The wrong kind of support

IN MARCH 2010, an officer of the Metropolitan Police, who was engaged in the investigation of cybercrime, accessed a popular online music-streaming service. He expected the site to provide access to delightful tunes, but the result was anything but pleasant. Seconds after loading the web page, his machine appeared to perform an anti-virus scan. It then screamed that it had found 265 separate virus infections. Its recommendation? To call a prominently displayed telephone number and speak with an expert to get the machine cleaned up. All for an appropriate fee, naturally. That officer was yours truly. Although I was well aware of fake anti-virus threats at the time, this knowledge was not enough to prevent my machine being infected. On the day I accessed Spotify, this legitimate site was displaying an advertisement containing a malicious program. Many other users accessing the service were also infected. I spent the next few hours removing the fake anti-virus program and cleaning my machine. ACT TO GRIND This type of attack isn’t just an annoyance – it’s a criminal offence. As such, it should not just be fixed and forgotten. It falls under the Computer Misuse Act 1990, Section 3: Unauthorised acts with intent to impair. The impairment, which in this case is causing the computer to stop operating normally, only has to be temporary to count as an offence. Even if you reboot the system and the fake anti-virus disappears, or your own anti-virus software ejects the threat, an offence has been committed under UK law. This type of malicious software evolves constantly, and a relatively new incarnation uses the reputation of the police as a means of tricking victims. Action Fraud, a government-run service that monitors all types of scams, is warning of malicious software that locks the computer and delivers a message purporting to originate from the Metropolitan Police or from the National Fraud Intelligence Bureau. The fake message states that your IP address has been connected with pornography, child abuse or terrorism. It demands a fee to unlock the machine. This ‘fine’ is paid via Ukash or Paysafecard. Even in these days of austerity, UK law enforcement will never ask you for an online payment in this way. WHERE’S TUFTY? Many of us are old enough to remember the highly effective road safety campaigns of the 1970s featuring Tufty, a squirrel who educated a generation on crossing the road safely. His core message of ‘Stop, Look, Listen’ still applies today, and not just when trying to avoid road traffic. There’s a popular trick still doing the rounds known as the ‘Microsoft Support’ scam. The phone rings, and when the potential victim picks up, the caller falsely declares himself to be an employee of Microsoft. The victim is directed to access a relatively obscure area of the PC, such as the Event Viewer logs, and told that the multitude of alerts (which normally appear here) indicates a serious problem. Predictably, they are asked for payment to ‘clean’ the machine of non-existent infections. Your first reaction may be, “I’d never fall for that”. But trust me, people do. I have spoken with a number of savvy, cynical types who have been defrauded into giving up control of their PC and who have paid for the privilege. This type of behaviour is an offence under the Fraud Act 2006, Section 2: Fraud by false representation. The caller knowingly made a false representation with the intent to make a financial gain for himself or another. According to the Crown Prosecution Service, the offence is complete as soon as the caller makes the false representation, provided it is made with the appropriate dishonest intent. You might not fall foul of this scam, but you may know others who have. As they have been a victim of a criminal offence, you should advise them to report it. Action Fraud has both a website and telephone reporting service for fraud, and will take such reports (www.actionfraud.org.uk). The data gathered by Action Fraud is passed to the National Fraud Intelligence Bureau, where it is analysed. This makes it possible to launch a pro-active law enforcement operation to prosecute those involved. SUPPORT RELIEF There is no doubt both scams will keep occurring, due to the staggering amounts of cash being duped from the unsuspecting. Globally, law enforcement is just starting to identify how prevalent the problem is. However, Trading Standards is in the process of setting up a ‘cybercrime’ unit, which could be a massive step in the right direction. Meanwhile, an aggressive programme of awareness and prevention is required. It’s a pity the Central Information Office, which used to run government marketing schemes, closed its doors in March this year, just when we could have done with a ‘CyberTufty’.