Scam targets Windows users in businesses small and large

Scams and viruses come in all sorts of shapes and sizes and are often used in a creative way to convince us that what we are seeing is anything other than a scam.

One of our clients recently called us because they had clicked on a link to a website (one they visit numerous times as part of their working week!) and a warning had popped up from Windows.

Windows Defender Security warning

The warning was from the Windows Defender Security Center with a warning ‘Threat detected: Trojan Spyware’.

It explained that ‘access to this PC has been blocked for security reasons – and access had been blocked as the employee was unable to click off the warning or access any part of their system.

Text behind the warning block also detailed that email credentials, banking passwords and social platform log-ins had all been compromised.

To solve the problem?

Allegedly, the user simply had to click “allow”.

Luckily the employee who received the warning had received phishing training and was immediately able to spot that the warning was not real.

  1. The warning created a sense of urgency – this is very popular in phishing scams
  2. The user was being asked to click on a link – always be wary of that!
  3. The warning was accompanied by a voice speaking the warning through computer speakers – VERY unusual.
  4. The warning just ‘didn’t look right’.

All of these aspects of phishing had been covered in the training and the employee immediately alerted us as their IT support team.

Antivirus software

In this case, the computer in question was brand new, not bought through us and had circumvented the setup process.  Our IT team had antivirus software on every other machine in the company – except this one…

We were able to sort that within a few hours and there have since been no other issues.

However, had that member of staff not received phishing training and not alerted us it could have been very different.

That particular Windows Defender Security Warning was not real – it was a phishing scam that used the authoritative name of “Windows Defender” designed to make the user urgently take steps that would have led to the computer being infected, or perhaps to convince an employee to share personal data that could later be used in financial fraud or identity theft.

Phishing training

Training employees on how to spot scams is an extremely important part of IT security, and should be part of your onboarding process.

If it is not already, please do get in touch with us about the phishing training that we can offer, including phishing simulations that can help identify those that may be vulnerable.