Let me tell you a story about a person who was browsing the web – for the purposes of maintaining his anonymity, we will call him Jim. Jim was browsing the web every other day at work and was looking at news articles. One day, he clicked on a link that was referenced in the article, and suddenly, his browser went to full screen and a prompt appeared in the middle of a Microsoft website.
The prompt read as follows: “Call Windows Help Desk Immediately. The following data will be compromised if you continue: 1. Passwords 2. Browser history 3. Credit card information.” The prompt then gave him a number to call.
Jim called this number, as any other person might, and came across a self-professed “Microsoft” tech to help him solve all his problems. The gentleman he spoke with was kind and helpful; he started to give Jim instructions on how he could remote into Jim’s computer. Jim didn’t think anything of it, and let the tech connect. Once the tech was able to access the computer, he caused more mayhem (unbeknownst to Jim) and said he could fix the issues for a low price of $299.
However, the tech only accepted gift cards, green dot cards, or electronic checks from specific websites. Jim paid through an electronic check. The tech then told Jim that he would remotely work on the computer and everything would be fixed in 2 business days. He specified that Jim should leave his computer on.
When Jim finally came back to his computer after one night, he found his computer to be even slower than it was before, and that nothing was truly fixed. He also saw that the amount of money he authorized in the electronic check was different than the actual amount that was taken from his account.
While reading, could you spot the red flags in story? Read our RED flag checklist to make sure you do not fall for this ploy again.
Red Flag Checklist
Full windowed prompt telling you everything is compromised.
Real viruses do not alert you to the fact that they are there, with few exceptions.
Calling the number provided
Never call the number provided in any prompt. Go to the company’s website to find an accurate number, so you can be sure you are speaking to the right people.
Letting a tech remote in from unknown companies
Make sure you know who is coming into your computer before letting them in. They can lock you out and steal your information.
Paying for services in echecks and giftcards
Reputable companies will not ask for gift cards or online checks to pay for services.
Never leave your computer unattended with a remote tech
Anytime that someone remotely accesses a personal computer, you should watch your computer as if you were still on it.
We hope these flags will alert you the next time you may see this kind of popup, so you can avoid Jim’s unfortunate mistakes.
Anthony holds dual degrees in Electrical Engineering and Computer Science from NYU.
He has over 30 years of experience in hardware design and software programming. Anthony specializes in computer and cloud networking and has collaborated with clients and third parties on creating custom software designs and is a web presence and accessibility compliance expert.