Rogue Security Software
If you’ve reached this blog post from a Google search for the phone number 4169153536, please be advised that the call you’ve received is a scam. Read on for details.
Rogue security programs look legitimate, but are nothing more than a social engineering tool designed to relieve you of your money.
I touched on rogue security software in my last post (Digitally Transmitted Diseases 101), but a recent experience made me want to revisit the topic.
A member of my family recently fell prey to one of these programs. Setting aside how the program made its way onto his computer, it happened, and it told him that his computer had fallen victim to over “800 hacks.” Not being very technologically savvy, this scared him, as it’s designed to do. He called a number that was given to him (416 915 3536, which has a Toronto area code), and spoke to someone named Steve Dawson.
Unfortunately, my grandfather was convinced to hand over his credit card information, and grant them remote access to his computer. When he started to realize he may have made a mistake, he told Steve that he would ask his grandson to help him. Steve, in an effort to sound legitimate, encouraged him to have me call them. Here’s how that phone call went:
“Hello, thank you for calling Windows technical support!”
Right away, I can tell that this is not a local call, by how it’s ringing. This is a call that’s being routed to another country altogether.
A lady claiming to be named Lucy picks up the call. She has a thick accent. “Hello, thank you for calling Windows technical support. How may I help you?” There’s a tonne of noise and yelling in the background.
“Good evening. Steve Dawson, please,” I say.
She replies, “Oh, Steve Dawson. Yes.” And then, instead of putting me on hold, she just yells, “STEEEEEEEEEEEEEEVE!”
Very professional. Another guy with a thick accent comes on the line. He says he’s Steve Dawson. I ask him what country he’s in. He says New Jersey, United States. Bullshit.
Two minutes into the conversation, he gives up on the lie that he represents Microsoft technical support. When he realizes that he’s actually speaking to an IT professional, he gives up on the lie that he’s a Microsoft-certified engineer. When my grandfather told him he would ask his grandson to help him, he told him to have his grandson call him. I ask what he thought was going to happen when I did call him. He has no answer.
He starts rambling, and I tell him to stop talking. I spend the next five minutes ripping into him over the phone until he gives up and hangs up, but not before he turns it around and starts calling me a scammer.
Did I expect to get anything out of the conversation? Of course not. But sometimes it’s nice to have someone to yell at – someone who deserves it. And for messing with a kindly elderly man, he deserves it.
That takes care of all my pent up aggression this week. I don’t have an asshole landlady to argue with anymore, so who else am I going to unload on?
What do you do if this happens to you?
If you’ve let it get this far already (as in, they have your credit card number and/or remote access to your computer), the first thing you need to do is cut off their access. It may not be easy for you to shut down your computer properly, so hold the power button for a few seconds to cut power if you need to. The important thing is that their access over the internet be cut immediately.
Call your credit card company and report the fraud. Explain what just happened, and have them reverse any charges made. They’ll cancel your current card, and issue you a new one. If necessary, involve the police, as they can file a police report that forces your credit card company to cancel the fraudulent charge.
If you’ve given them your computer’s password, change it immediately. Think about any other online accounts you may use the same password for, and change those immediately, too. This is especially important if you use that password for your email or any online banking.
Call your nearest IT guy and ask them to help you remove the malicious software from your computer, as well as any remote access software left behind. A scan with your antivirus software is recommended, but you may need a professional to look at it anyway, especially if your antivirus software has been disabled.
The Moral of the Story
Don’t trust software you’ve never seen before if it tells you that your computer is infected. Don’t trust someone who calls you and tells you the same.
And the most important point, something I tell my clients all the time: If you have even the slightest doubt or question about something, call your IT guy. Don’t worry about putting them out. Just remember, a five-minute phone call can save you hours of frustration and embarrassment.
Steve Dawson, whatever your real name is, know this: If I ever meet you in person, your testicles will be introduced to my shoe, post-haste.
What do you think? Leave a comment!Digitally Transmitted Diseases 101
These days, more and more people seem to be asking me, “Tristan, I want to become a shark-fighting, syrup-chugging, moose-herding, tree-felling Canadian, too. But first, I’m confused – Can you explain the difference between a virus, a trojan, and spyware?”
You may have read a post I wrote on the digital clap a couple of years ago, Discount Pharmaceuticals – Get ‘em While They’re Hot! Consider this a sequel, if you will. Previously, I offered some helpful tips on protecting yourself online. Now, I’m going to help you understand what you’re protecting yourself against.
Turns out, the digital clap isn’t the only digitally transmitted disease out there. Here’s a brief explanation of the most common types, better known as “malware” (malicious software, get it?).
The Infamous Computer Virus
The virus is so widely known, that people often group all other forms of malware into this one category. However, it’s important to understand that a virus is just one form of malicious software that wants to settle in on your computer.
It’s easy to see why the virus is so widely known, since it’s been around the longest. Before internet use was widespread, viruses were often spread on floppy disks, and other portable media. Today, they most often spread over networks.
They make changes to systems whose results range from simple annoyance to outright destruction of data, and they’re also injected into other files, including Microsoft Word and Excel files.
Since the virus was, essentially, the first form of malware, how do the other forms differ?
The Trojan
The Trojan Horse of Greek mythology seemed, to the inhabitants of the city of Troy, to be a gift. However, concealed inside were enemy soldiers that used it as a ruse to gain entry to the city and destroy it.
Think of a trojan as the software version of that horse – A piece of software designed to seem harmless on the outside, in an attempt to get you to run or install it. Once you do, you’re opening yourself up to attack. Trojans are often used to steal information, or even enable an outside party to gain remote access to your computer. You want that about as much as you want the real clap.
The Worm
Worms are viruses that spread by any means necessary – Usually, over a network directly, or by harvesting your address book and sending itself to your friends. Trust me, they’ll love you for that.
Spyware and Adware
While not usually as destructive as other forms of malware, spyware isn’t any less dangerous. It’ll sit on your computer, collecting information about your habits on the internet, such as what sites you visit, and send that data elsewhere.
Why is this a problem? It’s a privacy violation. How many other people do you really want aware of that embarrassing Google search you did last week about that rash on your buttocks? And for advertising data, no less?
Adware is designed simply to display advertisements on your computer. And where do you think they get the data to target the ads towards you, personally? Bingo. The most annoying fact about spyware and adware is that it’s often installed with software such as browser toolbars, which many people elect to install themselves. The MyWebSearch toolbar is a perfect example of this.
The Rogue Antivirus Application
An example of a piece of rogue antivirus software, pretending to be a legitimate scanner.
Rogue antivirus software likes to get all dressed up for a night on the town. In this case, the “town” is your computer. These tricky bastards are designed to look like legitimate antivirus applications, such as Vipre or (heaven forbid) Norton Antivirus.
What’s funny about these ones is that they actually tell you that you’re infected, in an attempt to get you buy bogus software. Tricky, indeed.
Of course, if they were legitimate, they’d make it easy for you to remove them. Too bad it just isn’t that easy. They often block key programs that would otherwise make stopping or removing them a simple task.
The Keylogger
I don’t have to explain this one, do I? It should go without saying that you do not want to enter a password to your bank account on a computer that’s secretly recording every keystroke on your keyboard, and sending that data to someone on the internet.
Last but not least: The Rootkit!
Always save the best for last, right? Just kidding. Seriously.
A rootkit camouflages itself among your computer’s core systems. It integrates itself into a part of your operating system, and hides itself so well that it is often incredibly difficult to detect, much less remove. Of all the forms of malware out there, the rootkit is most often the one that will make your IT guy throw his hands up in defeat, and just wipe a computer entirely.
It’s not that you can’t remove a rootkit, it’s just that in the time it usually takes to make progress against one, you can often just wipe a computer and reinstall its operating system and applications anyway. Removing rootkits usually ends up being a frustrating exercise that can even lead to significant damage to an operating system, anyway.
The More You Know
This topic is one that confuses a lot of people outside the IT industry, but that’s ok. It isn’t your area of expertise, but you want to better understand what threatens your computer, and even your business.
I hope that I’ve been of some help in this area. And as I said in Part 1, I’m always around if you have questions. Comments, email, Twitter… Get at me.
1 person has commented. What do you think?Customer Service – The Bovine Does It Best
I have more business cards than I know what to do with. But that’s ok – I didn’t pay for most of them. Once you’ve read this, you’ll either be terrified of ordering your next batch of cards from Moo, or be ready to place your order immediately. Or you might just be indifferent about it altogether. I’m not a mind reader.
Are you a glass half-full or half-empty person?
What the hell am I talking about?
My business cards elicit some interesting reactions. Most of them involve laughter. I assume it’s because most people don’t expect a business card to greet them with such a facial expression. But that’s exactly what I’m going for when I give you a card. I want you to remember me, after all.
When I ordered a new run of cards from Moo.com, I uploaded a new custom design (created for me by Petra Cuschieri, graphic designer extraordinaire) to their design tool, and placed the order. Two weeks later, they arrived.
To my dismay, there was a white stripe across the top of each card.
Bad news first, right?
There was a problem with the bleed on the first run of 100 cards, resulting in a white stripe on the top of each card. After one of Moo’s support representatives attempted to fix the problem, the second batch I received had no stripe, but the design was zoomed in and misaligned.
A third replacement batch arrived, and the alignment issue had been corrected, but now there was a stripe across the bottom of the cards. It took 300 free cards before someone identified the issue and instructed me correctly on how to resolve it.
Don’t worry, there’s good news!
Moo’s support department is stellar. Their people were quick to send me reprints, and didn’t even ask for proof of the problems with the bad batches.
Despite the fact that I had to wait a few extra weeks, due to all the bad batches, I was never given a hard time, and each of my emails was responded to quickly. These people are really nice.
Bottom Line (No Pun Intended)
I have 400 cards for the price of 100. 300 of those are slightly messed up, but they’re still usable in many situations, and I’m still a satisfied customer.
Customer service like this is what truly sets a company like Moo apart from its competitors. They messed up again and again, but they didn’t stop trying to make it right until I was happy again. And they did it politely, and with style. I can think of at least one company who would do well to heed Moo’s example (See: Customer Retention – You’re Doing It Wrong).
So, ideas on what to do with 300 bum business cards? I was thinking about hauling a giant fan up to the top of the CN Tower…
What do you think? Leave a comment!Today’s To-Do List
I found these on the internet. I didn’t come up with them; Although, I wish I had. You see, I’m as clever as a fox. Just one fox, though. Whoever came up with these is as clever as a whole squadron of foxes.
Hive? Murder? Flock? What, exactly, is the correct term for multiple foxes, anyway?
Check It Off
- Wear a t-shirt that says, “Life.” Hand out lemons on a street corner.
- Hire two private investigators, and get them to follow each other.
- Major in philosophy. Ask people why they would like fries with that.
- Go into a crowded elevator and say, “I bet you’re all wondering why I gathered you here,” with a straight face.
- Make vanilla pudding, put it in a mayonnaise jar, and eat it in public.
- Become a teacher. Make a test where every answer is “C.” Enjoy the show.
- Wait until someone is about to sneeze. Right before they do, loudly scream, “Pika… PIKAAA!”
- Run into a store and ask what year it is. When someone answers, yell, “It worked!” and run out cheering.
- Buy a horse, name it “Oscar Takes the Lead,” and enter it in some horse races.
- Invite someone into your office, turn around in your office chair, and say, “I’ve been expecting you…”
- Change your name to Simon. Start speaking in the third person.
- Become a doctor. Change your last name to Acula.
- Buy a parrot. Teach him to say, “Help! I’ve been turned into a parrot!”
- Follow joggers around in a car, blasting “Eye of the Tiger” for encouragement.
Hotlinking Images is Rude
I just watched nearly all of my blog’s bandwidth be consumed in a matter of hours. Someone decided to take a funny GIF image that I had hosted here and link directly to it on their site. Thousands of visitors (to their site, not mine) later, I was getting warnings from my host.
I’m not talking about image ownership. I didn’t create it, and I have no idea who did; But a copy of it does sit on my server, and I pay every time someone downloads it from there.
If you choose to leech an image off someone else’s site instead of hosting it yourself, beware – You leave the content on your site open to whatever the image owner or host decides to replace it with.
An awful lot of sites and blogs on the web will now find the clip of Zefram Cochrane they so thoughfully leeched off my blog replaced with something… else.
Thanks for the laugh, guys. But one question: What’s a “PAWG,” anyway?
4 people have commented. What do you think?
