Caught in a trap, I can't log out..

(with apologies to Elvis Presley) - This is a cautionary tale, of a consumer who very nearly got caught up in a clever ruse.

Last night, I received a call from a friend who had been to a local retailer and had purchased a subscription to Office 365. When getting home, they went to install it by following the instructions on the docket.

Note the instructions - to head to Office.com/setup - not https://Office.com/setup. What is the difference some of you might ask? Well - depending on the browser - this might not go to a website, but instead to a search engine - such as google - which the results are:

5 out of the 8 results on the page are what I would describe as "dodgy". (I tested the same search on Bing.com and all the results on the first page are legitimate sites). The top two results are adverts - and link to less than legitimate sites. So if you are not aware and trusting the top results - you might very well visit them. (This is a problem and something that needs to be addressed - but putting that aside - it goes to show that it is easy to get pushed down the wrong path).

If you do head to the wrong place - you might see a screen like this:

Again - looks legit at first glance - until you look a little closer at the URL. Click on the Get Started though and you get prompted to enter in details - email, name, phone number, etc.

In this case, that started a chat, which then prompted a gotomypc link to be sent, at which point, remote control was established, and then event logs were opened to show all the errors, the task manager was opened to show off how many services are not started or currently stopped. My own Task Manager is shown below - notice how many Stopped services - now - I know that's not a problem - but if you are trusting a person who is from the Official Microsoft Office Setup - and they are telling you it's a problem - well - then you can see how the next part goes.

After all these "problems" have been revealed - my friend was given a solution - if they bought a support pack - then a technician would be able to fix all their errors, and install Office for them. The support pack would include the install of: Wifi Security Scanner, Network Security Essential, Microsoft Malicious Removal Tool, MS Office. All for a bargain price of AUD275 for 3 years, AUD550 for 5 years or a lifetime for AUD850.

At this point, my friend, wisely erred on the side of caution and then said they would have a chat with their trusted advisor (me!). They were given a phone number to call, a case ID and the name of the technician assigned to their case. I was then called - and after a couple of seconds - pronounced it to be what it was - a scam - a more elaborate version of the telephone calls that are from "Microsoft Warranty Department", "Amazon Prime Support", "Australian Broadband Network", etc - but same basic premise. Take a nugget of truth and then twist it into something that it is not to deceive and trick people out of their money (and possibly more if they installed the applications).

So - beware, be alert, and have a chat with your trusted advisor when it comes to your online safety and activities. If you don't have one - contact me and I will point you in the right direction. If you are an IT savy person - then make sure that you listen out for any of these sorts of things and be the proactive trusted advisor!

Also probably a good time to point to some general advice about protecting yourself online How to protect yourself in an online world (aka someone already has your password) | LinkedIn

Cheers

Kyle

Photo by Gabriel on Unsplash