BSN Blog 1.29.20

Windows 7 End of Life – the Beginning for New Scams

BSN Blog 1.29.20

End of Windows 7

They say when one door closes another one opens, but in this case, it’s a window.  On January 14th, 2020, Microsoft ended its support for Windows 7.  Since Microsoft is no longer offering patches or security updates for vulnerabilities identified in Windows 7, hackers have a new way of gaining access to data for any individual or organization still running Windows 7. Outside of exploiting any identified vulnerabilities, hackers are using Windows 7 end of life as a perfect way to scam unsuspecting users of the outdated software into falling for their tricks.

Through social engineering or other popular tactics, scammers are contacting users and posing as Microsoft employees (or other credible resources) who are simply “here to help” by looking to make sure that you obtain ongoing support for your outdated software.  They appear to be very helpful, offering you a solution to your situation.  And all that the user must do is commit to paying a fee for ongoing support or allow access to their computer so that they can install or deploy “helpful” software.

Generally, users will be contacted by telephone or via a pop-up window that alerts them to click on a link for support.  Unsuspecting victims will assume that Microsoft is deploying this via their own software, and so it must be legitimate.  It is not.

As an MSP, you have control over your clients to a degree, but not entirely and in all aspects, so be sure to educate them about the dangers that lurk about if they have Windows 7 at home, or their business has not been updated yet.

Give them Guidelines

  1. Microsoft will NEVER call you to open a support ticket. Support tickets ALWAYS have to be initiated by the consumer.
  2. Never give your credit card, banking, or other payment information over the phone to someone calling you about support.
  3. Microsoft is not liable for your mistakes. If you fall for a scam, you will not be reimbursed by Microsoft for any monies lost.
  4. Computer pop-ups can be deceiving. If you are suddenly alerted to an urgent need to update or upgrade software, it is likely a scam, especially if it is about Windows 7.

Should any of these scenarios come up, instruct your clients and their employees to call you immediately.  Yes, you will have to be more readily available in the immediate future, but it will likely prevent you from having a much larger crisis to deal with later.  And that could possibly happen at a much more inconvenient time!

 

badge w light burst white (1)
Exclusively for Our MSP Partners

Now Available: Gen AI Certification From BSN

Lead Strategic AI Conversations with Confidence

Breach Secure Now’s Generative AI Certification helps MSPs simplify the AI conversation, enabling clients to unlock the value of gen AI for their business, build trust, and drive growth – positioning you as a leader in the AI space.

More on blogs

What Is the AI Culture Assessment? A Smarter Starting Point for Responsible AI Adoption

AI is already showing up in the workplace, but many organizations lack visibility into how it is being used. The AI Culture Assessment helps MSPs

Phishing Tests Aren’t Enough: Why Remediation Is the Missing Link in Security Awareness

Phishing simulations show who clicks, but without follow-up, they rarely change behavior. Phishing remediation closes the gap by turning failures into learning opportunities, reinforcing training

Why Continuous Training Beats One-and-Done Cyber Awareness

Cyber threats evolve constantly, which means annual cybersecurity training is not enough to keep employees prepared. Learn how continuous training, phishing simulations, remediation, and short
Take the First Step

Experience Training That Makes a Difference

during the demo you’ll:

Take the First Step

Experience Training That Makes a Difference

During the demo you’ll: