Phone Phishing

Chris Hannan (Jun, 2015)

I receive many calls from clients asking me if a phone call they received from someone claiming to be from Microsoft is legitimate. The caller tells them that they need to access their computer immediately because they are SPAMING the Internet. This is not a legitimate call and I tell them if they ever get a call like that again to hang up immediately. Unfortunately, there are people that do allow the caller access to their computer not knowing what the caller is actually about to do.

Two weeks ago, I received a call from someone claiming to be from Microsoft.  They said that they needed to fix my computer because there was a major security breach and hackers were stealing all my information (obviously, he didn’t bother looking at my website thus learning we are an IT company).

Anyhow, being the inquisitive person I am and curious to know how this scam works, I decided to go along with it.  I frantically stalled him while I booted up a very old PC connected to my Verizon Wireless Access Point in order to isolate the PC from the company’s network.  Then I hooked up a “sniffer” that basically watches all data coming from the Internet to the PC and vice versa so I can watch what he was actually doing.

I acted as if I was totally unaware that he was hacker while I followed his step-by-step instructions. He asked me to download and install a piece of software that he needed to remove the nonexistent software that the nonexistent hackers were using to steal my personal information.  In essence, the software that I was downloading and installing was actually what he needed to take total control of my PC.  Once it was running he was able to control my screen and he was very nice to show me what he was doing to stop the nasty hackers. Of course, before he could stop the hackers he had to charge me $300.00 and needed a credit card. It just so happened that I had an old credit card that was compromised sometime ago and has since been deactivated so I was nice enough to give him that card number. Apparently these thieves do not always check to see if the number is legitimate because he continued right on with what he was doing.  

I watched my screen light up will all sorts of crazy stuff that in reality was just a program he was running remotely to make it look like he was really stopping something; however, the sniffer showed that he was browsing my hard drive for all sorts of files. Excel spreadsheets, word documents, pictures and anything that he could transfer to his computer. He also installed some software on my computer that would send him screen shots of what I was doing as well as log every key stroke I entered. This software runs in the background completely hidden and undetected by the unsuspecting user, allowing him to obtain my usernames and passwords for every website I visited going forward for what could be years. He was even smart enough to disable the virus protection before he started.  

During our hour phone conversation, he was very honest in telling me that he was in the Philippines, the weather was hot, and he had a wife and 2 kids. I verified that IP address (basically a computer address much like your home address) was actually in the Philippines and the weather was very hot that day. I could not confirm his wife and kids, but I believed him anyway.

Finally, after setting up my computer so that he could watch my every move and steal my identity, he told me that he had successfully stopped the mean hackers from stealing my data… oh goody! At that point, I felt the urge to tell him that he had called a IT company and the computer he had compromised was a piece of junk that was set to go to the recycling center. Plus, I was recording everything he was doing on the back end.  

As the conversation continued, the man who is supposedly the father of 2 children and just tried to steal all my personal data became a very irate individual.  He started threatening me and my family and said that I can call the police, but there is nothing I can do to stop him.  Keep in mind that he is completely on the other side of the world, in another country, using a stolen phone number. 

Well, the man is right; there is nothing that any law enforcement agency in this country can do. Yes I had his IP address and knew where he was, but in the end all computer hackers hide behind the cloak of the Internet.  This is why they have no problem calling your personal phone and directly talk you into thinking that someone from Microsoft is actually going to save their information from being stolen.

In summary, nobody from Microsoft or any other computer company would ever call you to save your personal information. If that was the case then the US Government would not have recently lost 18 million records of its employees and former employee’s data. So be vigilant and if anyone calls you wanting to access your computer for any reason, just hang up. If you have received one of these calls in the past and unknowingly allowed the caller access to your computer, stop using the PC and call a IT professional to remove the spyware that is most likely running on your computer. If you have accessed your bank website or had personal account information saved on the PC, then take action to close your accounts. 

Chris Hannan is an Information Technology expert with over 20 years’ experience in the electronic industry. His background includes Network Engineering, Design, Auditing, Forensic Analysis, Communications and Security. His certifications include Microsoft, CISCO, HP and IBM to name a few. Chris has worked with Dermody, Burke and Brown since the late 1990’s, joined the firm as the Director of Information Technology in 2004 and started Optimal Technologies, LLC. in 2007. He continues to be an integral part of our firm to this day.

Return To The Focus Front Page

I would like my DB&B tax advisor to
contact me regarding this topic.