In fact, we have seen reports of quite a few snippets of social engineering that are worth noting.
There are other aspects to the problem that have been highlighted in comments to our blogs that are worth mentioning.
We have seen indications recently of scammers wanting to receive payment via PayPal: unfortunately, we rarely have enough direct information to pass on usefully, even if those who report incidents gave us permission to share their data.
We're also getting more and more reports from countries where most people's first language is not likely to be English, including Scandinavia, the Netherlands, France, Switzerland and Portugal. I guess you could include South Africa in that category, too. Recipients of the call in these countries who have asked why they were calling in English rather than the native language of the region were told that the were not allowed to use other languages. Well, that's convincing…
Many of the comments I see ask are concerned about what damage the scammer might have been able to do while he or she had access to their system. My usual response is that while I can't comment on the state of their individual system – Microsoft isn't calling me to tell me that anybody's machine is infected ;-) – I haven't been seeing reports of scammers deliberately planting malware onto a system, though I did receive a report earlier this year of a known scam site linking back to fake AV. A TV channel in the US is in contact with a computer expert who claims that malware planting is happening and that he tricked a scammer into infecting a virtual machine. However, I'm not able to verify that claim from the article or the accompanying video, or to determine what malware might have been involved. We do have documented evidence of scammers uploading free versions of legitimate but largely irrelevant utilities as part of their 'service' – indeed, Martijn Grooten will be talking about this in our Virus Bulletin presentation – and it may be that this is what happened here. I've asked for more information, and will pass it on accordingly if I receive it. Certainly we'd be interested to hear if anyone knows of a confirmed instance of such an infection.
However, interesting though all these stories are, the takeaway message for most people must be that if someone calls you out of the blue about computer problems you weren't aware you had, it's almost certainly a scam. If you care to pass on information about such calls as a comment to this blog, we're always interested in seeing what the latest ploys are, but we don't recommend that you give them any access to your machine unless you know exactly what you – and they – are doing. For most people, the safest course of action is to refuse to get into any discussion with them.
David Harley CITP FBCS CISSP
ESET Senior Research Fellow