We speak to many customers who have had bad experiences dealing with companies/individuals claiming to be someone else. The worst of these stories usually ended with a fair bit of money lost, and the horrible feelings being scammed leaves (lower self-confidence, increased scepticism, worries about future security etc.). We thought it was time to write a little bit about ‘phishing’ and scams relating to computers.
Phishing (Pronounced, ‘fishing’)
Definition: “the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online.” For this article, we also consider telephone calls as well as email contact methods.
Top ‘scams’ we come across
- Phone calls from [insert big company here] claiming something is wrong with your computer. The victim is tricked into giving remote access to the scammer who shows some errors/viruses/problems on their screen and then the user is required to pay a large amount of money for any fixes required.
- Phone calls to [insert big company here] – there are many websites pertaining to be a company they are not. Person with problem calls big company, they fix the problem (maybe quickly, maybe making a mountain out of it) and charge a large sum of money. If you are paying for a service, you can probably get through to them on the phone but you shouldn’t expect to pay. If you use a free service such as Gmail, Hotmail, Yahoo Mail I don’t think there are any ways to phone those companies/departments directly and free services don’t offer ‘pay help’ – they would more than likely more you to a ‘pay tariff’ which includes support (and instructions on how to use it).
- Emails from the similar companies (often linked to a financial service such as your bank, PayPal, Amazon etc.) claiming your account has been hacked. Best thing here is to have a strong password to begin with that means it is much harder to hack (think long mixed case alphanumeric non dictionary combinations). Second thing to do, if you really do think the email is genuine, is to ignore the email entirely and open you web browser and log into to services/website as you would normally do. You can expect to be alerted to any problems after logging in or by looking at the ‘my account’ section. Clicking on a link in an email can take you to a genuine looking website and you can easily be tricked into giving your details away. Using the hyper link or viewing images in an email can also alert the send so they know your email address is active (so they can send more spam).
- Similarly, the police won’t send you an email if they think you have/are committing a crime. They definitely will not give you an option to pay to get out of a crime (without you going to court). A classic virus, the Metropolitan Police Virus, says you’ve been looking at inappropriate material (animal/child porn) and locks you out of the computer until you pay a ransom fee. If anything pops on the computer claiming to be from the Police, check with the police themselves or give us a bell – sometimes it may be too late, other times the situation can be rectified.
Things to consider to stay out of trouble / best practice guidance
- Use strong unique passwords. Harder to hack any account and allow a scam to be engineered.
- Changing your password, often. A good idea, but realistically perhaps at least once a year. If you suspect any account/service you use has been compromise change the password immediately.
- Stay away from ‘dodgy’ websites such as steaming video sites, live football, porn sites, pirate software/video download sites etc. These are prime places to catch a virus/hack. If you must use these, find trustworthy ones (a trustworthy pirating/streaming site doesn’t seem likely but some are run by people with interesting ethical opinions).
- Learn what popups look like from (these are generally the only popups you should see, so ignore and close (x in the top right) any others):
- your antivirus program
- Microsoft Windows / MacOS
- your web browser
- any other programs you have installed to run in the background such as CCleaner.
- There are loads of websites that create popups designed to make you think it is a legitimate program installed on your computer or from a trustworthy company. Be cautious, assume the worst and ignore – if you restart the computer and it appears again (when you do something else on the machine) it’s more likely to be legitimate. Knowing what is good/bad here is easier said than done and we appreciate it comes with experience and knowledge.
- Read more about viruses and online safety.
Things to consider if you feel like something isn’t right
If you think you have been scammed out of money call your bank immediately to inform them. They get this sort of thing all the time. Banks can protect you account but only if you tell them too. Likewise, if you paid by credit/debit card, call the card issuer, tell them what happened and request a new card. We do a lot of credit/debit card transactions online and get replacement cards regularly to be safe (every 6-12 months). Using a credit card online usually offers you more protection than a debit card but investigate your card issuers to see which gives you the best cover and use that card online.
Cold call/email? Behave like you would if someone turned up from your house claiming to be from British Gas. You wouldn’t call a number that they provided you to verify them – you would find the number for British Gas in the phone book or online and call that. Do the same for computer companies.
Before letting anyone take control of your computer, be 100% sure they are who they say they are and you can trust them. Once you have handed control over the remote person could do anything very quickly. There is no way to say for certain that the computer is clean and safe after someone has been on it without wiping it completely or through a costly very inspection/observation.
Companies probably wont call you…unless you are already in a dialogue with them (or somehow manage to owe them money).
- Microsoft won’t ring you about Windows.
- Not heard of Apple calling anyone.
- Google won’t ring you, and there is no telephone support for Gmail problems. We believe this is the same for Microsoft’s Hotmail/Live/Outlook accounts.
- If you are paying for advertising, contractors do work for Google and Microsoft.
Your WiFi, phones and computers can’t infect your neighbours equipment.
Always ask how much the work is going to cost before letting it happen. To give you an idea of prices, Sheffield Computer Services nearly always charge far less than £100 to fix any problem (excluding hardware costs). Sometimes bills have been larger but on those occasions it tends to be a ‘fix everyone’s laptop, the family desktop, set up an iPad, iPhone and smart TV’ type of job. A good company will stick to their quote or warn you if the cost is going to increase.
If you’re paying for a service (antivirus, software suite etc.) the price of support is usually included.
If you are in a contract with a company and you end up in a situation such as ‘owing’ them money for a remote fix and you feel things are wrong, tell them. Tell them that you will call them back and settle the bills – they must be able to put the bill ‘on the system’ so you can settle it later by calling a number on their official website.
Remember, take a cautious approach, and if in doubt give us a call.