Microsoft phone call scam

CERT.be Advisory

Reference: CERT.be Advisory #2017-002
Version: 1.0
Type: Scam, phishing, vishing, hacking

Risks

Attackers could get users to make a payment and/or install malicious software in order to gain full control of the computer.

Summary

CERT.be has recently seen an increase in reports of fake Microsoft support calls. The victim receives a phone call from someone claiming to work from Microsoft Support, often under pretext of a virus infection on the victim's computer.
The attacker then proceeds to give some instructions to the user in order to remove the (non-existent) virus. These instructions might include opening the command line (CMD), checking for a specific value, and/or installing TeamViewer, LogMeIn, GoToAssist.me or similar software.
If the user doesn’t comply, the attacker might threaten to cut the victim’s access to Microsoft accounts/computer files.
The attacker might only speak English.

Recommended actions

If exposed to such a scam, the advice is to hang up immediately and report the incident directly to Microsoft at the following URL:
www.microsoft.com/en-us/reportascam/
Additionally, the victim can send an email at cert [at] cert [dot] be containing all the available information and contact the police.