Drew, one of our readers, wrote us let us know about a new scam being used to spread malware - - well, ok, not so new, but certainly new to me and becoming more popular, enough that it should be on your radar.

Picture this - you're surfing away, and your phone rings.  A person claiming to be from a support company or in some cases a "Registered Microsoft Support Partner" (note that Microsoft does not use this term, it's a made-up designation) tells you that you have a virus, and that for a few hundred in your favourite currency, they'll clean your computer for you.  Of course, if this happened as a pop-up, you'd know it was a scam right?  maybe?  Your Antivirus might catch it, but if not, you'd probably close the window, or perhaps reboot your computer.  But would you fall for the live operator on the phone?  Would your parents, grandparents or other relatives?  How about your manager? your CEO? 

The attackers in these schemes have nothing but time to help you to install malware, remote desktop applications or really anything they feel would make their life easier.

After digging a bit, some of these scams seem to be run from locations in India (but most likely not all of them), but when they call your phone, they'll most likely have an area code in your country.  They also take advantage of VOIP services to keep their costs low and profits high.

There is no good protection against things like this except for user education in security awareness.  Especially in corporations, this should be an ongoing effort, and things like phishing, vishing, fake antivirus and the like should be presented to your user community for what they are as frequently as possible. 

More info here ==> http://www.pcpro.co.uk/news/security/359233/the-unstoppable-tech-support-scam

and here ==> http://www.pcpro.co.uk/news/security/356833/pensioner-targeted-by-fake-virus-phone-scam

=============== Rob VandenBrink, Metafore ===============