Tech support phone scams have now been targeting Internet users around the world for a number of years. Despite widespread publicity about these scams, they continue to gain new victims every day.
An Overview Of The Scam
You receive a phone call from a person who claims to be a tech support worker. The person warns that your computer is sending out viruses or has been taken over by hackers and you must urgently deal with the problem. The person offers to help you fix the issue immediately.
However, the person is not a legitimate tech support worker and he or she is certainly not calling to help you.
If you comply, the scammer will instruct you to visit a website and download and install a remote access software tool. The software allows the scammer to take control of your computer remotely, ostensibly so that the viruses can be removed or the “hackers” blocked. In reality, the scammer will install malware on your computer.
The scammer will also demand that you pay an immediate fee for his or her services and insist that you provide your credit card details.
An Evolving Ploy
When I first started writing about these scams back in 2010, the majority of the scammers I encountered purported to be from software giant Microsoft. The scammers would claim they were calling from Microsoft’s “Security Department” or a similar entity. They would claim that my computer was full of viruses and spam and would soon stop working unless I allowed them to fix the problems straight away.
Nowadays, the scammers have refined their strategies. Some may still claim to be from Microsoft. Others may claim to be from a high-profile Internet security company such as Symantec, which owns the well-known Norton antivirus software.
However, many of the phone scammers now claim to be from Internet Service Providers (ISPs). For example, when targeting Australians, the scammers usually claim to be calling from Australian telecommunications giant Telstra.
The Internet Service Provider cover story is perhaps a little more believable because your ISP might actually contact you by phone if it discovers a problem related to your account.
Latter-day scammers also tend to be even more aggressive and threatening than they were in the past. They won’t just say that your computer might stop working because it has viruses. They will claim that it is distributing many dangerous viruses across the network and is, therefore, posing a threat to other users or the Internet as a whole. Or, they may claim that hackers are using your computer to access and compromise other computers on the network. They will warn that, if you do not deal with the problem, your service will be disconnected and you will be sued by your ISP or by the government.
In some cases, they may claim that, if the problem is not resolved immediately, police will come to your house and arrest you.
Why The Scam Still Works
Over the years, these tech support scammers have become very skilled at convincing people that they are legitimate.
Of course, tech-savvy recipients will likely suspect the caller’s bogus claims quite quickly and will not be taken in. But, there are a great many people who regularly use computers in their everyday lives but nevertheless have a quite limited understanding of computer security issues. And, these people may, therefore, be vulnerable to the lies told by tech support scammers.
After all, to a less Internet-savvy user, it might not seem unreasonable that their ISP or a computer company would call them about a virus infection or hacking attack. And the scammers can build on this apparent plausibility by offering to “prove” that the virus infection or hacking is real.
They do this by getting their victims to open an existing error log on their computer. They will instruct them to access the Event Viewer tool on Windows based computers and tell them if there are any ‘critical’ events or errors listed. In fact, the ‘critical’ errors and warnings logged in the Windows Event Viewer pertain to ordinary events such as unexpected shutdowns, software crashes or component conflicts. But, they might look rather scary to inexperienced computer users who may have never encountered such an error log before.
When victims describe some of the events listed in the error log, the scammers can then claim that the listed errors conclusively prove that the computer is infected or hacked. They are adept at reeling off streams of meaningless tech jargon that can further convince victims that the claims are true.
And the authoritative and threatening manner that the scammers use can rapidly convince victims that failing to immediately deal with the alleged problem may result in dire legal and financial repercussions.
Using these tactics combined, the scammers can trick their – now panicking – victims into complying.
What The Scammers Gain
As noted, one of the most common goals of these scammers is to install malware on your computer. Once installed, the malware can work quietly in the background performing its dastardly deeds. At the end of the call, the scammer may tell you that the problem has been resolved so you’ll hang up and go about your business as usual. But, next time you log in to your bank’s website the malware lurking on your computer can record your keystrokes and send the information to criminals waiting online. The criminals can then hijack your bank account and steal your money. Or the malware may steal other sensitive information stored on your computer.
The malware may also allow the criminals to control your computer from afar and use it to send spam and scam messages and perpetrate other fraudulent activities.
Moreover, if the scammers have tricked you into paying a fee for their “services”, they will now have your credit card details and can conduct fraudulent transactions in your name.
And, by combining information they learned about you during the phone call with information stolen from your computer, the scammers may even be able to steal your identity.
How To Recognise These Scams and Avoid Becoming a Victim
Firstly, keep in mind that software companies such as Microsoft or security firms such as Symantec will never cold-call you about a supposed virus infection or hacking attack. These companies will sell you software or Internet services, but they are not monitoring your computer for problems.
If it detects a problem with your account, your Internet Service Provider might call you to discuss the issue. But, they will not threaten you with legal action or arrest, they will not demand that you allow them immediate remote access to your computer, and they will not insist that you immediately pay a fee over the phone to fix a supposed problem.
If you are unsure about a phone call, tell the caller you will contact the company directly and hang up. Then, find a support number for the company via a phone directory, a previous bill, or the company’s website and call back. If the original call was legitimate, they will be able to help you. If they know nothing about the supposed problem, you will know that the original call was indeed a scam.
Browser Popup Variation
In an increasingly common variant of the usual tech support scam, an alert message may appear while you are web browsing that claims that your computer has been blocked due to virus and spyware infections. The alert urges you to call a listed support number immediately to get help with the problem. In fact, if you call, you will be connecting to criminals who will use the same tactics as described above. I discuss the browser popup version of the scam in another report.
How You Can Help
The best way to thwart these insidious criminals is to make sure that as many people as possible know about their scam calls. Don’t assume that all of your friends, family members, and work mates are aware of how these tech support scammers operate. You might be surprised. Talk about the scams, and, if necessary, take the time to bring people up to speed. Spreading the word can really help!