Executive Summary: Defending against China-nexus covert networks of compromised devices
This is a sophisticated network-level threat rather than consumer-facing scam — organisations need to audit their edge devices and VPN logs for unusual traffic patterns indicative of state-sponsored activity. If your business relies on remote access, demand your IT team implements dynamic threat feed filtering immediately; don't wait for the breach to find you.
Your computer is not sending warnings to Microsoft, Apple, or anyone else. No legitimate tech company will call you unsolicited about a virus on your machine — they simply don't have that visibility. If you've already given remote access to someone following an unexpected call, disconnect from the internet immediately, then contact your bank and get the device checked by a professional you chose yourself.
What's happening
Organisations should map and baseline their edge device traffic, especially VPN and remote access connections, and adopt dynamic threat feed filtering that includes known covert network indicators.