Yesterday i heard from a colleague that he had been exposed to a hack attack that is very sophisticated and probably could have been successful if not my colleague had worked in IT.

What happened was that he got a call and the other party asked for his wife (this means that they in some way have target their attacks as they said her name), he said that she was not there and asked if he could be in assistans, the one on the phone informed my colleague that he was calling from Microsoft and that they had noticed that his computer was reporting lots of errors and that they could help him fix it. As he is working as an IT professional he became interested and let the man on the phone explain, which he did and told my colleague to open the event viewer and directed him to some common errors through filtering. When they found the errors the “Microsoft” represenative said that he could help him to fix this and directed him to a remote desktop software site ( a real website that had been copied and changed url by one character ), this evil site installed a Java tunneling trojan which his antivirus software did not find with the real time scan, after this my colleague said thank you and hung up and disconnected his laptop and investigated it.

Today he heard of an 80 year old lady that had been attacked using the same technique.

I can safely say that Microsoft will never ever call you and tell you stuff about your computer and ask to remote administer it!! AND FOR GOOD SAKE DO NOT ACCEPT JAVA OR ACTIVEX plugins/programs that does not come from a legitimate site

watch this youtube clip and get scared about how easy anyone can get hold of your computer. Also look at the follow up clip that shows when he set up an account and run RDP to that session..