The below was updated on April 20, 2022
There is an abundance of security risks on the internet and on the phones. Scammers are known to impersonate organizations such as Revenue Canada, Microsoft or even your bank and tell you stories to get you scared. The process of convincing someone of facts that are not true is a type of social engineering. What is social engineering? Social engineering is defined as the manipulation of people to divulge personal and confidential information for the purpose of malicious activity. This can result in fraud and most is of the financial type.
Who can be easy targets of social engineering?
- The non-tech savvy and those that typically need assistance from others when using smartphones or computers
- Business owners, administrators and colleagues that use the internet to run their business but don’t understand the fundamentals of GDPR or had very little training on social engineering
- Users that are looking for free internet downloads
- Computer users that have no certified malware protection
- Residences that have their landline phone number posted on the public White Pages
- Facebook users
- Someone that has shared with you a forwarded WhatsApp or Facebook spam message for a "free gift card"
- Someone who has been scammed before
If you do know any of these people, share this article with them for awareness.
What are the characteristics of these social engineers?
- Upon contact, they tend to be extremely friendly: "How are you doing today?" or "By god's grace, the lord has shined this blessed fortune upon you"
- Ensure safety: "We need to remote to your computer. You will be connected to our 'secure' server"
- Embed scare tactics either on the phone or by email and text message: "You will be arrested" or "Click here to login to fix your suspended bank account"
- Convince of guarantee to fix an issue you don't really have: "After you pay, we will cancel the arrest warrant" or "We will fix all the computer issues and get rid of the hackers"
- Will stay with you on the phone line for hours till they get what they want: "You are not allowed to hang up the phone"
Let's go through a few examples of popular encounters.
FAKE MICROSOFT / WINDOWS SUPPORT WEBSITES
These websites can popup if you spell the website incorrectly like 'yooutube.com', 'gooogle.com' or 'outlooook.com'. Microsoft or Apple will never ask you to call them. All that is needed is to just shut the device off and turn it back on to get rid of the message.
When you call them, they may ask you for access so they can remote into your computer and connect you to their "secure server". They may lie to you to make your computer look damaged when it really isn't. When they remote into your computer if they show you a screen with a bunch of red X's and yellow exclamation marks, these are all normal.
If they showed you a black screen with white writing and then showed hackers or viruses at the bottom, they did a CTRL - V and faked it. This is a DOS command prompt and virus detection is not possible in this window.
If they showed you a screen that says stopped services, that is normal. They should be stopped until Windows needs those services.
If you already contacted the scam artists and they convinced you to remote into your device, then uninstall all software that was used in the process of remoting them in. If they asked you to install TeamViewer, it is possible that they will still be able to remote back into your computer without your knowing at a later time. If you're not able to determine what was done, then pull the device off of the internet and shut it down. Report the issue to your IT person or trusted Geek Squad or Staples tech department. If you paid any money with your credit card, call your credit card company and alert them to reverse the charges. It would probably be best for the credit card company to send you a new credit card number.
FAKE APPLE CARE WEBSITES and EMAILS
Apple devices can receive fake messages as well. If you are provided with a number to call they will tell you that there was some unauthorized people trying to access your Apple ID and that they got the notifications from the hackers. You may also get an email or a phone call scaring you into thinking they are Apple Support when they really aren't.
FAKE SAGE SUPPORT WEBSITES
We try to make sure that searching for us is not difficult. But in the rare instance when you do a web search for 'Sage', a fake sight may show up. See our other Sage City blog for tips on ensuring you are calling the legit Sage.
Some fake Sage hotlines have been known to ask for account ID information. If you feel that you have spoken to a 'fake Sage' call 866-996-7243 to report the issue and address any of your account security issues.
FAKE CRA VOICEMAILS
During tax season, one can easily get tricked into thinking the CRA or IRS is really out to get you when they really aren't. They leave a message and when you call them back, they will introduce themselves with a 'fake badge ID number'. They tell you "the police are coming to arrest you and put you behind the bars".
If you want to settle it out of the court they end up asking you to go to the local store and get a gift card - iTunes, Google Play or Walmart are the popular ones they ask for. If you get one of these phone calls, don't just hang up the phone. Report the incident by calling 1-888-495-8501 or visit this site regardless if you got scammed or not. They may be able to pull down the number before anyone else gets scammed. If you want more information on how to differentiate between the real or fake CRA, see https://globalnews.ca/news/4907961/cra-phone-scams/
Examples of CRA messages:
FAKE SMS BANK MESSAGES
Your bank will never send you a text message that your bank account is deactivated. When you open the link, it will take you to a website that looks like your bank website but all it does is capture your username and password so that they can login later. Try not to click on the link. Report the issue to your bank so they can take the appropriate action to secure your account. Delete the message after speaking with your bank.
FAKE REFUND SCAMMERS
You may one day get a call that you paid for computer services and that the 'fake computer support company' is going out of business and they need you to login to your bank account to refund the money. They ask to remote into your computer and bank account. They end up playing with the html code on the page to make it look like they are transferring more money to your account than they should be transferring. They tell you to go to the local store and buy some iTunes or Google Play cards to fulfill the fake refund. The video below tells the story of their operation:
- Before doing business with anyone you have never spoken with before on the phone, Google Search the phone number that you had contact with or search on www.scammer.info. There is a chance that someone else caught the scam before you and reported it.
- Install a proper anti-virus and malware suite onto your computer. While Windows Defender is getting better in research, it still may not be enough as a full suite. Second opinion software researchers are Sophos Hitman Pro and Malwarebytes and their products can be used alongside regular antivirus suites. Speak with your computer tech to recommend a suite that protects your email, prevents ransomware, malware, spyware, adware and 'scamware' from occurring
- If you are able to record the web address of the fake support sites, report unsafe websites to:
If you receive a fake message on an iPad, iPhone or Mac OS report at:
If you are a seasoned technology user who was exposed to fraudulent scamming activity, who subscribes to any Malwarebytes products on https://www.malwarebytes.com/, it would be useful to alert this security research community
- https://forums.malwarebytes.com/ (Research Center section)
- Subscribe to a trusted VPN (virtual private network) service. Legit VPN services may have advanced security protection. Consult with your trusted IT person for advice on which one would work best for you.
- Forgo subscribing to a landline service at your home. The White Pages still exists and is easily accessed online. Use your cellphone as your residence phone instead (where possible of course) or block your number from search directories with your landline provider. Some providers charge extra for this service.
- Microsoft and computer manufacturers (Dell, HP etc.) do not randomly call anyone or create popup messages about computer issues discovered. Microsoft does have legit technical support department numbers and they can only be found on this site: https://support.microsoft.com/en-us/help/4051701/global-customer-service-phone-numbers
- Sage does have Canadian support channels and you can view them at https://www.sage.com/ca/support or you can call 866-996-7243. You can also sign up for an account and ask questions at www.sagecity.com
- If the 'technician' you are dealing with does not know anything about your account info without you handing it to them and they cannot provide a verified email address from eg. [email protected] or [email protected], do not allow them to remote into your computer.
- Don't trust a good deal or a free deal from any social networks easily and do not share them. It can be clickbait to give up your personal information easily. When you share the free deals with other friends on social media or other messaging platforms, you allow the scammers to grab their personal details as well.
- Remove your personal email address, birthdate and address info from public view on Facebook. Set this data to "Only Me" See https://www.facebook.com/help/563229410363824?sr=1&sid=08N7D3g0PHnOaFVSw. Remove your cell phone number from Facebook. See https://www.cnet.com/how-to/how-to-remove-phone-number-from-facebook/ on how to remove your phone number
- Remove your mobile phone number from all websites if not needed. Use a VOIP number instead if you trying to authenticate an account eg. Text Now or Oovoo are good options
- Don't trust everything you see on social networks. Content posted on social networks are not vetted for accuracy or security. There are still paid Facebook ads that are re-routing you to fake websites outside of Facebook that ask you to send a Money gram or Western Union transfer to pay for fake products. You can see example of victims on www.scambook.com. $143 dollars for an electric bike is a deal that is too good to be true. Don't trust, click on or share such "offers".
- Change your online website passwords often.
- If you are a business, try to only accept invoices or payments from known email addresses. Store the known email addresses so that they can be flagged as safe in your email program. Try to log out of your email program when finished.
- Don't pay for any "services" using:
- Bitcoin (Bit machines or other crypto currencies)
- Any type of gift card (iTunes, Google Play, Walmart, Target, Steam)
- Cheque - book
- Money Gram or Western Union
- Every business should have social engineering prevention training. You can see an outline about this here. It would also be useful to adopt General Data Protection Regulation Compliance regardless if you do business with the EU. You can view a basic checklist here.
The first step in protecting yourself is awareness. The second step is addressing the vulnerabilities by closing the open doors. While global law enforcement is not able to prevent every scam from happening, and it doesn't seem that they may go around posting warning lawn signs anytime soon. If you are looking at this article, it is very important that you share this article with those in need of an eye opening. Happy suppressions!
Global News: https://globalnews.ca/news/4640420/cra-scams/
C Net: https://www.cnet.com/how-to/how-to-avoid-tech-support-scams/
Canadian Anti-Fraud Centre: http://www.antifraudcentre-centreantifraude.ca/fraud-escroquerie/index-eng.htm
Jim Browning: https://www.youtube.com/channel/UCBNG0osIBAprVcZZ3ic84vw
This blog was written by Dmaster and formatted by @Erzsi_i
Thanks for reading!
For more resources visit: Sage Product Support Resources for help with products in North America