***Based on actual events. Some details have been altered or enhanced for entertainment purposes.***
This topic was inspired by a book I’m reading called The Art of Deception, by Kevin Mitnick & William Simon. Kevin Mitnick is a world renowned con-artist who scammed a lot of people by getting them to give him seemingly harmless information and then putting all of that information together to get what he was really after. He has since switched teams and now works with agencies and businesses all over, helping them figure out what their vulnerabilities are and what they can do to tighten up security. I have no idea who William Simon is.
The topic of this book is all about social engineers – people like Kevin who work tirelessly to gain sensitive information for profit by convincing you first, that they’re your friend and then asking you for whatever it is they need.
It occurred to me when reading this book that I’ve already encountered my share of social engineers. In fact, I’m willing to bet just about everyone who reads this has had a social engineer cross their path at one point in time or another.
For me, the most entertaining and persistent social engineers were the individuals who called claiming they were from Microsoft. When I was living in Georgia, I was plagued by these phone calls. They called several times a month. The scam was always the same: We’re receiving numerous error messages from your computer and with your help, we can go in and fix the problem.
Here’s how I knew this was a scam. According to Microsoft, an estimated 400 million devices are running Windows 10. This next number varies from website to website: there are an estimated 100,000 employees working for Microsoft. If Microsoft were actually monitoring every device running Windows 10, each employee (secretaries, janitors, sales reps, security, engineers, programmers, developers, cafeteria workers, etc.) would have to monitor 4,000 users every day. That’s not possible. Microsoft doesn’t have the staff or budget to handle something like that.
After receiving the first two phone calls from “Microsoft” I decided to have a little fun with next caller.
Scammer: Yes, hello. I’m calling from Microsoft. We’ve detected a number of error messages being sent from your computer. If you follow my instructions, I’ll help fix the problem.
Me: Now’s not really a good time.
Scammer: It’s important that we do this now. If we don’t, serious system issues could result later.
They always sound urgent when they call, trying to rush or panic you into being cooperative.
Me: Yeah. The thing is, I’m pretty sure this phone call is being monitored by the police. I’m a person of interest in the disappearance of my third husband which is really unfair. Just because my first two husbands were found dead with a certain appendage missing does not mean my third husband is going to be found dead….and definitely not with a certain appendage missing because…well…maybe the real killer didn’t have time to remove it because a car was coming down the road. Things happen and sometimes basic survival instincts supersede criminal signatures. Not that I would know anything about this….you know….in case someone is listening to this phone call……. Besides, my first two husbands weren’t the nicest people. They were total scam artists – always trying to get something for nothing.
Scammer: Um….I see….Yes….well….
Me: I can hear you, DICK LICKER!
Scammer: Excuse me?
Me: Huh? Oh. No not you. The people listening to our conversation. I can totally hear them. Can’t you? There’s that strange clicking sound coming from somewhere……..(singing badly) SOMEWHERE OVER THE RAINBOW, WAY UP HIGH….
Scammer: Yes…..that’s very nice–
Me: Shush. Don’t interrupt! It’s rude. THERE’S A LAND THAT I’VE HEARD OF ONCE IN A LULLABYE!
Scammer: I can see this is a bad time for you. Perhaps we can schedule another time for me to call you back?
Me: Sure thing. Would you like to do it before or after my arraignment? SQUIRREL!
Scammer: A…what? Did you say squirrel?
Me: Just for the record….if I happen to be in custody when you call back, I’m not wasting my one and only phone call on you.
Scammer: I see. I’ll call you back tomorrow.
Me: I won’t be home. Have a nice day!
The fact that my phone could’ve been monitored by the police did not deter these people. And sure enough they called back….again and again and again.
The best thing you can do if you ever receive a phone call like this is hang up. Do not engage! You never know what information you might accidentally give these guys that could prove useful to their cause. Also, if you do receive one of these phone calls, report it to Microsoft or whatever company they’re pretending to be from.
Clearly I’m not smart enough to take my own advice. But some of the conversations I’ve had with these guys are too entertaining not to write about it. Plus, being that I’m a stay-at-home-mom to two tiny kids, I have an awful lot of days where I feel like this:
Sometimes I crave human interaction so bad I’ll talk to anyone…..even scammers. Sigh……I should stick to blogging.
And now it’s your turn to tell me. Have you ever received a call from “Microsoft” or any other telephone scammer? Please tell me about it in the comments.