IT Security Alert - 5 Tips to Avoid a Phone Scam using Social Engineering


Social Engineering is an attack that involves human interaction to complete the security breach.  Recently we have received reports that our customers, and even staff members have received phone calls from people representing themselves as Microsoft, or they may not even say who they work for.  The attacker will indicate there is an issue on your machine reported back to them, and that they need to login to your machine to fix it.  Most will ask for money, but some will download and install a backdoor on your machine for later use by the hacker.

How do I avoid being Scammed by Social Engineering?

Microsoft posted some information to their Safety and IT Security Center on this topic.

If someone claiming to be from Microsoft or another tech support calls you that you do not know:

  • Do not purchase any software or services.
  • Ask if there is a fee or subscription associated with the "service." If there is, hang up.
  • Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.
  • Take the caller's information down and immediately report it to your local authorities.
  • Never provide your credit card or financial information to someone claiming to be from Microsoft tech support or an outside tech company you are not already under contract.

ACP Technologies is here to help you with your Network Security.  Going through our Security Assessment Process will help identify possible security gaps.  Contact us to find out how to mitigate these threats even if you are a victim of Social Engineering.