This is post is longer than our average, but I’m sending it out as a sort of Public Service Announcement. I know someone who recently lost $2,400 in an online scam.
If you receive an email from Amazon, Microsoft, or Google asking you to call a phone number, be careful. In the past couple of months, I had to recover two PCs after their owners had responded to an email and then had their computers hacked. The names have been changed, but the details have not.
In the first case, Harry received an email claiming to be from Amazon (hint: it wasn’t from Amazon). It said there was a problem with his order. An order he did not remember placing.
Harry called the phone number in the email and soon was transferred to Microsoft Technical Support (hint: it wasn’t Microsoft). He was told there was a virus on his computer. There wasn’t. Yet.
The fake tech support person got Harry to enter a few commands on his PC and it was now under their control. The person on the other end of the phone, let’s just call him the hacker from this point forward, reset the password on Harry’s machine so Harry could no longer log on to his own computer.
The hacker then offered to “fix” Harry’s PC for several hundred dollars. He eventually had Harry scan three checks totaling $2,400. After sending the checks, Harry still did not have a working PC.
When I got involved, I used a simple program to reset Harry’s password so he could log in to his own PC again. Then I found the hacker had installed not one, but five backdoor programs so he could continue to take remote control of Harry’s PC. I removed each of the backdoor programs and Harry was able to use his PC and now knew what to watch for in suspicious emails.
In the second case, Tom received an email from Microsoft asking him to call them about a problem on his PC. If you guessed it was not Microsoft, you are right. As in Harry’s case, Tom gave hacker #2 access to his machine, and the hacker corrupted his password. This time, hacker #2 told Tom to go and buy Target gift cards to pay for getting his machine “repaired.” Fortunately, Tom did not buy any gift cards and did not lose any money. I reset his password and he was wiser, but fortunately, not poorer.
I am not running through these details to solicit business for my services. I am writing this to ask you all to be careful and don’t fall for one of these scams. Like our community members, both Tom and Harry are seniors—the hackers’ favorite targets.
What can you do about it?
- Understand that it is VERY unlikely, I’d almost say impossible, that Microsoft, Amazon, Google, or any similar firm would contact you about a problem with your PC.
- One way to verify it is not an email from a legit company is to look at the sender’s email address. For example, if it is not an exact match for “[email protected]” then it is not from Amazon. Hackers will use “amason,” “amaz0n,” or something close to fool you. Unless they are lazy when it will be from “[email protected].”
- Never type in any commands based on a phone call (or email) from someone you do not know.
- Never send a check, provide account information, or buy gift cards for a caller.
- The same goes for a strange website pop-up message. If you have a antivirus program, it might give you a real warning. Websites do not have the capability (unless you give it to them) to scan your machine for viruses.
My apologies for the long post, but I do not want to see another person victimized by these hackers. If a person on the phone or a website tells you your machine is hacked, do not believe them. Run your own virus checker.
I am not trying to scare anyone (well, maybe just a little to get us all to be cautious), but I do not want to see anyone else lose money to these online criminals.
Chuck Storla
No Comments Yet