Cybercrime is a multibillion-dollar, worldwide business, but it doesn't always happen online.
In some cases, the potential loss of money or control of your computer could be just a phone call away. It was a wakeup call I experienced firsthand after an unknown cybercriminal called my cell phone on Monday.
"Hello sir, I am calling to notify you that your computer has been infected with malicious software," said the man, who did not identify himself.
Well, I initially thought, that certainly isn't good.
A great deal of digital hacking is done by gathering details on a target and trying to convince them to hand over passwords and personal information. It's deceit through social engineering, where a cybercriminal may email or call someone pretending to be someone else, with the ultimate goal of gaining access. The techie term is phishing.
About 91% of targeted cyber attacks begin with a spear-phishing email, or a message sent to a target with specific details that seem convincing enough to get a response. A very simpleexample might be: "Hey Paul, it's Joe in the IT Department. I got locked out of my workstation. Can you shoot me your password so I can get in through your account to reset? It'll just take two minutes. Thanks."
There's no need to guess passwords when you have a shot at getting someone to just tell it to you. But sometimes these types of attacks occur offline — over the phone.
With email, there's always a chance that email clients will pick up on phishing emails and flag them. But with phone calls from blocked numbers — like the one I received — I suspect there's a much more likely chance of success, given the natural human nature to trust.
After the man told me my computer was infected with malicious software, I quickly grabbed a pen and paper and began asking questions. "What is wrong with my computer exactly?" I asked him.
"Sir, the malicious code has corrupted some of the internal security software," he said. Though I can't say where the call originated from, he had a heavy accent that sounded Russian. "Some malicious files are getting downloaded onto your computer without your knowledge."
I asked him where he was from, and he told me Verizon Internet Services. That of course wasn't true, since I don't even use Verizon as my internet provider.
Further, Verizon would never call out to a customer over the phone except when a bill is past due. And even then, "it would be an automated call," according to Harriet, a customer service representative I spoke with at Verizon following the fraudulent call.
"We just recommend you don't provide them with any information," she told me.
Eventually, my questioning got the mystery caller frustrated. Once he figured out I was not accepting his story of malicious code and I kept quizzing him, he hung up.
And unfortunately, there's not much I can do to figure out who this man really is, or where he called from. I could contact the FBI and file a complaint, which then would open up an investigation that could require Verizon's legal team to trace the call.
But with zero dollars lost, and the call probably originating outside of the US, I doubt that he will see the inside of a jail cell anytime soon (For what it's worth, I sent in a complaint via the FBI's website, just in case).
"People are always looking at ways to 'get over on someone,'" Harriet told me. "It happens a lot."
It happens a lot. And this man is still out there, calling out to his potential victims. So just remember, if you ever receive a strange call like mine, ask plenty of questions.
Hopefully, they just hang up.
Here's what it's like when a cybercriminal calls your cellphone
Reviewed by Unknown
on
04:09
Rating:
No comments: