Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Crime Microsoft Security

Criminals Posting Counterfeit Microsoft Products To Get Access To Victims' Computers (sky.com) 23

Microsoft has confirmed to Sky News that criminals are posting counterfeit packages designed to appear like Office products in order to defraud people. From the report: One such package seen by Sky News is manufactured to a convincing standard and contains an engraved USB drive, alongside a product key. But the USB does not install Microsoft Office when plugged in to a computer. Instead, it contains malicious software which encourages the victim to call a fake support line and hand over access to their PC to a remote attacker.

Microsoft launched an internal investigation into the suspect package after being contacted by Sky News. The company spokesperson confirmed that the USB and the packaging were counterfeit and that they had seen a pattern of such products being used to scam victims before. They added that while Microsoft had seen this type of fraud, it is very infrequent. More often when fraudulent products are sold they tend to be product keys sent to customers via email, with a link to a site for downloading the malicious software.

This discussion has been archived. No new comments can be posted.

Criminals Posting Counterfeit Microsoft Products To Get Access To Victims' Computers

Comments Filter:
  • So you're saying my copy of Microsoft Office 2024 isn't legit?

    • As mentioned in TFA, one way to mitigate some of the problems with malicious software is to run windows in a non-admin account. By default, Win7 Home and Win10 Home create the default account as admin. You can create a non-admin account in about 2 minutes, copy your desktop icons, and decide if you want to copy or move your My Documents folder to the new account. Add new user to Windows Home [microsoft.com]

      Running as a non-admin means when the UAC warning appears on the screen, instead of just blindly clicking Allow, yo

      • It depends on what the malware does. You can cause plenty of mischief without Admin privilege, or even a UAC warning.
    • So you're saying my copy of Microsoft Office 2024 isn't legit?

      It's as legit as your copy of Madden 2025!

  • Unlike phishing emails and other forms of online scam which can be distributed to millions of potential victims with negligible costs for the criminals, physical packages will cost a significant amount to manufacture and post, meaning they risk a much lower return on investment for criminal enterprises.

    Many of the people who would likely fall for these scams use email providers that have increasingly effective systems for blocking spam at this point, and there's much better awareness of this type of scam since it's been around so long. There are even YouTube channels dedicated to exposing it. I'm sure many people still fall for it, but perhaps not as many as before.

    A physical package has the advantage of being a less known method and seeming much more genuine to a potential victim. This might even be an e

  • When you google a software product and you get unbelievable prices at 1/3 or a 1/10 of their retail price (not at microsoft.com), you have to ask the question- is this legit? These are the same group of people who dont mind the super cheap appliance they bought that "fell off the back of a truck" as long as it works. When youre out the money, you have only yourself to blame.
    • When youre out the money, you have only yourself to blame.

      People who go for this are quite often poor who were out the money in the first place. Please don't victim blame.

      And you absolutely can cheat an honest person, just not with a product which looks dishonest.

      • You make a good point but remember being poor does not mean one can't have common sense. If something is too good to be true, it probably is.
        • And yet in many cases there's no down side. The OP themselves made the link between "fell off the back of a truck" a process which describes a person buying something and often getting the actual product (the downside being the knowledge that it was almost certainly stolen). I too have bought games for $3 from key sites and they have worked 100% fine and still work to this day.

          Not everything too good to be true is actually so, especially in the world of software where piracy is rife.

    • You didn't read the article, did you? Just popped down here to get all self-righteous.

      People aren't ordering these, they are receiving them unsolicited. In their physical mail. As an installer in packaging that appears to come directly from Microsoft. They didn't order a copy of Offffixe 2023 from goooglesoftwarex.ru. The example in the article is a retiree, though the most likely target is going to be professionals in organizations who may or may not even realize that they are receiving something no on
    • by nukenerd ( 172703 ) on Saturday August 27, 2022 @03:56AM (#62827319)

      When you google a software product and you get unbelievable prices at 1/3 or a 1/10 of their retail price (not at microsoft.com), you have to ask the question- is this legit?

      Try reading TFA.

      Who modded this rant as insightful anyway?

  • Microsoft plunders your computer for information from the moment you first turn it on. No one has a clue about what they gather or what they do with it. They also install things that are never disclosed for reasons that are never revealed. Effectively you don't own your hardware, software or data.

    If you were sufficiently cynical it would be easy to conclude that Microsoft is only concerned about this because they don't want competition when they are spying on you.

    • TFA and the article from the other day about reselling product keys [slashdot.org], would seem to point towards Microsoft having a desire to lay down justification for an upcoming push to further lock down Windows and it's licensing validation. My guess, at least on consumer editions, is they want to make the Windows Store the only place you can legitimately "buy" Windows, and then force the Windows Licensing Service to validate the installation through it.

      Of course a bonus side effect of this, is that the Windows Store
    • by gtall ( 79522 )

      More bluntly, MS is just another scammer aimed at pilfering your information.

    • Yes. Regardless of whether you pirated it, copied it, obtained it legally, or illegally, it almost certainly is "genuine" by every definition of the word.

      • Nah, if it's got bad stuff shoehorned into it then it's not genuine.

        The "is my windows genuine" question is worthless of course. If you use an unlocking tool and then ask windows if it is activated and genuine, it will happily tell you that it is.

  • by gweihir ( 88907 )

    You can download the original images from MS themselves. You just do not get a product key that way. Of course, you can also use a reputable key-seller that has been around for a while if you really want a media with the key. May want to check the local legal situation first, but for example in Europe selling and buying a "used" software key is entirely legal after some court decisions were MS and others lost.

  • But the USB does not install Microsoft Office when plugged in to a computer.

    Dammit! Another thing that won't run on Linux.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.

Working...