Watch out for FAKE Microsoft Audit Scams!

A client of mine got an email from “Microsoft” asking them to perform a self audit on all their Microsoft Licensing. It came with Microsoft header, from a v-name@microsoft.com address and was pressuring them into completing an audit and upload their licenses to a site where they can “assist” in helping them be compliant.

After my client did not respond, they got a phone call from Microsoft in (New Zealand) not the USA. At that point, they handed it over to me and I dug into researching everything. I found the they are NOT Microsoft, but a Partner (so they said), the site does not belong to Microsoft. I found a video on youtube demoing their “fake audit site” and figured out this was the scam. Upload the data, make money for Microsoft from company being told they are not compliant and make money for this “partner” monthly for mining all the license data. This is not good business! Shame on the both of them for letting this happen. I have filed a complaint with Microsoft with little faith I will hear anything back.

Click image to see full screen.

Looks real, but it’s all FAKE.

 

-Microsoft Forcing Windows 10 down through Windows Updates-

I Woke Up & My PC Looks Different.

It seems there is not enough people ready to commit to Windows 10 yet so Microsoft is giving us a kick in ass. We have had an influx of clients calling us complaining about coming into work on Monday morning to find their PC has been upgraded to Windows 10 without any warning. We have had a mixed out come of scenarios for reverting their PCs back to Win7. Sometimes it rolls back without any problems, other times we see the message “An Error Has Occurred” leaving us to either leave Windows 10 on their PC or reinstall Windows 7. Even when the roll back is successful, Microsoft Office is corrupted and needs to be reinstalled. For those of us who are blessed with hard copies of Microsoft Office should be up and running in a few minutes. For everyone else, go find your key cards or your Microsoft store logins and figure out how to re-download it. We have also seen Quickbooks get corrupted as well, particularly versions that are not current.

How & Why Did This Happen?

Most people have Windows Updates set to automatically download and install. Microsoft used that to their advantage and sent the Windows 10 down in an update (guess they thought they were doing you a favor).

It’s Free, Right?

For whatever reason, Microsoft thinks this is necessary but it is not. Windows 7 is good to use until 2021 without any issues. If you don’t like Windows 10 you do not have to upgrade. The only reason to upgrade is if you like the word FREE. But be mindful of what free will get you. There are plenty of “Phone home to big brother services” in the new Operating system and MS says you can turn them off if you don’t like it. What they don’t tell you is there are more services that you are not privy to turn off.  Depending on which version of Windows 10 you upgraded to Automatic Updates are no longer an option to turn off.

I Got Windows 7 Restored, Now What?

First thing, DO NOT TURN OFF WINDOWS UPDATES! “It sounds logical, turn them off and Windows 10 can’t come down.” However, it also prevents windows from getting any security updates which are strongly advised. There are a few ways to remedy the problem. First, change Windows update settings to “Notify me but do not download or install updates”. This works but you will need to manually review, download and install every update. The second way is to check for updates, review them and look for the “Windows 10 Upgrade”. Right click it and select hide. This will prevent it from installing and allow automatic updates to continue to work properly.

If you still need help, give us a call and schedule a repair.

-What you didn’t know about Internet Explorer-

Internet Explorer and AOL Security Breach

Earlier this week, Microsoft announced that a major security flaw was discovered in ALL versions of Internet Explorer.  The security breach has taken the attention of the DHS.  The DHS issued a warning for everyone to aviod using Internet Explorer until Microsoft fixes the problem.  There is current evidence showing hackers are using this bug to take control of people’s computers when they visit certain websites.

Ways to stay secured:

PC Professionals recommends using Firefox or Google Chrome as an alternative web browser.  Even if this security risk didn’t pose a threat, we would still recommend Firefox or Google Chrome over Internet Explorer.  These browsers are faster and more secure.

When you see that Windows Updates have updates available, make sure you install them immediately.

As you know, April 8, 2014 Windows XP is now end of life.  If you are accessing the internet, understand you are at extreme risk for virus and spyware problems since the security issues like this wont be fixed for Windows XP.

AOL also issued a security breach and is stressing anyone using AOL email to change their password right away.

-Warning! Microsoft Does NOT Make House Calls. New Wave Of Phone Scams Has Arrived-

This article was taken directly from Microsoft’s “Avoid Phone Scams” page.

Cybercriminals don’t just send fraudulent email messages and set up fake websites. They might also call you on the telephone and claim to be from Microsoft. They might offer to help solve your computer problems or sell you a software license. Once they have access to your computer, they can do the following:

 

  • Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
  • Take control of your computer remotely and adjust settings to leave your computer vulnerable.
  • Request credit card information so they can bill you for phony services.
  • Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.

Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.

Telephone tech support scams: What you need to know

Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you’re using.

Once they’ve gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable.

Do not trust unsolicited calls. Do not provide any personal information.

Here are some of the organizations that cybercriminals claim to be from:

  • Windows Helpdesk
  • Windows Service Center
  • Microsoft Tech Support
  • Microsoft Support
  • Windows Technical Department Support Group
  • Microsoft Research and Development Team (Microsoft R & D Team)

Report phone scams

Learn about how to report phone fraud in the United States. Outside of the US, contact your local authorities.

How to protect yourself from telephone tech support scams

If someone claiming to be from Microsoft tech support calls you:

  • Do not purchase any software or services.
  • Ask if there is a fee or subscription associated with the “service.” If there is, hang up.
  • Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.
  • Take the caller’s information down and immediately report it to your local authorities.
  • Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.

What to do if you already gave information to a tech support person

If you think that you might have downloaded malware from a phone tech support scam website or allowed a cybercriminal to access your computer, take these steps:

  • Change your computer’s password, change the password on your main email account, and change the password for any financial accounts, especially your bank and credit card.
  • Install Microsoft Security Essentials. (Microsoft Security Essentials is a free program. If someone calls you to install this product and then charge you for it, this is also a scam.)Note: In Windows 8, Windows Defender replaces Microsoft Security Essentials. Windows Defender runs in the background and notifies you when you need to take specific action. However, you can use it anytime to scan for malware if your computer isn’t working properly or you clicked a suspicious link online or in an email message.Learn more about Windows Defender

Will Microsoft ever call me?

There are some cases where Microsoft will work with your Internet service provider and call you to fix a malware-infected computer—such as during the recent cleanup effort begun in our botnet takedown actions. These calls will be made by someone with whom you can verify you already are a customer. You will never receive a legitimate call from Microsoft or our partners to charge you for computer fixes.

More information

For more information about how to recognize a phishing scam, see Avoid scams that use the Microsoft name fraudulently.

If you need help with a virus or other security problem, visit the Microsoft Virus and Security Solution Center.

-The new “hostage virus” Ransomware-

A Ransomware Program is a program that holds the data or functionality of your computer hostage until you perform an action; which is typically to purchase the program or send the virus creator money.

Description of infection:  This infection usually opens up a window as soon as the computer boots, informing the user that their computer has been compromised.  It lists your IP address, adds a small window to the top screen saying that your are being monitored by video, and with the later versions, encrypts your information rendering it completely useless.  The later versions of this “ransomware” are difficult to remove.  Even if removal was successful, the virus creator still holds your information hostage.  There is a secret key that only he/she has, which is needed to decrypt your information.

Signs that you may be infected:

  • Your computer has a pop-up screen looking similar to this:(right)
  • Your information may not open correctly due to your info being encrypted by the virus creator
  • Redirection when trying to surf the web or no connection at all.
  • Your files may be hidden as a “scare-tactic”

The removal of these infections in the earlier stages were not as difficult, but the encryption factor was not part of these viruses.

One of the most important things to remember with these viruses is the creators are out to make money. Losing your information do to the virus encrypting your info can be a devastating experience, but actually going through with giving the creator the requested money could have an even worse effect; your credit and identity.

If you are unsure about the legitimacy of a pop up, always seek help before continuing.  Not doing so can sacrifice much more than just your computer.

Here at PC Professionals, we have the solution.  If your information is not encrypted, we can perform a virus removal with the various tools we have.  If your computer is encrypted, we recommend a complete computer rebuild, guaranteeing the infection is gone.  The computer will be restored to the out-of-box state.

Unfortunately, if your info is encrypted, it cannot be saved.  As stated above, the virus creator is the only one that has the secret key to decrypt your information.

After the rebuild is complete, we also recommend you perform a backup and have adequate antivirus installed; which we also offer here at at PC Professionals.

For a few more recommendations/advice, visit PC Professionals Website here: