Microsoft must have finally gotten the upper hand in Windows security.

I just talked with a non-technical friend who got a call from a call centre purporting to be Microsoft. The agent explained, in broken English, that Microsoft had “detected a virus on her computer”. He then attempted to direct her to TeamViewer, a remote desktop access application.

It was at this point that she wisely terminated the call and got in touch with me.

It’s pretty easy to see where this was going. A victim, under the impression that the call was from Microsoft, trusts the advice, installs TeamViewer, and gives the hacker full, unrestricted access to their computer. Under instruction from the hacker, the user happily bypasses all the security warnings, and in only take a few seconds a trojan / back door is in place and the user’s system is completely compromised. The system is instantly open to credit card fraud, identity theft, spam relaying, and anything else these criminals can come up with.

The good news is that Microsoft Windows security is now clearly at a point where a human factors attack is worth the expense. The bad news is that the percentage of users who are likely to fall for this scam is far too high, and the attack vector allows for the injection of any payload. Hackers can obfuscate this malware so that a virus scanner could have a very difficult time identifying it as malicious. Worse yet, the current target might be Windows, but there’s no reason why this approach can’t be equally effective with other platforms.

This marks a new battleground for security in home computing. As with most other attacks, the first line of defence is education. If you have friends who are less technical, please warn them about this.

Mastodon