Microsoft has issued a warning to customers after discovering that threat actors are using their brand to defraud and exploit people in a variety of ways…
Instances identified by Microsoft have included fake tech support phone calls and emails purporting Bill Gates-themed lottery spam mail, with Excel spreadsheets containing malicious macros.
A more recent concern involved threat actors reproducing imitations of Microsoft products. One package appeared to be manufactured to a convincing standard and contained an engraved USB drive, alongside a product key.
Upon connecting the USB to a device rather than the advertised software from Microsoft, the victim saw a popup for a fake tech support line. According to Martin Pitman, a cybersecurity consultant for Atheim, the warning screen appeared saying there is a virus, and encouraged the user to get help to fix the issue by calling ‘support’.
Should the number be called, the fake helpdesk were reported to have installed a remote access trojan (RAT) and take control of the device.
Baiting attacks are not new, they target specific victims and rarely use postal packages for various reasons.
However in this case, the threat actors - who are suspected to be operating from the UK - targeted random people using the postal packaged.
Such targeting may seem inefficient, but if you send out a thousand counterfeit Microsoft Office packages and steal money or exploit a few dozen people, the act will quickly pay for itself.
Moreover, it could be more efficient than sending out millions of fraudulent emails, as individuals become more vigilant of email scammers.
Overall Microsoft is aware of the issue but says it is a rare occurrence. However, it is not so rare for Microsoft to be mindful of it and launch an internal investigation.
In the interim, the company have resorted to distributing software via the internet and advised customers to visit the appropriate Microsoft support page to find out how to avoid fraud and scams.
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to firstname.lastname@example.org. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).