Cyber criminals have a reputation for constantly coming up with new ways to scam us into handing over our login details and other sensitive data. Whilst you may think that your team would spot an attempted attack, you could be surprised. We have seen a lot of intelligent people, including many business leaders, be caught out.

One of the latest scams is rather retro, this seems to be why people are falling for it. Cyber criminals have gone back to basics. They are now sending USB drives in the post. The packaging and branding on the drives suggests they are from Microsoft (spoiler alert: They are not).

The story is that there is an updated version of Microsoft Office Professional Plus on the drive and it needs to be installed straightaway. Of course, this is a complete lie. Microsoft has confirmed that these packages are not genuine. Microsoft are currently warning people that they would never send out unsolicited packages.

If you plug the drive into your computer, it will detect a “virus” and ask you to call a support line. The scammers at the other end will pretend to remove the virus thus gaining your trust. They then will ask for payment details to help complete your subscription set up.

It is an old-fashioned scam, but we can see how the mixture of the physical USB, the belief it is from Microsoft and the fake support line could be compelling for someone who is busy and just wants to get back to work. We are expecting clever and elaborate attacks through our email. Our guard is down when it comes to this mix of events. We aren’t expecting a physical attack.

We would recommend playing it safe and warning everyone in your business about this scam. This is also a good time to review the software and staff training you use to protect your business.



Published with permission from Your Tech Updates.