It’s being reported at Mercury News and on Microsoft’s security website that there is a growing trend of people receiving unsolicited phone calls from someone purporting to be a Technical Support Specialist from either Microsoft or other large computer company.  But the instructions they give people to “fix” their computers actually installs remote access software without the owner’s knowledge which allows the scammer to take control of the computer at a later time for either collecting personal information, sending spam, or worse.

This is very unfortunate and disconcerting for folks, like myself, who are in the Support business as it can make current and potential clients leery of Support calls as well as some of the tools we use to provide service.  The ability to access a client’s desktop remotely saves both time and money for both the client and support personnel.

Legitimate tech support folks should never install any program or application without the approval and knowledge of their client.  Especially remote access software.  In fact, in most cases where remote access software does get installed, we set it up so that the client must purposely start it before we can connect to their desktops to help them.  It’s only in those cases where a client wants us to have odd hour and ad-hoc access to system is the remote access software left running.

As for unsolicited support calls, my advice is to validate the caller.  If you don’t know them, either check with someone who should, or ask the support technician to call back through their regular contact or liaison with your company.

It sounds like something from the movies, but there have been several incidents in the last few months of High School students hacking into their schools’ computer systems to change grades.

In New Jersey, three Haddonfield Memorial High School students used keystroke capture software to get passwords that allowed them into secure areas of the schools computer system where they changed their grades.  In California, a Tesoro High School student hacked into a database to change grades for himself and other students, and at Winston Churchill High School in Maryland, several students stole password and tampered with grades.  And at Ocean Lakes High School in Virginia, a student was caught printing a list of names, ID numbers, birth dates, and Social Security numbers of other students from the schools computer system.

It’s a typical problem for school administrators.  Students have a much better grasp of technology and it’s inherent strengths and weaknesses than the majority of adults do.  So it’s important for school officials to maintain good working relationships with the district IT folks and for instructors to keep a close eye on students using school computers while maintaining open communication between students and teachers.

It’s also important for parents to monitor what their children are accessing on the Internet from home.

Technology can help at the schools.  Something as simple as using different background colors of student and faculty computer screens and pages will make it obvious at glance where a student has logged in to, or providing faculty with information when they login of the last several login attempts can also help identify accounts that have been tampered with.  There are many ways schools can help to reduce the risks and opportunities for students to hack their systems.

At home, there are also a number of ways parents can monitor computer usage, from the installation of “Nanyware” to using routers with built-in web proxies and filters.  But probably the easiest and quickest way would be to move the computer into the most trafficked room of the house, either the kitchen or family room, so it’s easy to simply glance at the screen while walking past.

In the Ukraine, selling fake anti-virus software via scare tactics (scareware) is big business estimated to be reach over $300 million in 2010. 

These scareware programs, coupled with flashy websites, offer to run free anti-virus scans on users’ computers, then claim they found a number of viruses — viruses that can only be removed by purchasing their unique anti-virus software, costing anywhere between $30 and $70.  The problem is: the viruses don’t exist, and the software either does nothing, or worse, actually infects the computer with it’s own viruses and trojans. 

The owners of Innovative Marketing, a company purported as one of the leaders in this scam, are now facing criminal charges in a Chicago court.  Just two months prior to being charged with computer and wire fraud in Chicago, they were ordered to pay $163 million by a Maryland court for civil suit brought against them by the FTC.

Although it seems Innovative Marketing may have closed their doors last year, the Ukraine’s Interior Ministry says they could be operating from a different location.  Researchers point out that many of the company’s scareware scams are still running.

For more information, read the detailed article at Time.com:
http://www.time.com/time/business/article/0,8599,1998055,00.html.