Roland Parker: Hi, this is Roland with Impress Computers. Impress Computers has been supporting businesses with the IT since 2003. So for the past 20 years, we’ve been helping keep businesses in the Houston and surrounding areas secure and safe. Today with me, I’ve got Marlon and he’s part of the Impress MSP IT team that helps keep people secure. Absolutely. Thank you, sir. So a big thing that we’ve seen catch a lot of people out is the Windows Defender Security Center scam. So it pops up on the machine. What are the bad guys really trying to get get from this? Right.
Marlon: So I can tell you that one of our clients, we received a ticket. He was trying to go to log me in. And then basically what he did, he just searched for log me in. And you see, when you do this, basically you’re not going to the site. You’re just doing a Google search.
Roland Parker: So instead of going directly to the site and that’s what the bad how the bad guys catch you Absolutely. If you do a search, whether it’s Microsoft support, HP support.
Marlon: Or they pay to be at the top level on the sponsored. So first thing that you think is to click on the first thing, at least most of the people. And so that will lead you to their site. And then you get this huge screen pop up with video in an autoplay with audio saying you’re being infected, your machine is hacked. You have to contact this number.
Roland Parker: Don’t shut the machine.
Marlon: “The machine down. This is Microsoft. We’re going to get you with level whatever tech support, which is obviously a fake. It’s a fake pop up. It’s a scam. It’s people trying to get you to fall for it”it.
Roland Parker: Now, now, at that particular point, before the user does something, even though it’s scary, yeah, we kind of call it scary. Yeah, They’re not actually infected at that point.
Marlon: Absolutely not.
Roland Parker: But what happens if they phone the number or hit the X to close it down?
Marlon: So that’s the the, the bad part. If you call the number, if you try to click on the X, a lot of times it will auto run from the window and executable and your computer can get infected at that point. Um it’s kind of look at it from a ransomware point of view. You know how you can download an attachment like an Adobe attachment and then it automatically starts infecting the machine. And then if you’re in an environment where it’s an organization, it goes file by file. You know, you have a map, drive to the server. It will go into that map drive. And from that map drive, it spreads out into the whole server, into your whole environment. So rule of thumb, do not call the number, stay away from, call.
Roland Parker: The number and you give them access to your machine. You you could be giving them the keys to the kingdom.
Marlon: Absolutely. Yeah. We’re talking bank accounts, passwords, you know, personal information that maybe even Social Security numbers that could potentially leak out there for people to steal.
Roland Parker: Think what a lot of people don’t realize that X when it’s a fake X, it’s just it’s just.
Marlon: A program.
Roland Parker: So the program is going to tell that computer what to do.
Marlon: Exactly. So basically they code it out. Yeah.
Roland Parker: And we also did see that that one company that came in. Pretty small organization, pool, pool builder. But what then happened is that the hackers gained access to the machine and then they tricked them into giving them the two factor authentication by pretending to also be a bank.
Marlon: So now that you mention that. Nowadays, for those who have two factor authenticator, be careful because you we’ve started to see where scammers will call the company the IT company and say hi this is Rolin from in-person Peters I need my computer password or my two factor authenticator or whatever the case is if somebody else has access to that and that can be shared with somebody that called pretending to be that person, you’re out in the wild.
Roland Parker: So like that one case, they actually pretended to be the bank and they said, we need to prove who you are, who you say you are, that you’re the owner of the company, we’re going to send you a code. And they shared the two-factor authentication, but it was a scammer. So they you gave them the two factor authentication, which gave them to the bank. So you really got to be on the lookout. But in this particular case, they’ve got the pop up, it’s on their screen, the thing screaming at them. People are freaking out. Scary.
Marlon: Yeah, you’ve.
Roland Parker: Got to calm down. And there’s a little trick that you can do. So the.
Marlon: Magic trick.
Roland Parker: How does somebody now close that safely and prevent themselves from being infected? Absolutely.
Marlon: So. You get the screen, like Roman said, don’t freak out. All you need to do is control alt delete simultaneously on your keyboard, and then it gives you a window with a couple of options and you’re going to select the last one. I think it’s called it’s task Manager.
Roland Parker: Now, you can also get to the task manager control shift Escape. It’ll bring it up.
Marlon: Absolutely. Either or whichever way you guys want to do it.
Roland Parker: But where do you go from there once you’ve got your task manager?
Marlon: So first of all, you got to make sure which browser you have open. If you have multiple, I will say close them all just to be on the safe side. If you don’t know which one it is, maybe you’re freaked out and you don’t remember where you were. Um.
Roland Parker: But basically highlight all your browsers and.
Marlon: Then End task. So you click on the On the Edge browser or Chrome, and at the bottom right corner you’re going to have an option that says end task. And once you do that, it closes automatically the window for you. Now if you reopen the window edge the browser, sorry, um, it will ask you to restore the tabs that you had opened. Just just exit out of that.
Roland Parker: Click on Restore because you’re going to be back in the same.
Marlon: Yep, that’s it.
Roland Parker: And the next thing that’s very important is to make sure you clear your temporary internet folders because that’s normally where that pops up from. So if you go to disk, clean up just by typing it in the bottom.
Marlon: You’ll get a little window
Roland Parker: It’ll ask you to you can check the boxes and then you just say delete. And those are just temporary files. You can get rid of them. Reboot the machine and you should be safe. So the thing to remember. Never, never, never hit the X, never call the number. And really, rule of thumb is never give somebody access to your computer that you don’t 100% know who they are. Because if they could say they’re from Microsoft, they could say they from HP or Dell or whoever, wherever. But if you’re giving somebody that you find and they’re going to access your machine, that’s a dangerous situation because once they’re there, they can install keyloggers, they can capture all your passwords. So that’s the next thing is, you know, don’t save don’t save your passwords in your browser.
Marlon: Absolutely. That’s a that’s a pretty heavy topic nowadays. And there’s a lot of software out there we use in house for our companies and everybody, a software that basically you can sync with your server, your Microsoft account, and people can also use it from their phones to where you can reset the password from your phone. And it also has the security feature to where it automatically forces the user to change the password. And this is 101 security. You know, if. Regardless if you think you’re safe or we’ve even had the excuse that the user has been there for so long and they know them for so many years, it’s still a bad habit. Change your passwords.
Roland Parker: And at the end of the day.
Marlon: Yeah.
Roland Parker: Somebody clicks a link and it could be on a text message. It could be on an email.
Marlon: We even had the, the um, energy company where they had the wire transfer. Yeah. They interfered into the email and, and they transferred like $250,000 to a scammer.
Roland Parker: Yeah. Because once they’ve got access to the email, um, they quite often are not doing anything malicious at that point. But they’re watching. Watching. Yeah. And then they intercept, they spoof somebody’s email, they copy the signature and before you know it, they’ve tricked you into transferring money out of your 100%.
Marlon: 100%. Now, in regards to what Rollins said, when they watch you in intercept, we also have a security, uh, uh, stack in place on the email. So let’s say you’re sending emails back and forth with Roland and Marlon. And a scammer wants to intercept and then they change. They’ll add a m or M, you will receive a banner that you received a message from an unknown sender.
Roland Parker: And straight away, that’s a red flag. A red flag. And then you can see, oh, wait a minute.
Marlon: And you have to make sure you stop and read because a lot of people may see the banner and it says Roland. And then, Oh, yeah, it’s Roland. Whatever report say, No, no, no, no, no, no, no.
Roland Parker: Getting emails from that person and suddenly it says you’ve never received an email from this person.
Marlon: Yeah, right.
Roland Parker: It’s like, Well, and the chances are you’re going to get trying to spoof the email and trying to get you compromised.
Marlon: Yeah, that’s it.
Roland Parker: So that’s Roland and Marlon from Impress Computers. Remember those tricks? General rule of thumb, don’t click on links, don’t click on attachments, don’t find the number. And if you’ve got any questions, you can give us a call 2816479977.