Microsoft Tech Support Phone Social Engineer Attempt

April 19, 2012 – ISSUE:  OIT received a question concerning an old fashion phone social engineering attempt.  Social engineering is an old technique that usually involved a phone call to capture information rather than what we see today via email and call “phishing” attacks.

One of our doctors in the Medical Center received a call  where the caller was claiming to be from Microsoft Tech Support.   The caller indicated MS Tech Support had received information that his computer was significantly infected. They were there to help. If he was close to his computer they could direct him on what was needed to be done to clean his computer.

WHAT SHOULD YOU DO?

If you receive a suspicious call like this, ask for a name and phone number which will usually cause them to hang up.  That was the case with this call.  Tell them you want their contact information for your technical support team to work directly with them to resolve the problem.  Do not give them any access to your machine, nor provide them with any login credentials.  In some cases they may be using you to gain further information about a possible different target.  If you do receive a call like this, please send Ashley Ewing (ashley.ewing@ua.edu) the details in an email.

HOW CAN I TELL THIS IS A FAKE?

Some social engineer attempts are easy to detect, others are not.

Microsoft Technical Support will never contact you directly on a cold call.

Always be suspicious of an unexpected cold phone call asking for access to your machine or to your login credentials.   You can always take a name and number, plus a ticket number if available from the individual calling, then call the service desk (348-5555), or your local support organization to verify the individual and make sure they do have a ticket to work on your machine.

Remember, Microsoft Technical Support will never call you directly in an unsolicited manner.