A trick to give away a USB with free office software.
On an early August afternoon, a pensioner in Worcestershire, UK received a free bundle that included an Office 365 box with a USB stick.
Then he plugged in the USB and tried to install the software in it. Because of a botched operation, he asks his friend to check on him. This friend is the mother of Martin Pittman, a cybersecurity consultant in Athens.
“The USB shipped appears to be an Office 365 product,” Pittman said. Sky news.
Inside and outside the box with the Rugged USB. Photo:ky news
Pitman said that when the USB stick was inserted into the computer, a warning immediately appeared on the screen that the software contained a virus and caused the computer to freeze. Then a window will appear with instructions on how to fix the problem: “If you need help and want to solve the problem, you need to call a toll-free number to get your computer working again.”
The person is then instructed to call the phone on the screen and install the TeamViewer software (remote access program). Once installed, the scammer will continue to ask for an ID number and password. This time you are in control of the victim’s computer.
Here they further announced that he would provide the information to the Office 365 team to complete the registration request, but that they would ask for his credit card. Suspecting fraud, he asked his girlfriend to call their son Pittman.
Pittman soon stopped asking the mother’s boyfriend for more information, hung up and immediately turned off the computer. “The good news is that he didn’t give the card details to the bad guys. After assessing the damage, I recommend contacting the bank to put the card on hold,” Pittman said.
According to this cybersecurity expert, nowadays, “gifting” an infected USB drive to a scammer is not a new trick, but rather an uncommon one. “Unlike other methods of deception, sending victims via email or other cheaper, faster, and more common forms of online deception, such as USB, is slower and more expensive. This means cybercriminals are less likely to lose funds to other cyberattacks,” Pittman said.
answer Sky news On August 17, Microsoft announced that it had launched an internal investigation. A company representative stressed that the USB and the product packaging were fake. This person admitted that they had seen examples of similar counterfeit products before.
According to a Microsoft representative, this type of scam is not really common. “There are other methods that attackers are increasingly using, such as sending emails. A Microsoft spokesman said the emails contain malicious code to trick victims into accepting activation codes for Office products, but actually trick them into downloading viruses.”
The Office suite currently sells for $70 per year, so this is a software giveaway that many people will fall for. Microsoft discourages users from plugging in third-party USB sticks or clicking on suspicious links. Also, people should not trust the company’s products which come with inherent costs and are offered online for free.
Bao Lam