Microsoft
customers in Arizona were scammed by a BPO setup by fraudsters who’s executives
represented themselves as Microsoft employees and managed to convince them that
for a 300$ charge they would enhance the performance of their desktop
computers.
Once signed up, the BPO technician logged onto using a remote access
software that provided full remote control over the desktop and proceeded to
delete the trash and cache file, sometimes scanning for personal information.
The unsuspecting customer ended up with a marginal improvement in performance.
After one year of operation, the Indian police nabbed the three men behind the
operation and eleven of their employees.
There were
several aspects to this case “Pune BPO which cheated Microsoft Clients
in the US busted” that
I found interesting:
1)
The
ease with which customers were convinced to part with money and to allow an
unknown third party to take remote control over their computer. With remote
control one can also install malicious files to act as remote backdoor or
spyware making the machine vulnerable.
2)
The
criminals had in their possession a list of 1 million Microsoft customers with
updated contact information
3)
The
good fortune that the Indian government is unsympathetic to cybercrime both
within and outside their shores which resulted in the arrests. In certain other
countries crimes like these continue unhindered.
Cybercitizens
should ensure that they do not surrender remote access to their computers or
install software unless they come from trusted sources.