A phishing site or spoofed site is a site that looks legitimate and like one that you know and trust. You may have gotten there by mistyping the web address or clicking on a link in an email that looks legitimate but really links to the phishing site. Always check the spelling of the web address especially when going to your bank or other sites where you provide a password. The methods the scammers use may differ but their goal is always the same: to rob you of your sensitive information and ultimately, your money.
Already, one of our local residents here at the Imperial Dam LTVA has been attacked by one of these scams and got hit for about $189.
The scam is to lure you onto what you think is a legitimate website in order to get your credit card information and to gain remote access to your computer to get the rest of your sensitive data. While on the fake site, it pops up a very official-looking window with a “Microsoft Warning” title. However, it could be any company identification familiar to you, not just Microsoft. It says something like, you have been infected by a virus and to not shut off your computer or proceed to any other websites until you call the phone number displayed in the window.
Upon calling the number, the fake “techs” offer to get rid of the virus for a fee. As we said, our local Imperial Dam resident paid about $189 for this “service”. They also want you to grant them remote access to your computer so they can “clean it up”. Instead, with this access they are able to install a “rootkit” on your computer. A “rootkit” is software the scammers install that enables them to gain control of your computer system and in turn, your life, without being detected. It is a hacker’s “dream machine”.
A rootkit, like a vampire, has to be invited in. So, by granting the scammers access to your computer, this is exactly what you’ve done, invited the vampire in. If you’re like most people, your most sensitive information is stored on your computer like your passwords, social security numbers, bank accounts, etc. The scary part is that a “rootkit” in effect, becomes part of your computer’s “root” Operating System. It sits in the background enabling identity thieves full access to your computer and thus your life.
One of its weapons is a “keylogger” which watches every keystroke you enter into your computer looking for passwords, credit card numbers, social security numbers, etc. It gathers information and sends it to the scammers, without your knowledge, any time you’re connected to the Internet.
If you feel you have been the victim of one of these scams, the first thing to do is disconnect your computer from the Internet or any local network to which it is connected. Then call your bank, cancel your credit card and report the fraud. If you gave the scammers access to your computer, chances are they did install a rootkit.
The bad news is that rootkits are very hard to detect and destroy. Again, it becomes part of your “root” Operating System which generally makes anti-virus programs and malware detection software installed on that computer incapable of detecting it. We’ve found the only guaranteed way to insure that your computer is safe is to “flatten” it by reformatting the hard drive then reinstalling the Operating System and programs from scratch.
Flattening a computer means that you will lose everything you have stored on it. Even if you can still get access to your data, like photos, documents, videos, etc., we don’t recommend saving those as there is a good chance that they are infected as well. If it’s essential that you disinfect and restore your data, do so on a portable drive that is isolated from any other computers or local network or the Internet.
Even if you’re successful in saving your data, if it has been infected, every time you open an infected file like a photo or document or video file, you risk infecting your computer all over again. If you do back up your data from the infected computer, use a “dumb” USB-connected drive. Then, from a clean, uninfected computer, it’s possible to run virus, malware and rootkit scans on the portable drive.
However, we recommend an expert do this as this could also infect the clean computer if you make a mistake. This is usually beyond some millennial in a local store who thinks he knows what he’s doing. You’ll need to find an experienced computer professional and like anything, you get what you pay for. The safest way to save your data is to regularly back it up before you get infected. Saving your data to the “cloud” (Internet-based storage) can get expensive if you’re on a metered connection. But portable drives that you plug into your USB port are relatively small and inexpensive and hold a lot of data.
Reformatting your hard disk and reinstalling the Operating System needs to be done by an expert who knows what he is doing. Explain what happened and don’t let anyone try to talk you into trying to remove the rootkit. Take it from the author of this article, a computer scientist with 40 years experience, if you try to remove it, you’ll never be sure that it’s completely gone.
Also, make sure that whoever reformats your hard drive does a full reformat, not a “quick” reformat. It’s important that the system is completely “flattened” because the rootkit operates at the lowest system level. Also, after reinstalling the Operating System, make sure there’s an anti-virus program in place, like Windows Defender for Windows 10. When you get the now clean computer home, it’s important to keep the virus definitions updated regularly.
You have probably heard the most horrific stories about people losing their homes, identities, money and basically their lives to Internet scams. Make no mistake, if you’re not aware of what they’re trying to do, this scam can happen to you even if your anti-virus software is up-to-date. This type of scam is dependent on human error. Note: This specific attack appears to be targeting senior citizens. So from this point on, “put awareness first”. Stay safe out there, the Internet can be a dangerous place.
Be sure to check in at the imperialdam.com website for more information on safely using your computer while saving money at remote locations like the Imperial Dam LTVA. Also, take a look at the Online Security Guide at the US Freedom Network for information on staying safe online.