Tech support scams are back, and more elaborate than ever. The best defense is to know the scammers’ tricks so you don’t fall for them.
What are tech support scams?
Tech support scams involve scammers impersonating technical support representatives from a major tech company like Microsoft, HP or Dell. The scammers try to convince the victims that there is a serious problem with their computer and direct them to install malicious software or pay for bogus services or fixes.
How do tech support scams work?
The scam may begin either with a phone call or an alert message on your computer.
The call
In this scenario, the victim receives a call from someone claiming to be from Microsoft or another well-known tech company. The caller tells the victim that his or her computer is infected and offers to help diagnose the problem and find a solution. The scam then usually proceeds in one of several ways:
- The scammer directs the victim to download fake “virus-scanning” software to help identify and fix the “problem.” The software is fake at best – used to show non-existent problems with the user’s computer. In the worst case, the software may actually be malware, allowing scammers to actually infect the user’s computer.
- Alternately, the scammer may request remote access to the victim’s computer and then download malicious software or change system settings.
Once the scammer has “proven” the problem to the victim, he or she will offer to fix it for a fee — either as a one-time software download or a subscription “protection” service. The money may be collected via credit or debit card, electronic check or wire transfer.
The alert
This scenario is automated, and the victim may never hear from an actual person over the phone. The victim receives a pop-up alert message while browsing the web or performing other tasks on the computer. The alert will say that the computer is infected and direct the user to continue with a scan or fix for the “problem.” This alert may be triggered by a prior malware infection or a malicious web page. Clicking the alert directs the victim to a screen that may perform a fake scan or ask the user to download additional software. The scan will show numerous “problems,” and the victim will be offered a fix and directed to the payment page.
The follow-up
In this recent update to the tech support scam, the scammers may actually call a previous victim again after some time and ask if the user is satisfied with the prior “service.” They will offer a refund for the previous charges under the pretense of ensuring customer satisfaction. The scammers will then ask for the credit card or bank account information in order to process the refund, but will steal money instead.
Protecting against tech support scams
The best defense against tech support scams is knowledge. The scammers intentionally try to overwhelm the victims with technical terms, many of which may actually be completely random and irrelevant. Don’t be intimidated. Know that it is extremely unlikely that anyone from Microsoft, Apple, Google or any other major technology company would ever call you about a problem with your computer. If you get a call like this, simply hang up.
If you get a computer alert rather than a call, avoid clicking it or near it, if it’s on a web page. Use your operating system’s force-close feature to terminate the browser session or the alert application. (In MacOS, go to Apple menu and select Force Quit and then select your browser. In Windows, use the Task Manager app to terminate the browser.) Perform a full system scan with your security application to remove the malware.