A little over a year ago, I received a call from an unknown number where the caller represented themselves as Microsoft. The caller, who spoke in a broken English dialect, indicated that there was a problem with my computer and that I should log into it right away. Almost immediately I was skeptical of the caller’s intentions to help me as I understood that as a computer technician myself, I knew that my computer was in exceptional shape and that I would not be in any real danger. I decided that I would play along until it got too serious as I expected the call would go in that direction.
The caller that I worked with was exceptionally clear on the
steps I needed to follow and actually presented himself in a way that would
make anyone believe that they were in a legitimate role and actually trying to
help. He asked me to go to my computer
and power it on if I had not done so already.
As it turns out I was off from work that day and was at home with the
computer already on. The caller asked me
to go to my start button, the Windows button that is in the lower left hand
corner and continued to give me instructions to open a command prompt. He asked me once the command prompt was open,
to type out the following command:
netstat -n
Without going into great detail, the netstat command displays
network connections for your computer.
One of the fields in the results is named “Foreign Address” which he
asked if there were any numbers for me when the results came back. Well of course it did because one is generally
connected to the Internet. He indicated
that, with giving no evidence mind you, that those connections were to China
and I was in the process of being hacked.
Well, Probably not!
I believe at this point anyone would feel that they were in
serious trouble and would be open to any help that could be given. Although in fact I or others were in not
trouble whatsoever at this point, the trouble would begin now. The caller indicated that they could help
stop the hacking from China and that there would be a few additional
steps. The caller had me open an
internet browser go to the website of one of the popular remote tools, such as
TeamViewer, Join.me or GoToMeeting. I
continued to go along with this rouse and downloaded and subsequently installed
the tool as requested. At this point it
was clear to me that he would gain control of my computer shortly and have the
ability to do anything he wanted to by way of having free remote access to my
computer.
It was at the point that the caller was about to remotely
connect to my computer, that I decided it was time that this charade should be
stopped. We were at the point that in
TeamViewer, I believe that the program had installed and presented a number
that a remote person, using the same program could get access to your PC. I stopped and began telling him of my IT
experiences, what NetStat was doing, what he was about to do and why I had to
stop him. Before I hung up on him, I
told him that he should divert his seemingly good computer and customer service
skills in a positive direction, as opposed to hijacking people’s computers.
In the weeks that would follow, I believe I received at last
one more call from this person or one of his co-conspirators, attempting to gain
access to my computer. If this was
happening to me, I became concerned about others out there, who may be more
naïve when it comes to computers and networking. At a local festival, I happen to notice a
detective at a display booth for our police department. I asked him if there was anything law
enforcement could do as I was not sure what kind of crime this was, but seemed
like one nonetheless. Based off his response, it was kind of a dead end as it
was my understanding that they were somewhat helpless in this regard. This article is basically meant to be a
warning to others as I am not sure if there is another forum to alert others of
this what I call attempted computer hijacking.
In summary, here are the points I wish for those to remember:
- Microsoft (or Windows as they call themselves sometimes) will not call you!
- Never give remote access to your PC to anyone you do not know.
- The best prevention is to hang up on these people as soon as possible.
No comments:
Post a Comment