German police arrested two suspects in Wilhelmshaven, Lower Saxony for running a fake Microsoft support center.
At the end of February, the cybercrime team of the Wilhelmshaven police searched residential and business premises in the Wilhelmshaven area arresting two suspects and gathering extensive evidence in the case. According to police information, the two defendants allegedly worked for an international criminal organization, disguising as Microsoft employees and providing telephone support for customers who had been infected by malware. Law enforcement authorities did not enclose whether the two suspects directly infected the computers of the victims. However, since they were allegedly part of an international criminal organization, they possibly knew that their gang had infected the victims.
The victims of the suspects reported that they had seen a 0800 phone number appearing on their blocking screen, under which the help would be expected. However, behind the number, the two fake Microsoft employees asked for payments from the victims to get their system up and running again. The Wilhelmshaven police investigate the two suspects for alleged connection to international cybercriminal organizations, business-committed computer sabotage, and extortion. The district court of Osnabrueck issues warrants for the two defendants, however, they had been put out of action after the judicial hearing of the accused.
Investigators in the case will now contact the injured parties and clarify the contribution made by the suspects. Microsoft had supported the local law enforcement authorities with the company’s Digital Crimes Unit, which is responsible for carrying out its own cycled criminal investigations on the basis of “state-of-the-art” analytical methods.
Microsoft pointed out that there are further fraud attempts in connection with the current case in Wilhelmshaven. The company reported that there could be missing payments in the case, which victims paid to the fraudsters. The tech giant added that these types of fraud could lead to the damage in the four to five digit range.
According to the tech portal zdnet.com, this type of scam has been around since October, last year. The news site reported that hackers use a “severe” warning from Microsoft over new Windows malware to trick victims. The malware mimics Microsoft’s free Security Essentials antivirus, and then displays a fake blue screen of death, or BSoD, with an error message and a suggestion to call a number that is different from the official Microsoft support center’s contacts. The malware, called “Hicurdismos”, disables the Task Manager to prevent the user from terminating the fake BSoD and hides the mouse cursor to make the user think the operating system is not responding.
“Cybercriminals don’t just send fraudulent email messages. They might call you on the telephone and claim to be from Microsoft. They might also set up websites with persistent pop-ups displaying fake warning messages and a phone number to call and get the “issue” fixed. They might offer to help solve your computer problems or sell you a software license,” Microsoft warned users about the scam on their official website.
According to Microsoft, real error messages from the company does not include support contact details. The tech giant admitted that they have seen the increasing number of scams involving their tech support center. The firm also added that cybercriminals are becoming more and more sophisticated, and they may ask for money from victims to help solve the “issues” within their system.
Microsoft issued an advice to their customers on their website what to do in such cases:
“If someone claiming to be from Microsoft tech support contacts you:
• “Do not purchase any software or services.”
• “Ask if there is a fee or subscription associated with the “service.” If there is, hang up.”
• “Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.”
• “Take the person’s information down and immediately report it to your local authorities.”
• “Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.”
Microsoft also added that customers should not purchase or install any third-party software for their terminal. Instead, those affected should visit the police and display the fraud attempt there. Consumers can report scam attempts to the Microsoft Digital Crimes Unit through a dedicated website: www.microsoft.com/reportascam.