Because of our expertise in the field of IT Security and spam filtering services many of our referrals come about as a result of businesses or individuals who have fallen victim to Cybercrime in some form such as malware infections, or in the case of a recent incident where we provided IT security assistance for a business in Horsham, West Sussex who had fallen victim to what is known as Social Engineering. At Tamite we love gaining new customers, especially from referrals. Of course we would prefer the customer chose us and took advice before the event rather than to have to pick up the pieces and shut the stable doors. We relate the case of the Horsham Marketing company in the words of Dr Watson of Sherlock Holmes fame in the hope it may prove instructive.
Earlier this month we had a customer referred to us who suspected they might have problems following on from a scam call they had received allegedly from Microsoft we knew that the case was of the utmost urgency and needed to be quickly resolved.
A definition of Social Engineering is useful here :- Social engineering is the art of manipulating a person with the intent of gaining access to confidential information. The types of information can vary, when individuals are targeted the goal is usually to gain access to passwords or bank information, or to access your computer to install malicious software–that will give them access to your passwords and bank information as well as giving them control over your computer. As you can see Social Engineering is not solely a problem that is related to email as it often comes in the form of a phone call or even a letter.
Criminals have found that social engineering tactics are successful as it is easier to exploit your natural inclination to trust than it is to discover ways to hack your software. For example, it is much easier to fool someone into giving their password than it is hack their password (unless the password is exceptionally weak).
The client explained that the caller impersonating a Microsoft employee claimed to have information leading him to believe that our clients’ PC was infected with Malware. He asked the client to access some system logs talking him through how to bring them up in a well practiced and confident manner showing him the contents of the logs which looked a little concerning, lots of scary words like critical and urgent were prominent in the log and the caller assured him this almost certainly meant that he had an infection that needed urgent attention. At some point the client was persuaded to access a web page to download software to enable the fake Microsoft employee to take over the machine. After spending a further ten minutes remotely controlling our clients machine the Cyber Criminal posing as a Microsoft employee asked the customer to arrange payment. At this point the client started to suspect they were maybe the victim of a scam.
Fortunately the client didn’t hand over any banking details.
In past cases where credit card details had been handed over our first task had been to tell them to urgently contact their bank.
We advised the customer to close the machine down and not to use it until we had carried out a complete check of the system. As a result of carrying out in depth checks we removed various malware and an application that would have allowed the criminal access to the PC at will.
This is a classic case of a successful Social Engineering attack of the type described above. Unfortunately for the period the criminals had access to the machine they had free reign to copy documents which meant the customer had to review as to whether they might have lost sensitive data, which could mean having to contact the data security office to make a disclosure of a possible data loss, and of course we had to consider the implications of possible network access to other machines.
These calls have become increasingly common and may claim to come from many sources including your ISP,an IT Support company, a provider of Antivirus products such as McAfee or Symantec or even the Police IT Security department.
You should believe none of these with a possible exception of your ISP who might contact you to say you have had your broadband access temporarily suspended as a result of Spamming, Your ISP will notify you and tell you to contact your IT Support Company. Anyone who calls you, informs you that you have an issue on your computer and then offers to put it right is in all probability trying to perpetrate a Social Engineering scam which having read this you won’t fall a victim. Because of course you are not that gullible.
Of course in this case the message was delivered by telephone by passing any Spam filtering software that in the case of email would act as a technical defensive measure. In this case a lack of awareness and basic training was the issue. As an IT Security Solutions provider one of our roles is to inform, we provide half day seminars demonstrating the basics of IT Security aimed at businesses and individuals to give you a basic knowledge about how to protect yourselves and your networks, by understanding the threat you can usually avoid the pitfall. We can provide layers of security such as Spam filtering to protect you but some of the answer has to be through education. To that end my next few blogs will be dedicated to an explanation of the different types of Spam you may come across and ways that Spam can be used to con you or gain access to your PC.
Another frightening example and a slight twist on the practice that has been described as Vishing which is described in a recent story from the Telegraph.
How a vishing attack cost me £17,500
Speak Your Mind