{"id":17,"date":"2015-06-21T06:24:32","date_gmt":"2015-06-21T12:24:32","guid":{"rendered":"http:\/\/pcmdx.net\/blog\/?p=17"},"modified":"2015-06-21T06:30:49","modified_gmt":"2015-06-21T12:30:49","slug":"microsoft-is-not-watching-your-computer","status":"publish","type":"post","link":"http:\/\/pcmdx.net\/blog\/2015\/06\/21\/microsoft-is-not-watching-your-computer\/","title":{"rendered":"Microsoft is Not Watching Your Computer"},"content":{"rendered":"<p>Over the past year we&#8217;ve had several clients contact us to tell us that they had received calls from &#8220;<a href=\"http:\/\/www.microsoft.com\" target=\"_blank\">Microsoft<\/a>&#8221; indicating that they had errors on their computer, and that &#8220;Microsoft&#8221; wanted to fix those errors.<\/p>\n<p>Having received two of those calls as well, and having promptly hung up on those calls, we thought that most people would do the same. \u00a0Apparently this is not the case. \u00a0So please read this post so that you can protect yourself from a social-engineering hack. \u00a0And share this with others as well, especially those who are not computer savvy.<\/p>\n<p>Here&#8217;s how the hack goes:<\/p>\n<p>Your phone will ring and a person on the other end, usually with a foreign accent (ours had an Indian or Pakistani accent both times) identifies himself as being an engineer with Microsoft and they discovered an error on our computer, and they needed to fix it. \u00a0The way they want to fix it is to remote into the computer, by the victim going to a web site that installs remote control software.<\/p>\n<p>If the victim seems dubious, the hacker\u00a0asks them to go to a folder on their C: drive and look for a file called rundll32.exe (or any common Windows file). \u00a0Once the victim sees that file (which is on every Windows computer), the\u00a0hacker says that it&#8217;s a dangerous file and that he will remove it. \u00a0He then directs the victim to a web site where the remote control software is installed. \u00a0Once it is installed, the hacker has complete control of the computer. \u00a0They will tell the victim that they are removing the bad files, meanwhile accessing the victims private information.<\/p>\n<p>The hackers are brazen at times. \u00a0One of our clients allowed two of his computers to be accessed, and then the hacker had the audacity to tell the victim that they owed $199 for the &#8220;clean-up job&#8221;, which the victim reluctantly gave. \u00a0Then they called us. \u00a0It took several hours to remove all the malware installed by the hackers.<\/p>\n<p>Again, they usually prey on people who are not computer savvy, and, since they sound convincing, the hackers are successful many times.<\/p>\n<p>We have received two of these calls. \u00a0On the first one, we played along to determine their method. \u00a0Although we never let them get to the computer, and then stopped them by telling the hacker what we did, we were able to gather some information.<\/p>\n<p>The hackers are based in India or Pakistan (ours was in Pakistan). \u00a0They are in a phone room and randomly call US numbers. \u00a0If successful, they are paid $150 US for each hack.<\/p>\n<p>So here&#8217;s a very basic thing to remember: \u00a0<a href=\"http:\/\/blogs.microsoft.com\/cybertrust\/2014\/02\/19\/5-things-you-need-to-know-about-tech-support-scams\/\" target=\"_blank\">Microsoft does not monitor your PC for errors.<\/a> \u00a0If someone from Microsoft calls you to tell you there&#8217;s an error on your PC, <strong>HANG UP<\/strong>. \u00a0Quickly.<\/p>\n<p>Now, if you&#8217;ve received a call like this and have allowed a hacker access to your PC, and have not had your PC cleaned, please contact us right away. \u00a0Once the hackers have access, they will continue to have access. \u00a0Our contact information can be found on our web site <a href=\"http:\/\/www.pcmdx.net\" target=\"_blank\">pcmdx.net<\/a> or on our Facebook page <a href=\"http:\/\/www.facebook.com\/pcmdx\" target=\"_blank\">facebook.com\/pcmdx<\/a> .<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Over the past year we&#8217;ve had several clients contact us to tell us that they had received calls from &#8220;Microsoft&#8221; indicating that they had errors on their computer, and that &#8220;Microsoft&#8221; wanted to fix those errors. Having received two of those calls as well, and having promptly hung up on those calls, we thought that [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,5,7,2],"tags":[],"class_list":["post-17","post","type-post","status-publish","format-standard","hentry","category-all-windows-versions","category-computer-protection","category-hack-prevention","category-os"],"_links":{"self":[{"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/posts\/17","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/comments?post=17"}],"version-history":[{"count":1,"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/posts\/17\/revisions"}],"predecessor-version":[{"id":18,"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/posts\/17\/revisions\/18"}],"wp:attachment":[{"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/media?parent=17"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/categories?post=17"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/pcmdx.net\/blog\/wp-json\/wp\/v2\/tags?post=17"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}