I had an interesting experience recently when visiting a client. They passed the phone to me and said that maybe I could help them. The ‘them’ in question turned out to be someone with an Indian accent calling from Symantec generously warning my client about various security problems they might not be aware of.

Now I knew that Symantec produce the Norton security products so that made sense. What I also knew is that they will never, ever call anyone without being requested to do so. I terminated the call.

This was a scam and I had recently seen what happens to a computer when the owner had been tricked into allowing remote access to some specialists from ‘TalkTalk’. He now had a computer which had a low-level SysKey password which he didn’t know and therefore couldn’t access his computer. It may be possible to fix this in some cases, but this time the only way to get a working computer back was to wipe the hard disk and start over.

So what do we learn from this?

  1. Always make backups of files you don’t want to lose so if the worst happens they can be copied back to your computer after reinstalling the operating system.
  2. Never, ever, ever let someone have remote access to your remote computer unless you have initiated contact.
  3. Large companies do not ever cold call to help you out. I have had experience of scammers purporting to be BT, TalkTalk, Symantec and Microsoft. There are no doubt many other companies names being hi-jacked.
  4. Scammers tend to pick large companies because there is a much greater likelihood that you have one of their products and/or have heard of them.
  5. The scammers are very believable, they’ve had a lot of practice.

You may wonder why they do this. Simply, money. Once connected to your computer, they will point out various things on your computer that are on every computer, but tell you that they indicate the computer is in danger of stopping working and ask for money to fix it. If you refuse, your computer is locked by a password and you are then asked to pay money to have it removed. Trouble is once you have paid there’s not a lot of incentive to give you the password. These are crooks you are dealing with after all.