During the first quarter, I have been warning about the coming wave of Windows XP-related scams having to do with the April 8 End Of Life of XP. Here is what you can expect, and many variants will follow. It is important to warn your end-users about this, even if they -are- running more recent versions of Windows, because often they do not know what version they actually are running, and easily get scared into doing something that may damage your network.
So here is the scam, cybercriminals either send phishing emails or make cold calls and claim to represent either Windows Helpdesk, Microsoft Tech Support, Windows Support Group, or other Microsoft support teams.
They claim that there are now no more official security patches for XP, (true) refer to the Windows popups stating: Windows XP End of Support April 8th, 2014, but Microsoft still releases updates for Win7 and 8, (true) and that hackers have analyzed these updates and found new security holes in Windows XP that cannot be fixed anymore (half-truth). Next, the bad guys claim that they -do- have an urgent update but that they need to apply this patch manually (blatant lie). The end-user gets tricked to allow remote access to the scammers, using admin tools like join.me and others.
Once that is the case, the bad guys own the workstation of the employee and can hack into your network, or they take over their home machine and try to charge them hundreds of dollars on their credit card. So, urgently remind your users (again) of the following:
"In the office or at the house, when anyone sends phishing emails or calls claiming to be from 'Support', and claims that they need to 'update' your computer for any reason and ask for remote access, hang up the phone immediately and report the email or the call to the correct team in your organization." (Note: often these callers have foreign accents.)
Redmond's Security Center states neither Microsoft nor its partners make unsolicited phone calls, but end-users often do not know this. For the rest of this year, we need to be on the look-out for XP-themed scams like this. Security Awareness Training is a must these days.