So, it turns out that your computer doesn’t even have to be infected for you to become a target for people who offer to disinfect it – and charge you, of course!
Symantec has been receiving information from different sources about a technical-support-by-phone service whose modus operandi is the following:
- Cold call targets and try to make them believe that their computer is infected
- Offer to clean up the infection and offer future protection for a fee of 129 euros per year
- Ask the target to send information such as full name, address, phone number, email address, and full credit card details by email, along with an email that authorizes them to charge the credit card
- Make the target install an application that would allow the “certified Microsoft technician” to remotely access the computer
- “Fix” the “problem” by running Checkdisk, Diskcleanup, emptying various temp folders, clearing out the event viewer and disabling event logging so that no system warnings are shown in the future.
The name of the service is “Online PC Doctors”, and they even have a decent-looking website that doesn’t raise any suspicion at first glance:
The fact that they are afraid of infections and malware but don’t know the first thing about how to check for it and remove it, makes inexperienced (and naive) users the ideal targets for such a scam. Any user that has a modicum of knowledge about how a computer system and the Internet works would be instantly suspicious about the fact that someone is calling him and saying that they KNOW that his computer is infected.
If you are certain that such a scam would never have worked on you, stop a moment and think: Is there someone you know that could have fallen for it? If you know of such a person, do them a favor and inform them of it.