Over the years, our Help Desk gets a fair amount of calls from our clients that had been scammed by someone claiming to be Microsoft or some other competent support entity. It can happen a variety of ways. The most common way is browsing and an image flashes, often with a voice warning you that you have a virus and to call such and such a number to resolve it. It may ask you to click a link, which could deliver a virus to your computer. If you call them, they may ask for a credit card for prepayment, but could also offer to “fix” it for free, but install ransomware to force you to pay later or lose your data. Sometimes, they call you on the phone and say that this is the IT department and to go to a website so they can remote in and fix something. I had one such call on my cell phone a few years ago and I had some fun with them for a while.
So when we recently hired a new person at Eagle and he called upon a client whose laptop fell off our antivirus radar, I was elated to hear the conversation just down the hall where our client questioned the authenticity of the call. He asked for our company name and number and said he would check it out and call back. I was so thrilled, I sent an email to his manager and said that this was great to hear. Our Tech even used the name of his manager, who he did check with first to obtain this person’s contact number.
Think Like a Hacker to be Safer
We live in an age where you can find so much information on the internet that the outbound call we made could easily have been from someone other than us. Many companies have and “about” tab where the important people, like this person’s manager, could have been on their website. It could also be found on LinkedIn or other social media sites. A good place to start is a testimonial page for an IT support company. If you get a client’s name from here and call them stating you are from XYZ IT Support Company, the chances are pretty good that you could gain access. Or, you could send emails making it look like you are from that IT company and ask them to put their network password into a field you create on a website that looks like that IT company. Easy stuff to do, and a quick check of some of our competitors lists some pretty big clients on their websites.
Don’t be shy to make sure it’s really Eagle Network Solutions when we call or email you. We don’t take it personally, because your safety is why you partner with us.
Kaleb Jacob, MCSE