Fake MicroSoft calls


 
Thread Tools Search this Thread
Special Forums Cybersecurity Fake MicroSoft calls
# 1  
Old 01-17-2018
Fake MicroSoft calls

Dear colleagues,

it's that time of the year again: in recent days and weeks I'm receiving annoying numbers of annoying "support" calls from dubious "MicroSoft Centers" telling me that my computer generates errors and / or downloads malicious SW. Although ignoring these pesterers on the phone, I'm a bit concerned as I can't assess the danger they pose, coming in via VoIP.
Very few ports are open on my PC interface: SunRPC and 766 (both listened on by rpcbind), CUPS, DNS and Link-Local Multicast Name Resolution (both listened on by systemd-resolve). On my router, none of the common ports is open to the WAN.
No indication (yet) of remote interaction (attempts) in my system log file.

Does anyone of you have an idea or indication, what the threat would be and how I could prevent any damage? Can they, from VoIP connection / communication data, infer / deduct / extract information allowing them to harm?

Rgds
Rüdiger

Last edited by RudiC; 01-17-2018 at 09:40 AM..
# 2  
Old 01-17-2018
Hi Rüdiger,
As far as I know, accepting the call (by VoIP, land line, or cell phone) shouldn't pose any threat.

What they want you to do is to allow them to remotely login to your PC and "fix" your machine for you. That is so obviously a security threat that I'm surprised anyone falls for it, but I'm sure enough people do that it pays them to call me at least once a month hoping I'll fall for it that day. (Even though I don't have any systems in my house running a Windows OS, and it is impossible to follow their directions to give them remote access.)

Cheers,
Don
This User Gave Thanks to Don Cragun For This Post:
# 3  
Old 01-17-2018
Thanks, Don, that confirms what I thought / felt, but I'm too ignorant when it comes to VoIP that shares a common line and addresses with data, via my provider. I hope I can trust them when they assured me of their safety precautions, covering VoIP as well.
# 4  
Old 01-17-2018
What I heard, is that these fake MS support impersonators try to get you to download their "patch" or software in the hope that you execute it on your system.

So this seems like a crude and straightforward tactic that can be seen from miles away and I would not worry too much about it.
# 5  
Old 01-17-2018
I agree with all that's been said. I've been involved with VoIP for some time and you can get paranoid about it.

So, without trying to cause any anxiety, I'll try and upload an attachment with a document about this issue (which is still available on the web somewhere) if it will let me, but I wouldn't worry too much.
These 2 Users Gave Thanks to hicksd8 For This Post:
# 6  
Old 01-18-2018
Thank you, hicksd8, for the link. Massive interesting tech info, and a small chapter on what interested me most:
Quote:
Unauthorized access attack
Unauthorized access means that the attacker(s) can access resources on a network that they do not have the authority. . . .
Unfortunately, the countermeasures proposed can't be done locally but have to be left to the provider (which I expect they do).
I'll stick to keeping ports closed and activating the firewall on the router.
# 7  
Old 01-18-2018
I just rely on my router port forwarding forcing VoIP packets to only to go my (relatively dumb) SIP phone. Like you, I don't know much else can be done.
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. Windows & DOS: Issues & Discussions

Microsoft Powerpoint 2003 stops working after 12 April 2011 Microsoft Updates

For the benefit of the community this is a widespread worldwide problem affecting multiple versions of Microsoft Windows. Powerpoint erroneously reports Powerpoint presentation damaged and then often hangs. Until Microsoft sort this out, try removing Powerpoint security update KB 2464588... (0 Replies)
Discussion started by: methyl
0 Replies

2. IP Networking

Identification of data calls & voice calls

Is there any facility to filter/identify the data calls and voice calls coming throug modem? OR Can we get the data or voice calls information through a script(preferably C Kermit)? (0 Replies)
Discussion started by: pcsaji
0 Replies
Login or Register to Ask a Question