the call.

My thoughts on this?

Believe it or not, I have actually witnessed this attack in real life.  At first, you are taken by total surprise, and really believe initially that something could be wrong with your computer.  You are tempted to call, but, the pop-up messages and the audio warning keep coming back over and over again.

A complete shut down and restart of your computer should resolve this, and if this still happens, more than likely, you have some sort of Malware on your computer.  Thus, you either need to take it in to the Geek Squad, or may have to purchase a brand-new compute all together.

As I have mentioned, because of all of this, I never answer my phone anymore unless I recognize the number.  Smartphone technology has advanced to the point now that any incoming calls should have the name of the organization or the individual that is dialing your number.  Also, any unknown calls should be immediately blocked on your Smartphone, as well.

Heck, even when I initiate a call for something (it doesn’t have to be tech related) I get a little nervous myself if I am actually talking to an authorized representative that is qualified to take my call.  Remember, in most instances, when you call an organization for whatever assistance you may need (and assuming that they are legitimate in the first place), you will never be asked for a password, credit card number or even your Social Security number as a means to confirm your identity, unless you volunteer to give up that information first.

This has happened on numerous occasions to me, when I have to call my financial brokerage company or even Blue Cross/Blue Shield.  There was a time I also remember I had some tech support issues that I was having when I was trying to register a domain.  I called in, confirmed my identity through numerous authentication mechanisms, and finally got a hold of a tech support rep.

The guy had a foreign accent, and even asked me if it was OK to remotely log into my computer to see what was going on.  I was very reluctant at first, but I decided to take a leap of faith. After all, I initiated the phone call, I answered all of the Security questions, and it was the rep first who asked me it if was OK for the remote login.  He was not pressuring me in any way.

Another instance of this occurred with Blue Cross and Blue Shield.  I normally pay my medical insurance premiums online, but when I was trying to do it last month, I was taken to this website which I had never seen before. Because of that, I just snail mailed in a regular check.

The moral of the story here is that with these kinds of Social Engineering attacks, the Cyber attacker is just trying to get your fear elevated enough so that you will fall victim for it.  My best advice is that if this ever happens to you, just step back for a few minutes, and take some deep breaths.  Assess the situation, and go with what your get tells you, as my experiences have illustrated.