Jun 16, 2011 17:21 GMT  ·  By

A type of cold calling scam where criminals pose as computer security experts and trick victims into infecting themselves with malware or relinquishing control over their computer is increasingly common in English-speaking countries.

Microsoft commissioned a survey of 7,000 computer users in the United States, Ireland, UK and Canada, which revealed that at least 15 percent of them were targeted by this sort of scam.

In certain countries the percentage of attacked individuals was significant higher. For example, in Ireland, one in four users received such calls.

The success rate of the scam is also high. According to the survey, around 22% of targeted individuals were deceived into following the scammer's instructions.

Furthermore, 79% percent of those tricked ended up suffering financial loss and over half of them experienced more computer problems than before. Others had money taken from their accounts, their passwords stolen or were victims of identity fraud.

The average loss ranged from $875 in Ireland to $1,560 in Canada. The average cost of mitigating the attacks and the resulting fraud was $1,730.

"The security of software is improving all the time, but at the same time we are seeing cybercriminals increasingly turn to tactics of deception to trick people in order to steal from them," said Richard Saunders, director of International Public and Analyst Relations at Microsoft.

"Criminals have proved once again that their ability to innovate new scams is matched by their ruthless pursuit of our money," he concluded.

Even though for now English-speaking users are the primary target for these scammers, Microsoft expects the scam to extend to other countries as well, as previously seen with other types of attacks.

Users can protect themselves by following some simple recommendations. For one, they should treat all unsolicited calls, especially those related to their computer's security, with suspicion, regardless of who the caller claims to represent.

In addition, they should never provide financial or sensitive personal information over the phone to an unsolicited caller. Neither should they provide this data on a website the caller directs them to.

If you are targeted by such a call and have reason to believe it might be genuine, ask the caller for identification and tell them to call back later. In the meantime, call the company they claim to represent and verify that they are authorised to do what they claim. Don't call a number they you themselves for verification. Find it yourself.