Hey, it’s, like, 2018, you know? You’d think by now, with our 21st-century technology, digital scammers would be a thing of the distant past. But, like everyone else, scammers are keeping up with the times and changing their tactics, although they still use old-school methods to deploy them. And with cybercrime of this type on the rise, they’re still working quite well. One of the most prolific, and effective, cons being played these days is the tech support scam.
By The Numbers
In March of this year, the FBI’s Internet Crime Complaint Center, known as IC3, issued a Public Service Announcement about tech support fraud. They reported that in 2017, the IC3 received over 11,000 complaints of tech support fraud, resulting in monetary losses of approximately $15 million. This was an increase in losses of 86% over 2016. And earlier this year, at the RSA IT security conference, Microsoft reported that complaints about tech support scams from Windows users rose 24% in 2017, with over 153,000 users reporting in from 183 countries.
What Is A Tech Support Scam
Simply defined, for those who have not yet been unfortunate enough to have had the experience, a tech support scam involves a criminal contacting you claiming to be a support specialist, informing you that you have a problem with your computer, and they’re here to help you through this difficult time. They usually claim to represent a large corporation like Microsoft, HP, Dell, or some other well-known company. These types of fraudulent messages can be delivered through a popup on your screen, a fake website, by email, or by a telephone call. Their goal, of course, is to profit, either by a direct attempt to get you to send them money or to compromise your system to get access to your data, or possibly to cause damage.
A Real-Life Example From Our Archives
Recently, a distraught customer from a realty company called our Symtec computer services in Cedar City, UT which our support technician immediately suspected was a case of tech support fraud. The customer reported that one of their office employees had taken a call from “someone with a strong accent”, indicating that they were foreign-born, yet curiously went by the name of Bill. The caller identified themselves as a support technician and then convinced the employee to perform some ‘critical updates’ to their computer system. The customer also suspected foul play and asked for help. Unfortunately, at this point, the damage is likely to have already been done, and it has become a recovery mission.
How To Spot A Tech Support Scam
Spotting a tech support scam is sometimes easy, and sometimes it’s not. But there are some warning signs you and your employees should be on the lookout for.
- Just the fact that they contacted you is a dead giveaway. Big companies, or small ones for that matter, simply aren’t going to contact you to tell you about a problem. They know you’ll call them. If it’s a phone call, the best response to this is to just hang up. Even if your caller ID says Microsoft or Symtec, it means nothing because phone numbers and company names can easily be spoofed.
- As mentioned in the example above, a heavy foreign accent with an incongruous name is a red flag. They might say they just use that name because it would be hard for you to pronounce their real one. But beware. Many tech support fraud call centers are located in Africa, India, China, and Pakistan.
- If you’re asked to install something on your computer, visit a specific website, or call a phone number, leave it alone. If someone is trying to get you to install something, they want to take control of your computer or infect it with something. If a message purports to be from an institution you know, call them directly. Often this type of scam uses personal information given out earlier inadvertently in a phishing scam.
- One common trick scammers use is to ask you to open the Windows Event Log Viewer so that they can diagnose a problem. What they are really trying to do is prove their technical expertise and gain your trust, There will almost always be some kind of warning or error in the log viewer, and it doesn’t mean anything is seriously wrong.
Bottom line, a little common sense and knowledge of how these simple scams work will go a long way towards avoiding them. Make sure all of your employees are aware of these red flags and are on their guard.