Tuesday Tip: Cynthia’s Corner – Who Did You Call?

By David Gracey

Today we take a trip back to Cynthia’s Corner. I hadn’t received any frantic phone calls from my mother-in-law Cynthia requesting tech help in quite a while. I was beginning to wonder if her land line was broken, when one day the caller ID on my phone displayed “Cynthia.”  I answered the call with much trepidation but was relieved when I was greeted on the other end of the line by her husband, Mr. Cynthia. So picture this: Cynthia seated at her home computer yelling to Mr. Cynthia across the room (their land line cord doesn’t reach the computer desk) and Mr. Cynthia relaying “data” to me on the other end of the line. The information I was getting had me confused:

Microsoft LogoMr. Cynthia told me Cynthia had been on the phone with Microsoft for an hour and they wanted $200 to unlock her computer and another $400 to install a firewall. At this point his antennae went up and he decided to call me. After hearing this part of the story, my Spidey senses began to tingle so I asked to speak with Cynthia directly so she could help me understand what was going on.

Cynthia launched right into it. “David, my computer files are locked up. Why don’t we have a firewall? Microsoft says I have been hacked.” Still confused I decided to dig in and ask a few basic questions. “Cynthia, back up and tell me what exactly happened.” She told me a popup screen came up telling her to call Microsoft immediately and provided the number. She called the number and the Microsoft representative told her all the files had been locked, her anti-virus software had been disabled and that they had no firewall.

Me: “So you are on the phone with Microsoft right now?”
Cynthia: “Yes, I’ve been on the phone with a woman for an hour and she’s getting a bit annoyed with me.”
Me: “Really? Did Microsoft call you?”
Cynthia: “No, I called them.”
Me: “Why?”
Cynthia: “The number was on my screen. It said all my files had been locked and to call the number on the screen, which I did. She was nice at first but has been getting more agitated, especially since I told her I wanted to speak with my son-in-law first. She told me I didn’t need to call you. She also asked me lots of questions like if I did online banking or paid bills online.”
Hacker Target | Network 1 ConsultingMe: “Cynthia, you aren’t speaking with Microsoft. You are talking to someone, probably in a former Soviet country, who wants to steal your money. She is a bad guy who has a special place waiting for her in the afterlife. Hang up.”

Cynthia hung up the phone and shut off the power to her computer and unplugged the Internets. Fortunately for Cynthia she doesn’t keep any pertinent data directly on her computer. Everything is in the Cloud or in her Google email. She does no online banking nor does she have any photos or documents on her computer. She was the victim of a hacker who, at some point, had installed a program on her computer giving a fake phone number to call “Microsoft.” With some basic computer skills, they created a fake splash screen message that included the Microsoft logo and official-sounding wording.

Cynthia probably received a fake email or visited a compromised website that carried a popup screen from “Microsoft.” There was no virus, only an official-looking message asking her to call Microsoft. Once “Microsoft” got on the phone, they directed Cynthia to a website that enabled the bad guy to take control of Cynthia’s computer. They encrypted her files and began trying to talk to her out of giving up her credit card information. We call this “Social Engineering,” which is the act of person-to-person contact in order to get information like banking or credit card info.

Cynthia’s computer was seven years old, so instead of trying to clean it up, everyone voted to buy her a new one. At the end of the day, no real harm was done, but it does shed light on how the bad guys are getting even more crafty. We must stay one step ahead of them.

David Gracey Headshot

David Gracey: Since its founding in 1998, David has grown Network 1 into a top-notch IT services company dedicated to delivering the best solutions for Atlanta’s small and mid-size businesses. His responsibilities include creating the vision and strategy for its growth and establishing the culture of Network 1.

Network 1 designs, builds and supports the IT you need to run your business more securely, productively and successfully. Whether you want to outsource all of your IT needs to a reliable, responsive, service-oriented company, or need to supplement the work of your internal IT staff, we will carefully evaluate where you are now, discuss where you want to go and implement and support a plan to get you there with as little interruption as possible.

Leave a Comment

Related Posts