Most people have come into contact with different variations of tech support scams. Here’s some detailed information about how they work, what they want, and how to avoid these scams.
The Basics
No company is going to contact you because of a problem with your computer or internet connection. This means if someone calls you claiming to be from Microsoft, Comcast, Amazon, Windows, and other similar companies, you should hang up the phone and check the information with official contact methods yourself.
If you get a robo-call claiming to be a well-known company like Amazon, Microsoft, etc, hang up. They may tell you that someone has stolen your details, or ordered an item without your knowledge, and that you have to get on your computer or laptop and perform a series of actions to fix it.
If you get a pop-up on your device while browsing the web and it’s claiming you have a virus or hacker, it’s probably a scam. They often have loud, alarming sounds to scare you into calling the listed number. Any pop-up telling you to call a phone number is a scam.
They want to connect to your computer or laptop.
One of the best ways to get continuous scam callers to stop calling you is to tell them you do not have a computer or laptop. Many of the types of scams they will initiate require them to remotely connect to your computer or laptop. Once they’re connected, they can essentially control anything on your computer, and even access devices across your local network. This means they can control all of your files, use your webcam, install malicious software, and other nefarious things that will let them hold you hostage.
They want access to your accounts.
They may convince you that something is wrong with your device or your internet connection, and that you need to purchase their services or products to fix it. They might claim that someone has used your personal details fraudulently, and the only way to fix it is to go through an online refund process. Along the way, they might claim that an involved party has made an error during a transaction, and threaten the victim with law enforcement or job loss if they don’t go through an elaborate process to give them the difference or “secure” their funds. All of these scams have the same goal – to get you to pay them in cash, wire transfers, or gift cards.
If you don’t comply, they may hold you hostage.
The most tragic element to these scams may occur if the victim comes to realize they are being scammed mid-process. If the scammer has access to your computer, they may immediately lock it and demand payment in order to get it back. They also may edit your bank’s website using your browser’s Inspect Element feature to make it look like your balance has changed. These are their last attempts to scare you into going along with their scam, and can often cause dangerous levels of stress and anxiety for victim’s who are already exhausted and confused.
One Scam, Many Faces
Fake Tech Support Scam: They lure victims with unsolicited contact, or by giving you a fake error message and prompting victims to call their phone number. They will try to convince their victims that there are issues with their computer that don’t exist, using tactics that include: Using fake antivirus software or malicious websites, showing the victim that they have stopped services (something that is entirely normal), or using the command prompt and technobabble to confuse and intimidate victims. Sometimes they’ll ask for a flat fee, and other times they may offer the victim a selection of “packages” for various prices, claiming they will protect the computer from hackers and viruses for a certain amount of time.
Refund Scam: These scammers will pretend to be from a variety of companies, offering you a refund or cancellation of a service or item. They will often be very vague and call themselves something generic, like “refund department” or “tech support services”. They will want to connect to the victim’s computer to facilitate a “cancellation form”, or “refund form”. Sometimes they’ll ask outright for you to log into your bank account while they are connected to you. Once the victim does so, the scammers may black out the victim’s screen and lock all of their input, or distract the victim with a physical task, in order to use your browser’s Inspect Element feature. This allows them to change the code of a bank website briefly, making the victim believe that their balance has changed. In reality, the balance has not changed – this is just a temporary edit to the web page. The scammer will frighten the victim in order to ensure that they don’t try to check their balance on their phone or other device, as it would expose their scam. If the victim has large amounts of money in various accounts, the scammers will sometimes just move money around between those accounts to make it seem as though the balance has changed.
IRS / Immigration Scam: These scammers will often pose as people who work with a state or federal agency like the IRS. They will claim that the victim owes money to them, and that the deadline for paying is up. They will tell the victim that either they pay some percentage of what they owe right now, or law enforcement will get involved. Tragically, they will target immigrant families, preying on their fear of being in legal trouble to scare them into emptying their bank accounts. Sometimes, they will claim that someone is currently using your personal details fraudulently, and that in order to safeguard your finances, you need to transfer money elsewhere – often a series of gift cards or wire transfers.
Social Security Scam: A social security scammer will contact you saying that your Social Security number has been used fraudulently, and has even been used to commit a series of crimes. Often, these scammers will actually have the person’s SSN, due to their personal details having been part of a data breach. This can often scare a person into thinking the call is legitimate, and doing whatever they can to prove they aren’t a criminal. The scammers will then seem convinced that someone has clearly stolen the victim’s identity, and the only way to fix that problem is to complete a series of actions with their money, like buying gift cards, or letting them connect to the victim’s computer.
These are all variations of what is essentially the same scam.
The scammers want access to the victim’s computer, and in the end, it doesn’t matter how they get there. Whether they can convince the victim they are solving a made-up computer issue, or scaring someone with the theft of their life savings, the end goal is always to steal money from their victims, either by direct theft, or the sale of your stolen data.
Avoiding These Scams
Don’t let strangers connect to your computer.
Even if the person sounds convincing or says they are calling from a company you recognize, never let anyone you don’t know connect to your computer remotely. The only people that should be connecting remotely to your computer or laptop are yourself and people you know.
Don’t entertain unsolicited calls.
It’s okay to hang up the phone. Most large companies will never call customers, certainly not completely unsolicited. If you’re unsure whether or not a call is legitimate, hang up, look up the official number, and ask if the call was legitimate. The odds are it was a scam call, and whatever they may have told you was a lie. The methods people use to contact one another are rapidly changing. Sometimes, it’s best to just not answer the phone if you aren’t expecting a specific call.
Don’t interact with suspicious error messages.
These fake error messages are designed to be terrifying. It may look just like a Windows error message, but say something troubling, like that you’ve got a virus or hacker problem. It could also be loud, flashy, and anxiety-inducing, all meant to scare the victim into calling the number provided, or going to their malicious URLs. Don’t interact with these error messages – end your browser’s process instead.
FEBRUARY 1, 2021
Authored here @ hello internet.