Newsletter Archives

  • Watch out for fake ‘Windows Defender’ scare


    Brian Livingston

    By Brian Livingston

    My readers are reporting a new wave of fraudulent “security warnings” that freeze the screen, threaten to auto-delete users’ files, exhort victims to call what is supposedly a Microsoft phone number, and demand a fee for useless “virus removal.”

    Bogus messages from “Microsoft,” “Google,” and every other famous name in the tech industry are as old as the Internet, of course. But the frauds seem to be getting more intense and, unfortunately, more convincing all the time.

    Read the full story in our Plus Newsletter (20.23.0, 2023-06-05).

  • Randy’s remedies: Oops! — I called the scam number


    Randy McElveen

    By Randy McElveen

    The fact that you got tricked into calling a scammer’s phone number does not mean you’re stupid. It means the world has gotten stupid.

    I remember the vacuum salesman coming to the door when I was a kid. Of course, my mom and dad let them in. They were just people doing their job. They showed my parents what this new vacuum could do, and my parents made a decision to buy a vacuum or not. If they said no-thank-you, the salesman didn’t put a padlock on our old vacuum. He didn’t set any booby traps in our front yard as he left. He just told my parents to have a great day and moved on to the next house.

    Read the full story in our Plus Newsletter (19.49.0, 2022-12-05).

  • Be watchful for scams in the forums


    Talk Bubbles

    By Susan Bradley

    Last week, there was an incident in the forums that was unexpected and of some concern.

    Someone (let’s codename the person “Rogue”) signed up for a Plus membership, then used it to send direct messages (DMs) to several other members. The DM contained a solicitation.

    I took immediate action.

    Read the full story in our Plus Newsletter (19.47.0, 2022-11-21).
    This story also appears in our public Newsletter.

  • The other ransonware scam


    Susan Bradley

    By Susan Bradley

    You can’t decrypt your way back to normal.

    In addition to all the other irons I have in the fire, I help moderate a group that assists information technology professionals in dealing with ransomware as well as other security issues.

    When people ask to join, we try to vet them as best as we can. The vast majority of people joining the group are consultants and firms in the “Managed Service Provider” category who assist small businesses with their technology needs. But there is a second group of people attempting to join, which I’m going to call “the other ransomware scammers.”

    Read the full story in the AskWoody Plus Newsletter 19.05.0 (2022-01-31).

  • How small businesses are easy ransomware targets


    By Susan Bradley

    Yes, they really are out to get us. Recent trends in malicious attacks mean that small businesses need to be more vigilant than ever.

    As exploits rapidly evolve, we face the threat of falling behind in the battle to protect ourselves. On the latest front, simply keeping backups of our data isn’t enough.

    Read the full story in AskWoody Plus Newsletter 17.10.0 (2020-03-09).

  • Tech support scams

    It’s great to see that Google have finally acknowledged their part in dodgy tech support ad scams – on The Register today (by John Leyden):
    Google cracks down on dodgy tech support ads
    Verification programme aims to weed out the miscreants

    So what do you do if you do get caught by one of these scams?

    Microsoft have a Tech Support Scam info page, which details what these scams are, and how to best protect yourself from them. I was surprised to find in this page that they want to hear about such scams, whether the caller pretends to be representing Microsoft OR some other company:

    Help Microsoft stop scammers, whether they claim to be from Microsoft or from another tech company, by reporting tech support scams:

    Microsoft’s Digital Crimes Unit uses customer reports to investigate, take action against criminals, and make referrals to law enforcement when appropriate.

    In addition, the page has a list of known tech support scam phone numbers – this is not just a list of U.S. numbers, either.

    Another Microsoft Secure blog, Teaming up in the war on tech support scams, dated April 2018, gives background on the problem, including social engineering aspects.

    Your government may also have a portal for reporting such scams, such as:
    For Europe, see:

    In addition, other companies also have scam reporting options, such as:
    Dell: (does contain links to report)

    @swiftonsecurity’s has a great summary of phishing, evaluation, reporting information, that’s well worth checking out. While it’s primarily focused on US reporting, there is a lot of useful information for everyone.

    While we need to keep on our toes as citizens of the www, reporting scams may just help to rein in this wild west aspect of it.

  • Fascinating detailed study of tech support scammers

    You know the scam: A web page tries to convince you (sometimes forcefully) that your system is infected. Getting away from that site can be very difficult. The scammers feed on naive users, frequently swindling them out of hundreds of dollars.

    In a new study from Stony Brook University, entitled “Dial One for Scam: A Large-Scale Analysis of Technical Support Scams (PDF), authors Najmeh Miramirkhani, Oleksii Starov, and Nick Nikiforakis built “an automated system capable of discovering, on a weekly basis, hundreds of phone numbers and domains operated by scammers.” They also contacted 60 different scammers and collected details about the scams.

    Here are just a few of the study’s many surprising results:

    • While 15 different telecommunication providers were used, four of them were responsible for more than 90 percent of the phone numbers used by scammers.
    • Although the average lifetime of a scam URL is approximately 11 days, 43 percent of the domains were pointing to scams for less than three days.
    • 69 percent of scam campaigns have a lifetime of less than 50 days.
    • The average call center houses 11 technical support scammers, ready to receive calls from victims.

    The study also talks about the use of Content Delivery Networks “such as CDN77, CDNsun, and KeyCDN [which] offer free services without requiring a phone number or a credit card. In addition, every uploaded scam page gets its own random-string-including URL which can not be guessed and thus cannot be preemptively blacklisted.”

    The study includes a long list of social engineering tricks that scammers use; a geographic breakdown (“85.4 percent of them were located in different regions of India, 9.7 percent were located in the U.S., and 4.9 percent were located in Costa Rica”); and a call for browser manufacturers to “adopt one universal shortcut that users can utilize when they feel threatened by a web page.”

    It’s a fascinating expose of a topic that affects all of us.