Social Engineering is the act of manipulating people into certain actions. Criminals use social engineering tactics because it is easier to exploit your natural inclination to trust than exploit your computers security.

The technical support phone call is a very common way criminals use this tactic to persuade you to pay for a service you didn’t actually need. I posted on this subject back in April 2013 and you can read the article at http://www.sig-ma.co.uk/phone-scam/

The reason I am posting about the subject again is, the criminals have not stopped using this form of social engineering and unfortunately people are still falling for their very persuasive tactics.

I receive a number of calls throughout the year from people wanting advice after being phoned by ‘Tech Support’ or ‘Windows’, ‘Microsoft’ etc. Last week a customer phoned me after receiving a phone call from someone claiming to be from ‘TalkTalk’. They managed to persuade her to allow them remote access to her computer and whilst she was unwilling to part with any payment details the damage was already done. The caller had applied a password to her Security Account Manager (known as SAM). This is a database that stores user account and security information and runs automatically when you start your computer. Without access to this your computer is not going to boot beyond asking for a password.

If you receive a phone call from anyone claiming to be aware of problems on your computer

HANG UP

Even if they ask for you by name or can give other information that might relate to you.

HANG UP

If you are having problems with your computer or have given remote access to someone who phoned up then I suggest you contact a local computer repair company to have your computer checked.