For many, cold-calls represent a big, irritating waste of time. But some cold-calls these days can cost you a lot more than annoyance and a loss of time; cybercriminals are resorting to cold-calls as a way to spread malware.
By renting out cheap call centers in India, criminals are able to cold-call users with the intention of shamelessly scamming them. The callers carry out the ruse while pretending to be on Microsoft’s support staff. In other variations of the scam, they claim to be a security consultant, or from the user’s Internet service provider.
Typically, these frauds say they are calling to make sure the user’s system is OK. They then follow a script that takes the user through some carefully chosen and relatively obscure areas of their PCs within the Control Panel, Event Viewer, or registry. When the user confirms seeing what appear to be alarming errors, messages, and warnings, the caller seizes the opportunity to scare the victim into thinking that their system has been compromised somehow.
It may seem unlikely that with so much advanced technology at their fingertips, cybercriminals would resort to such old-school tactics to spread malware. However, since today’s antivirus and antispyware software is proving to be difficult for many cybercriminals to crack, in the cold-calling scam, they directly target a potentially weaker link in the chain—the user.
At the same time, due to a growing awareness of the dangers of malware, people are often hastier to patch up any vulnerabilities on their PCs. Cybercriminals are exploiting this sense of panic and urgency to push their malicious agenda forward. Cold-call victims get duped because they think the phone calls are legitimate recommendations to update antivirus software.
Although the cold-call scam is leaving a lot of victims in its wake, the good news is that people are becoming more mindful about the importance of antivirus software. At the same time, though, the importance of common sense can’t be overstated.