Kilman IT Services social engineering phone call attack

I just received a strange call. Basically, someone phoned me up and tried to convince me to change my computer’s settings. They called my direct line (not the co-op switchboard), so I think they might be calling other numbers in the Weston-super-Mare area. Watch out for this attack.

I’d heard about these calls from Box Bush Farm a year or so ago, but this is the first one I’ve had. They introduced themselves as calling from “Kilman IT Services” (if I heard it correctly – I didn’t find it in a web search, so hopefully they’re not defaming a real company) and say they’re calling about the critical error that I reported from my computer (I guess they mean the dialogue that some applications pop up when they crash). I said something non-commital like “riiight” and they continued.

Apparently, that error has been registered in my computer’s files and could cause damage at any time! So, they need me to edit my computer’s registers to remove the error. Then they started trying to talk me through the process of running regedit. I’m guessing the changes would have allowed them to control a Windows computer somehow.

At this point, I introduced myself and hung up the phone. Of course, there was no caller ID shown. If only I’d picked up the call from a phone with a record button, I would post a recording! It sounded like a call centre and the caller spoke English with a far-eastern accent, but of course it could be from anywhere.

This is a crude social engineering attack. Don’t fall for it. As it says on Get Safe Online: “How to spot social engineering: You get an unexpected call, email or visit from a technical support person”. Better yet, make sure you know the names of your tech support providers and refer any unsolicited repair calls to them. I think real IT services would talk to your lead support provider.

This sort of obnoxiousness is part of the reason why our co-op doesn’t publish our client list. I’m posting this mainly so if anyone searches for “Kilman IT Services” they’ll find details of the call.

This entry was posted in Education, Training and Information. Bookmark the permalink.

4 Responses to Kilman IT Services social engineering phone call attack

  1. MJ Ray says:

    Thank you. I love some of the responses mentioned in the comments on that site, including the “we don’t have a phone” and “I’m just a burglar who’s answered the phone” but a special prize for patience should go to “I went to the site on a non-Microsoft PC and spent a while with the caller explaining all the problems with the Apache install on their web server until he hung up on me” :-)

  2. mjr says:

    I had another of these calls today from 009999100353

Leave a Reply

Your email address will not be published. Required fields are marked *

* Copy this password:

* Type or paste password here:

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>