Symantec security ops manager warns of new phone support cyberscam

"Of course", she said, "there is no virus to fix."

According to Cox, the scam is noteworthy because, instead of using applications to convince users that their computer was in trouble, this particular group was phoning users directly to tell them that they had a virus on their computer – "but thankfully help was at hand."

"The company in question, Online PC Doctors, offers to remotely connect to your computer to clean up the infection. All for a fee of course", she said.

"At first glance, the website for this service looks pretty legitimate: However digging deeper, the poor English used is a bit of a giveaway that something is amiss here. We decided to look into this further and avail of their offer of assistance. I assumed the guise of a computer novice and had a clean installation of Windows XP ready for them to work their magic on", she added.

Cox says she told the remote 'company' that her computer was running slowly and the assistant – 'Brian' – said it as due to a virus and walked her through the Event Viewer.

"Brian could arrange for a 'certified Microsoft technician' to fix these problems for me. They set up a remote session with my computer and proceeded to take action to 'fix' it", she said in her security blog posting.

The end result was that Cox was asked to pay an annual subscription of €129 – or €250 for two years.

"In order to pay for this service I had to send them an email with my full name, address, phone number, email address, and full credit card details. I also had to write in the email that I authorised them to charge my credit card," she said, adding that she was also asked to fax them a copy of her driver's license.

Fortunately, the Symantec security expert sent a lot of fake information and IDs – excluding the valid card number – to the 'company.'

There are, she says, a lot of worrying points here.

"Firstly, this company had lied to me by telling me I had a malware infection. I then had to pay 129 euros for them to clean up this so-called infection. I also had to provide them with a number of personal details, including my credit card number", she said.

"Unfortunately security software can't protect against this type of social engineering. If you get a call from the 'Online PC Doctors', just hang up and advise your friends and family to do the same", she added.

Cox has posted an interesting video online showing the 'Online PC Doctors' in action.

What’s Hot on Infosecurity Magazine?