Microsoft has published new figures that show there has been a sizeable upwards surge in tech support scams over the past 12 months. The amount of victims that have reported these scams to Microsoft increased by 24% in 2017. The true surge could be much higher. Many victims do not report the incidents.
According to Microsoft, in 2017 there were 153,000 reports registered from customers in 183 countries who had been tricked by such a scam. While not all of the complainants admitted to losing money due to this, 15% said they paid for technical support. The average cost of support was between $200 and $400, although many people were scammed out of much more significant amounts. While victims may not willingly pay much more to fix the fictitious issue on their computers, if bank account details are provided to the scammers, accounts can easily be drained. One victim from the Netherlands claims a scammer emptied a bank account and robbed €89,000.
The increase in complaints about tech support scams could, in part, be put down to more scammers pretending to be software engineers from Microsoft, prompting them to report the incidents to Microsoft when they realize they have been tricked.
However, the increase in tech support scams is backed up by figures made public by the FBI. Its Internet Crime Complaint Center (IC3) received 86% more complaints in 2017 from victims of tech support scams. Around 11,000 complaints were registered by IC3 about tech support scams last year and more than $15 million was lost to the scams.
It is easy to see why these scams are so attractive for would-be hackers. In many cases, little effort is required to run the scam. All that is needed in many cases is a telephone. Cold calling is still common, although many of the scams are now much more complex and have a much higher success rate.
Email is also used. Some tech support scams involve warnings and use social engineering methods to convince the recipient to call the helpline. Others involve malware, sent as an attachment or installed due to visiting a malicious website via a hyperlink supplied in the email.
Once downloaded, the malware displays fake warning messages that trick the user that they have been infected with malware that requires a phone call to the technical support department.
The use of popups on websites is typical. These pop-ups cannot be shut down and remain on screen. Browser lockers are also common which serve the same reason. To prompt the user to call the support helpline.
While many more knowledgeable users would know how to close the browser – CTRL+ALT+DEL and shut down the browser through Windows Task Manager – less experienced users may panic and call the helpline number, especially when the popup claims to be from a well-known company such as Microsoft or even law enforcement.
The normal process used in these tech support scams is to establish contact by telephone, get the user to download software to erase a fictitious virus or malware that has previously been installed by the hackers. Remote administration tools are used that a permit the scammer to access the computer. The user is convinced there is malware downloaded and told they must pay for support. Payment is made and the fictitious problem is addressed.
These techniques are noth new, it is just that more hackers have got in on the act and operations have been expanded due to the high success rate. Luckily, there are simple steps to take that can stop users from falling for these tech support scams.
To avoid becoming a victim of such a scam:
- Never clock on any email attachments you receive from unknown senders
- Do not click on hyperlinks in email messages from unknown senders
- If contacted by phone, take a number and say you will return the call. Then get in touch the service provider using verified contact information, not the details supplied over the telephone
- If you are shown a warning via a popup message or website claiming your device has been infected, stop and think before doing anything. Real warnings do not include telephone numbers and do not have spelling errors or questionable grammar
- If you are sent an alert about viruses online and want to perform a scan, download free antivirus software from a reputable firm from the official website (Malwarebytes, AVG, Avast for instance)
- Before making any phone call, verify the phone number. Use a search engine to search for the number and see if it has been associated with scam campaigns in the past
- ISPs and service providers rarely make unsolicited telephone calls to customers about viruses and technical problems and offer to address the device
If you believe you are a victim of a tech support scam, make the incident known to the service provider who was spoofed and notify appropriate authorities in your country of residence.
In the USA, that is the Federal Trade Commission or the FBI’s IC3; in the UK it is the National Fraud and Cyber Crime Reporting Center, the European Consumer Center in Ireland, or the equivalent groups in other countries.
