The Office of Information Security has been notified that a person(s) is impersonating a Northeastern employee in an attempt to trick students to install remote monitoring software and malware on their computer.
Example of the call:
A student received a call from an “Unknown Number” and the caller identified himself as a Northeastern employee. The caller stated that the student had been downloading “bad things” and “shared content.” The student did not know what the caller was talking about so the caller made the student go through several diagnostic steps such as looking at the Windows event viewer, application logs and warnings on their computer. When the student did not find anything the caller had the student go to showmypc.com so he could remotely log into the computer and “troubleshoot” the problem.
Showmypc.com allows a remote person to gain control of your computer and install spyware and malware. As a result of one fake service call remote control software and malware was found on the students’ computer.
This type of scam is called Social Engineering and is effective because people tend to trust authoritative sounding officials over the phone.
If you receive one of these types of calls:
- Ask for the caller’s name, phone number, and case number. Tell the caller that you will call them back. Call the Service Desk at 617-373-4357 and have them connect you directly to the caller or ask them about the case number.
- NEVER give your password to a person on the phone. Northeastern will NEVER ask for your password over the phone or in an email.
- Never give personal information such as your social security or credit card number to anyone who has called your phone. If a service needs these numbers, find their office number and call them directly.
- If you feel that a service call is suspicious, hang up and call the Service Desk at 617-373-4357 for assistance.