Tech

Criminals post fake Microsoft products to gain access to victims’ computers | Science & Technology News

news7h 08/18/2022

9 3 minutes read

Microsoft confirmed this package received through the post appeared to be a counterfeit

Microsoft has confirmed to Sky News that criminals are posting fake packages designed to look like Office products in order to defraud people.

One of the packages seen by Sky News was manufactured to convincing standards and contained an engraved USB drive, along with a product key.

But the USB can’t install Microsoft Office when plugged into the computer. Instead, it contains malware that encourages victims to call a fake helpline and hand over access to their PC to a remote attacker.

Microsoft has opened an internal investigation into the suspected software package after being contacted by Sky News.

A spokesperson for the company confirmed that the USB and packaging were counterfeit and that they had seen a sample of such a product used to scam victims before.

They added that although Microsoft has seen this type of fraud, it happens very rarely. Often, when fraudulent products are sold, they tend to be product keys sent to customers via email, with a link to a website to download the malware.

“Microsoft is committed to helping protect our customers. We take appropriate action to remove any suspected unlicensed or counterfeit products from the market,” the spokesperson said. hold those who target our customers accountable.”

How does cheating work?

Martin Pitman, a cybersecurity consultant for Atheniem, recovered the phishing package and USB after his mother called him while she was at someone else’s house when they tried to install it.

He told Sky News: “I was informed that an unexpected USB stick was sent in the mail, which appears to be an Office 365 product,” he told Sky News, adding that the initial target of the scam was island is a retired man.

It is extremely unusual for criminals to target people with packages, especially when the intended purchase is not of particularly high value.

Unlike phishing emails and other forms of online scams that can be distributed to millions of potential victims at negligible cost to criminals, physical packages come at a significant cost. for production and posting, which means they present a much lower risk of return on investment for criminal enterprises.

Mr Pitman said: “I’ve heard of decoy attacks before and know this could be one of them, especially when the person was talking to a call technician when they in trouble,” said Mr. Pitman.

“As soon as they plugged the USB into the computer, a warning screen appeared saying there was a virus.

“For help and troubleshooting, they need to call a toll-free number to get the computer back up and running.

“As soon as they called the number on the screen, the helpdesk installed some kind of TeamViewer (remote access program) and took control of the victim’s computer.

“Here, the hacker sorted” the issue and then passed the victim over to the Office 365 subscription team to help complete the action.

“The good news is that the victim used a credit card and did not provide any banking details.”

Fraudulent credit card transactions can often be rolled back or canceled, while getting a bank refund for cash that has been taken out of an account can be extremely difficult if criminals gain access to it. .

“I instructed the person to hang up the phone and turn off their computer,” Mr. Pitman said.

“I then conducted a quick damage assessment and advised them to cancel the credit card, notify the bank to check their account and report the incident to Action Fraud.”

Mr. Pitman praised a cybersecurity company called Saepio for helping him spread the word about the scam.

“I feel that people should know that this threat is out there,” he told Sky News.

How to speak safely on your computer

Martin Pitman says: “The best advice, for this attack or for others, is to follow the ‘Stop, Think and Decide’ model.

“Are you expecting this parcel? Is this a Microsoft product? If you’re having trouble, use a search engine to find the correct helpline number, rather than trusting the number. helpline provided by the product in question.

“From a technical perspective, you should make sure your device has the latest security updates installed and that your anti-virus program is up to date.

“You shouldn’t run your computer from an administrator account if you’re just doing everyday tasks, it’s safer to create a new user account for those.

“We recommend using the National Cyber Security Center’s advice on creating strong passwords by choosing three random words, enabling multi-factor authentication, and using a password manager.”

“We want to reassure all users of our software and products that Microsoft will never send you unsolicited packages and will never contact you,” a Microsoft spokesperson said. any reason.

“You can visit this support page for instructions on how to avoid fraud and scams.

“If you would like to report fraudulent activity, you can do so by contacting Action Fraud or using Microsoft Online Reporting Tool. “

A spokesman for the National Crime Agency said the scam was not something their troubleshooting team knew about but was an organized campaign and expected the crime to be handled at the local government level. direction.

Source link