Q: I just read today’s article (Geek Note: I.G.T.M. No. 609, March 30) about the Microsoft scam (which I have received several times). Yesterday I received four calls on my cell with my own cell number showing on caller ID. I answered the first one and heard a recorded message about my IP address being stolen. I ignored the next three. Is there anything I need to do to ensure my phone is secure?
— Cindy F., Shalimar
Q: Love your articles. I have found a few very helpful. This is not a current issue, but a question. In issue No. 609 is a question about scams. If you think you may have been compromised by a link or telephone call, would doing a recovery to the previous check point, and then run your security software be a good way to limit/eliminate the threat? What do you recommend?
— Dale A., Forest Lake, Minnesota
A: Let’s start with you, Cindy. In Issue No. 609, one of the things I said is that “nobody can tell based on your phone number that you even have a computer online.” That would also preclude them from detecting your IP address.
That fact aside, why would anyone want to steal an IP address? It’s not as if they are some sort of marketable commodity or have monetary value. Each Internet Service Provider (ISP) is assigned a range of IP addresses that they assign to customers as needed. That “as needed” means at times when your DSL or cable modem is connecting up to the ISP, or refreshing your connection. When that happens, you might get the same address, there’s no guarantee of that.
In practice it doesn’t really matter because your ability to use the internet is not predicated on one specific IP address. But, just for fun, let’s imagine for a moment that someone could somehow detect your IP address. Worst case scenario, you refresh your connection, your ISP assigns the next available IP address, and you go merrily on. The threatening language in the message you received is nothing but technical jargon-sounding gibberish, intended — like most of this type of scam — to frighten and intimidate the would-be victim.
You asked about your telephone itself. First of all, the calls that show up with your own number in the caller ID display are obviously spoofed. There is an actual federal law prohibiting this practice, under threat of fines up to $10,000. That ought to tell you how blatant these scammers are. To combat the problem, I can’t give you any better information than the Federal Communications Commission. They have a page with lots of good information on Caller ID Spoofing, at TinyURL.com/IGTM-0612.
As for you, Dale, let me say that your computer cannot be “compromised” by a mere telephone call. A compromise can only occur in the unfortunate instance that someone falls for the line the scammer is feeding them, and either visits a compromised website, downloads software or worst of all, allows the scammer to remotely access the computer.
These scammers are pretty good at what they do, and I would be remiss in my charge to you as a Geek if I were to tell you “Sure! Using a Restore Point will automagically fix everything!” The truth is that it’s entirely possible to do things to a computer that completely bypass what is “restored” by this process. I’ve actually known of malware that can survive through formatting a hard disk and completely re-installing Windows!
Using Restore Points also assumes that you have a valid, non-destructive Point available — one that was made prior to any incursion, but after anything you did that you don’t want to lose. So, I’m not advising you to not try it, but I would also not advise you to believe that you’ve fully reversed any damage by doing so.
By far, the best remedy is prevention, which comes about by education. You’re headed in the right direction asking this type of question!
Geek Note: Hey Geeks, my question queue is running dry again! I need your questions to fuel all this great discussion. Remember, It’s Geek To Me is about anything having to do with technology — not just computers and Windows issues. Visit my website to ask your tech-related question!
To view additional content, comment on articles, or submit a question of your own, visit my website at ItsGeekToMe.co (not .com!)