One of my wife’s closest friends called last week concerned that she had fallen for one of the many online scams. Earlier that day a pop-up, supposedly from Microsoft, filled her screen informing her that her computer was under attack from a virus. It went on to explain there was a solution, and all she had to do was call the number provided.
When she called, a representative convinced her she was about to lose control of her computer, all of her files including bank accounts, her social security number, and all of her passwords. She fearfully agreed to give the “company” access to the account and to send an image of a check to the agent’s account.
Later, when she tried to log back on to her computer, she was locked out. Her password didn’t work. Her computer was no longer in her control.
What to do
At this point she called my wife who gave her the following instructions:
- Call the bank immediately and stop payment on the check
- Go to the bank explain the situation, close your existing accounts, open new ones, and then ask the bank if there are any other precautions she should take
- Take her computer to a local provider (in this it was case Best Buy) to remove the malware
- Reset all passwords
The following day my wife received a similar pop-up. She called the number to see if she could entrap the agent. After several pointed questions from my wife the representative disconnected. My wife reported the scam. How to Report a Microsoft Phone Scam.
How to Avoid Online Scams
- Don’t allow remote access unless it’s a trusted provider that has been vetted and verified
- Use complex passwords, change them frequently, and don’t use one password for all accounts
- Install antivirus software and be certain firewalls remain up
- Keep up with updates from all operating software and your browser
- Don’t open suspicious email attachments, texts, or pop-ups
- Know that scams are out there and be able to identify types of scams
Types of Online Scams
Brute Force Attack – Using thousands of combinations to discover passwords.
Catfish – Fake online profile used to fool people.
Drive-by Download – When a virus is attached to your computer after visiting a compromised site.
Ghosting – Identity theft of the deceased
Maladvertising – Online advertising containing malware
Pharming – Malicious program that redirects searches from legitimate sites
Phishing – An attempt to trick users into sharing sensitive information
Ransomware – A program which disables your computer asking for ransom to reinstate it
Scareware – Programs that use scare tactics such as warning of online threats to your computer
Skimming – Stealing data from magnetic strip charge cards, for example, at a gas pump
Smishing – A text advising you to call a toll-free number.
Spyware – Malware, which is attached to your device that tracks your actions.
Be Afraid, Be Very Afraid
No, I don’t think people should live in fear, but I do believe we all should be aware of the scams that are threatening all of us, and not be fearful of them, but at least be wary. If it looks suspicious—don’t open it. If it sounds phony or too good to be true—it probably is. When Google, Apple, or Microsoft contacts you with a pop up about some virus, please know it’s not them. Don’t open it, delete it. Change your passwords, and stay updated. What precautions have you taken?
What has this Got to do with Your Small Business?
Everything. Recently a regional hospital, in our area paid more than $50,000 to regain access to their software. It can happen to any of us and it can happen to your small business. Every. Single. One of your employees needs to be aware of this and educated on what to watch for, be aware of, and avoid. All it takes is one employee opening a suspicious email to crash the walls.
Photo Credit: 2016-04-18_091924 Author: pan19842015 ID: 26225072670 Provider: Flickr