Social Engineering Scam: Telephone Calls from "Microsoft Windows Support Company"
We have received reports from local support here at Duke as well as seen evidence from other universities that a popular social engineering scam is once again rearing it's ugly head. Individuals are receiving phone calls from purported Microsoft Windows Support Companies with claims of infected systems. The caller attempts to have the recipient sit in front of their computer, accessing the event viewer looking for any error in hopes of tricking the owner into believing something is amiss with their system. At that point the caller walks the owner through installing remote desktop software enabling the caller to connect to the system under false pretenses of cleaning the system of the malware infections. Unfortunately the caller is actually installing malicious software which compromises the system allowing control after the call ends.
This scam was discussed in an article published on Ars Technica. For more details into this scam, please see http://news.softpedia.com/news/AMMYY-Issues-Official-Warning-to-Alert-Customers-of-Tech-Support-Scams-288129.shtml
If you receive such a call, please contact your local support of the OIT Service Desk before allowing anyone to walk you though installing software that could potentially compromise your machine.