I am writing from SJG Digital, a company based in Market Rasen who specialise in helping organisations and individuals stay safe online.
Over the past few weeks we have spoken to a couple of customers who have been victims of cyber-attacks (also known as Phishing) and we wanted to share this information in the hope that we can spread the word to a wider audience in the lead up to the festive period.
The outline of events which led to the first of these attacks came initially from a telephone call where the caller was claiming to be from TalkTalk.
In this case, the telephone conversation lasted over two hours in total because the caller was so believable and the victim actually trusted them. The call started with the victim being told that there was an issue with their broadband account and they were having some connection problems which the caller was going to resolve for them.
Now, in order for this problem to be rectified, the caller explained that some support software called Team Viewer needed to be downloaded onto the victim’s computer as this would enable technical support to have access to the computer and fix the problem. Needless to say, the victim agreed and the process started with a number of applications being installed on the unsuspecting victim’s computer.
At the end of the process, the caller produced a convincing web page on the screen and asked the victim to complete the form with their bank account details. Again, the victim did not question anything, duly completed the form and the phone call. It was not until their bank contacted them saying that someone had tried to access their account and withdraw funds from India that they realised they had been duped.
On realising that they had been duped, the victim reported the problem to Action Fraud (absolutely the correct thing to do) and then, through their daughter, contacted us for assistance. We have since advised the victim further on actions they need to take and cleaned their machine which had been riddled with a healthy dose of malicious software (often known as malware).
The second of these attacks was along a similar vein whereby the victim received a telephone call where the caller claimed they were from Microsoft, that they (Microsoft) had detected an issue on the victim’s Windows laptop and they were calling to resolve the problem. Interestingly, the victim in this case was a Mac user and was able to “toy” with the caller for a short time before the caller realised they had been caught out and abruptly hung up. Again, this was reported to Action Fraud following a conversation with the telephone company to try and track the incoming call.
Internet attacks can come in many forms and these are just a couple of examples where the attack initially came from a telephone call but could have led to a person’s desktop or laptop being compromised.
Our advice is to be vigilant and do not give out details of your passwords, banking details, personal information or allow unknown software to be downloaded onto your devices by unknown parties. Companies like Microsoft and TalkTalk seldom contact end users to tell them that they have a problem let alone call end users to fix a problem.
We wanted to share this information with you and your readers in case anyone else receives these type of calls in the future. If you have any questions about these types of attacks or would like some advice, please contact us - we have a wealth of information on our website at https://www.sjgdigital.com or you can speak to us by phone on 01673 898001.