Even two years ago, the Federal Trade Commission was aware of more than 40,000 consumer complaints related to tech support scams – a number which has certainly only grown by leaps and bounds since.
But it’s not just the instances of tech support scams that have ballooned over the past couple years. Like any other scam that works, criminals are always finding new methods of reaching their potential victims. What can you do?
The fact of the matter is that modern life requires the use of technology, and if you use it enough, there will come a time when you need support.
How can you continue benefiting from technology while avoiding tech support scams? Especially since they’re always changing?
We’ll talk about this—and much more—here.
FTC Shuts Down Fraudulent FL Tech Support Operation
Here’s a prime example of a modern tech support scam: According to a recent press release from the FTC, that’s exactly what an international ring of companies conspired to do. Basically, they’d use online pop-up ads, formally known as scareware, to cause prospective victims to believe their computers contained viruses or other malware, and that the company could provide a resolution. Then, once customers phoned the company’s call center, they were pressured into handing over their money.
Here’s how the FTC explains it:
“According to the complaint, the defendants caused consumers’ computers to display advertisements designed to resemble security alerts from Microsoft or Apple. These ads warned consumers that their computers could be infected with malware and urged them to call a toll-free number in the ad to safeguard both their computer and sensitive personal information stored on it.”
From there, callers were told the company’s “diagnostic testing” confirmed the presence of malware, and that removal would cost between $200 and $300. Callers were then upsold “outdated and ineffective” antivirus software for another $200 to $500 (some of which was available elsewhere for free), as well as ongoing tech support plans priced at $9.99 to $19.99 per month.
Based on these actions, the FTC and the state of Florida have alleged that the 12 companies and individuals involved raked in millions of dollars, while violating the FTC Act, the Telemarketing Sales Rule, and the Florida Unfair and Deceptive Trade Practices Act. A federal court has since temporarily shut down the business, placed control with a court-appointed receiver, and frozen their assets.
This isn’t a lone case, unfortunately. In fact, questionable tech support advertisements have become such a concern that Bing Ads recently announced that it will “no longer accept advertising from third-party tech support companies.”
Various Types of Tech Support Scams
As mentioned above, tech support scams have been around for years, although before the pop-up ads we discussed above were en vogue, it was (and still is, in some cases) popular for “tech support specialists” to cold call individuals whose names and other basic information were pulled from public directories. Often times, these callers even claimed to be from Microsoft. Here’s a real world example:
Even as a business owner, Max Robinson, who owns Ace Work Gear in Glenrothes, Scotland, fell victim to a tech support scam six years ago.
Max told us that someone claiming to work for Microsoft called one day, claiming that they detected an infection on their computer, and that it would take around £100 fee to repair. Max’s father was the one who answered the phone, and he was quick to pay.
Fortunately, Max said, the “fee” was placed on a debit card, so they quickly withdrew their money and closed the account after they figured out what happened.
After the incident, Max noted that he attempted to trace the callers, although they used “some sort of technology to hide their number and fake their location (the call was said to come from within the UK but we were advised that it almost certainly came from India).”
In her position at PeopleClaim.com, Sally Elizabeth says she’s learned a great deal (and heard from countless claimants) about these tech support scams. She notes that there’s a new twist to this direct-call scam, where the caller tells “you that they owe you a refund for tech support services and will be happy to put it back on your card or make the refund via access to your computer.”
Before fake security pop-up warnings like this, scammers would cold call potential victims, hoping to get them to hand over their hard-earned money. Image credit: Zeltser.com
Like with the newer pop-up ad version, the scammers will try to convince you to hand over your credit card information. In some instances, though, they will also ask to verify your Social Security numbers and/or important passwords. Other times, they might:
- Ask you to download malware disguised as beneficial “scanning” software
- Request remote access to your computer, where they can change settings or access sensitive personal or financial information
- Redirect you to a website that asks for credit card and other information
In many instances, scammers will request that you grant them remote access to your computer, thereby opening up your entire hard drive to their prying eyes. Image credit: Zelster.com
While all of the scams we’ve discussed so far have to do with computer problems, it’s increasingly common for scammers to use other technical issues, such as email, as an opportunity to take advantage of unsuspecting victims.
For example, a scammer might purposely sends an email password reset code to a potential victim. Then, they’ll immediately follow it up with a text message to the victim’s phone, requesting the recent verification code. Here’s a quick video from Symantec explaining how the process works:
But it doesn’t stop there, because these tech support scams have even been initiated through social networking services like Twitter!
Given all the different ways criminals are trying to steal your money and your information, they’re only likely to continue. As such, James Davis, an FTC attorney in who worked on the case mentioned above, notes that, “People still need to watch out for these scams.” How can you accomplish this, though?
How Can You Avoid Becoming a Tech Support Scam Victim?
1. Disconnect the Call
According to the Federal Trade Commission, the first thing you should do if you receive an unexpected tech support call is to hang up the phone. This is also something we discuss in How to Identify & Avoid Phone Scams.
Why? To put it bluntly, unless someone has access to your computer (whether directly or remotely), there’s no way they can know if it’s infected. So, if an unknown person suddenly calls and claims such, you can be 100% certain that it’s a scam and that you should immediately disconnect the call.
What about pop-up ads, though?
2. Understand the Difference Between an Error & an Advertisement
Imagine that you’re browsing one of your favorite websites, when an advertisement suddenly appears, fills your entire screen, and presents dire-sounding warnings like: “This computer is infected—your personal and financial information could be at risk! Call 877-123-4567 to resolve this problem immediately!” (See the first image above as a prime example of this.)
In other instances, you could see big, flashing buttons that demand you “Download Now” or “Fix My Computer Now.” Either way, these advertisements—often found on less-than-stellar sites like gambling, pornography, gaming, torrents, etc.—are meant to create an emotional response and cause you to call the company or download potentially malicious software.
But, that’s just what they are: advertisements! As with cold calls, there’s no way a website can tell if your computer is infected without giving them permission, or without downloading software.
Instead, you should always trust your own antivirus software, which will display warnings like a system notification on your computer—not inside your website browser.
3. Know Where to Look for Contact Information
Even if you have a legitimate hardware or software concern (after scanning your system using antivirus software, for example), it’s still generally not a good idea to call numbers obtained through online pop-up ads, or through search results. Instead, try searching for the manufacturer’s information on their packaging or on your receipt.
Alternately, you can verify contact information through consumer advocacy websites like the Better Business Bureau.
Instead of online pop-ups, if you’re contacted via phone by one of these tech support scammers, take a look at the area code displayed on your caller ID. As we learned above, this number is likely fake, but if it’s unusual, this could be a sure sign of a scammer.
Carol Gee of Atlanta, GA tells us that while she hasn’t fallen for a tech support scam, she’s received a lot of calls over the last few weeks. Generally, she finds they “always come from strange area codes [like] 164, 331, and other odd ones.”
4. Are You Over the Age of 55? Know That You Are a Prime Target for Tech Support Scams
If you’re interested in the detailed anatomy of a tech support scam, Zeltser Security Corp provides a fantastic look at the process, including visual and audio media to go accompany it. While it’s a bit lengthy, we’d highly recommend at least skimming through it to get up to speed on how these scams work.
During their exchange with the criminals, the company rep was asked if they were 55 or older. When pressed, the scammer explained that they offered a senior citizen discount, although the more likely scenario is that seniors are prime scam targets, since they generally have large nest eggs ripe for the picking, and may feel socially isolated.
What’s this mean for you? If you’re 55 or older, understand that you are a prime target for these tech support scams, so it’s especially important that you arm yourself with the information you need to stay safe.
5. Keep Your Financial Information Out of Their Hands
If for some reason you didn’t hang up after these scammers called you (or after you called them), understand that they’re immediately going to 1) try to gain your trust, or 2) lay on the high-pressure selling tactics.
Either way, recognize that their primary goal is to cause you to make an ill-informed, emotional decision, so they’re going to be very convincing in their pursuit for your personal and/or financial information. No matter what they say or how well they say it, don’t give them anything they can use to gain a foothold, including passwords (no legitimate organization will ever request passwords over the phone) or access to your computer.
The best way to accomplish this? Again, immediately disconnect the call.
6. You (Probably) Don’t Need to Spend Money to Safeguard Your Computer
Even if these alarming pop-up advertisements were legitimate, the reality is that solving the problem is often as easy as downloading up-to-date antivirus software from well-known companies like McAfee, Norton, and others. In fact, if you don’t already have this software, you can often obtain if for free, or nearly free, from your internet service provider.
Outside of traditional antivirus software, a few other methods you might not have considered to safeguard your computer include:
- Installing updates
- Backing up important files (which can go a long way toward recovering sensitive information if your computer becomes infected)
- Removing bloatware (unnecessary programs, or those not often used)
For more about exactly how to accomplish this, be sure to read How to Get Free Anti-Virus Software.
Granted, these are great tips to safeguard your money and your identity. But what steps can you take if you’ve already fallen victim? That’s what we’ll cover next as we wrap up.
What to Do If You’ve Already Become a Tech Support Scam Victim?
First, if you handed over your credit card information to one of these scammers, be sure to immediately contact the bank and report the charges as fraud. Also, be sure to write down the details of your call while they’re fresh in your mind and keep the documents in a special folder, as this can be immensely helpful to the bank.
Next, report the call to the FTC. Remember that these scammers often use caller ID spoofing, so the number you saw on your phone might not be the actual number they called from. And while signing up for the National Do Not Call Registry might not always prevent these scams, it can help you immediately determine if someone is calling you illegally.
Also, if you shared any passwords with a scammer, be sure to change them immediately and take extra precautions to ensure they’re strong.