A group of scammers masquerading as Microsoft technicians is using the WannaCry ransomware threat to scam users in the UK.
Scammers have reportedly extorted £320 from a victim by offering protection against ransomware attacks.
The said scammers, by claiming to be technicians at Microsoft, are now contacting gullible users to claim that they can help the latter ward off ransomware attacks on their computers. With users' permissions, the scammers then gain root access to their systems and charge money for installing anti-virus software which is otherwise available for free.
A Teesside resident recently encountered a pop-up window on their system which warned that the system was affected by WannaCry Ransomware and that the resident had to call a number to receive assistance. According to Cleveland Police, the victim called the number and the person on the other side charged £320 to install an antivirus software which was otherwise available for free.
“It is important to remember that Microsoft’s error and warning messages on your PC will never include a phone number. Additionally, Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication they have with you must be initiated by you,” said a Cleveland Police spokeswoman.
Spammers have often used similar techniques to extort money from gullible victims who have little knowledge of cyber-crimes or cyber-security practices and tend to trust what they encounter online. Jeremy Swinfen Green, Head of Consulting at TEISS, believes that trust, or rather inappropriate trust, is a huge issue online and one that cyber security professionals have difficulties in combating.
"The number one rule is to be sceptical. If something doesn't look right online, then check it out rather than trusting it blindly. A simple online search using some words from any suspicious message (in "quote marks") may reveal that your suspicions are correct. You should also look out for phrasing that seems odd," said Green.
To ensures that you are not scammed by hackers or online extortionists, you need to ensure that your system has the latest security software, your password features a combination of letters, digits, and characters and that you are not connected to an unsecured public Wi-Fi hotspot. You can also use the website HaveIBeenPwned to check whether any of your accounts has been hacked.