Someone I know got a tech support scam popup that said their computer was being hacked. I said to bring the computer over. I wanted to see it.
I found the malicious site in the browser history–I’ll tell you how to do that after I finish my story–and pulled the page back up. The computer played an MP3 file with a scary-sounding message and urged me to call an 888 number. So I called. I got voicemail. I left a message.
Last Tuesday night my oldest son came into the room and told me he thought one of our computers was being hacked. So I kicked into incident response mode and walked into the other room to be greeted with a computer loudly telling me that Microsoft Security Essentials was unable to clean a virus and to immediately call Microsoft.
Instead I immediately shut down the computer. Here’s why.
A software developer asked me today about a website called Download More RAM. I don’t think he heard my other coworkers snicker. He asked if it’s possible to download RAM, then asked if it was a security issue. I said it’s best not to visit it, and spared him the history lesson.
Yes, there’s some history to it.
Buried unfortunately deep in August’s Social Engineer podcast was some outstanding advice from British TV star R. Paul Wilson, who turned scamming into prime-time BBC TV for several seasons.
Wilson, who literally has sold someone a bridge that he of course didn’t own, has lots of experience on both sides of scamming, so his experience is invaluable. I was just disappointed that we had to listen to 45 minutes of Christopher Hadnagy and David Kennedy arguing before we could hear it, so I’ll cut through the garbage.
Tax fraud is one of big payoffs from data breaches. But there’s a simple thing you can do to make it harder for a scammer to file your taxes if your employer or health insurance provider gets breached and your social security number is one of the ones that gets stolen.
Change your social networking profile.
FTDI is a company that makes computer chips for USB peripherals. Their chips are frequently cloned, which is an issue they have a right to deal with. But they have to be careful.
Breaking suspected cloned chips that consumers bought in good faith is the wrong answer. If I did that, it would be called hacking, and I would be sitting in jail right now, and probably would be facing a quarter-century in prison. Read more
In news that will surprise no one, Home Depot confirmed it’s had credit card data stolen.
I also learned that in an effort to defeat my usual security measures, people increasingly will buy cards local to them, so they can shop in the same zip code, or a very nearby zip code to the victim. They then buy expensive merchandise and/or gift cards. This tactic limits the market but increases the effectiveness if you happen to own the unlucky card that your malicious neighbor buys.
About the only way to defeat this behavior is to keep a close eye on your account statements, which means cutting down on credit card use probably would make it easier for you to notice fraud. And, of course, when your credit card company sends a new card, activate it as quickly as possible.
As for what happened, there’s lots of speculation but no confirmation as of yet. Now the start date has been revised back to perhaps sometime in April, and while the number of stores hasn’t been confirmed, the numbers I’m seeing range from 1,700 to all 2,200 of them.
As far as what’s going on, I think we’re in a situation much like the era of The Cuckoo’s Egg, where the world is changing faster than the security world and the corporations who employ it can keep up. In a few years I’ll look back on it in awe of what I learned, but for now, I have to admit feeling scared more than anything. I think we’ll get through it, but at this point in the battle, I still don’t know how.
I did a little more digging after getting yet another fake technical support phone call last week, and I’ve done some thinking on my own. If you want to troll these criminals when they call you, here are some ideas. Read more
I got another “Windows Technical Support” call on Friday evening. My caller ID said Minneapolis, and since I have coworkers in Minneapolis, I answered. But the guy on the other end was a long way from Minneapolis and probably doesn’t know diddly about ice hockey.
I’m pretty sure it was the same criminal as last time, but over a better VOIP connection. I remember the voice pretty well, because his parting lines from last time, “Enjoy your broken computer, Mr. Genius Man!” struck me as funny. And he started the conversation with, “I’m calling you again about your Windows 7 computer.”
My conversation with him revealed a few things about why this scam is likely to be profitable.
As you’ve probably heard, Target had a bad month. Between the days of 27 November and 15 December, about 40 million credit card numbers were stolen, making it one of the biggest breaches of its kind in history. As far as we know, the card number and security code were stolen, but debit-card PINs and addresses were not.
Target says they have contained the breach and are cooperating with credit card companies and authorities. Cringely has some analysis, but it has more for people like me to think about how we do things at work than it does for consumers.
And, well, as luck would have it, I shopped a lot at Target between the days in question. And I used both my credit and debit card during that time. Here’s what I’m doing, some of which may be counter-intuitive.