The Anatomy of Tech-Support Scams

 
 
By Karen A. Frenkel  |  Posted 04-22-2016 Email
 
 
 
 
 
 
 
 
 
  • Previous
    The Anatomy of Tech-Support Scams
    Next

    The Anatomy of Tech-Support Scams

    A cyber-security expert details the anatomy of tech support scams and provides suggestions for how to avoid them—and what to do if scammed.
  • Previous
    The Hooks
    Next

    The Hooks

    Fake tech support scammers use mainly two methods that do not resemble ransomware to entice users to call them: Web browser pop-ups and disruptive applications.
  • Previous
    Browser Pop-Ups
    Next

    Browser Pop-Ups

    Browser pop-ups are the most common hooks because they are easy to deploy. Many surface when a user mistypes the name of a Website. The user may close the pop-up, but it is scripted to re-open.
  • Previous
    Browser Pop-ups Solution
    Next

    Browser Pop-ups Solution

    To get rid of a scam browser pop-up, open the task manager (using Ctrl+alt delete, or typing taskmgr) and close the browser.
  • Previous
    Programs
    Next

    Programs

    Programs are harder for scammers to deploy because they must be downloaded and executed, but they are harder to close because some try to disable the task manager and block input.
  • Previous
    Small Pop-up Programs Solution
    Next

    Small Pop-up Programs Solution

    For small pop-up windows, open the task manager and find the offending program, which usually stands out. To remove full-screen windows, retrieve the password by calling the scam phone number. Restarting may get rid of the full-screen pop-up, but some install themselves to start up, so boot into safe mode and remove the program.
  • Previous
    The Diagnosis
    Next

    The Diagnosis

    When you call a scam number, scammers: Ask what the error is on your screen, Describe one of several problems your computer allegedly has, Give you a password to close the full-screen window, if one exists.
  • Previous
    The Diagnosis Continued
    Next

    The Diagnosis Continued

    Next they ask you to download and install Teamviewer, an app for remote control/access software, and give them the connection information. (Teamviewer has added a pop-up warning to users about scams.) They instruct you to allow the connection and may switch to another remote support application.
  • Previous
    Showing ‘Viruses’
    Next

    Showing ‘Viruses’

    The scammer will use one of several different windows to show viruses or other issues. An easy method is to open Windows Event Viewer and show critical events, like unexpected power loss or task scheduler issues, but they will not alert you to malware.
  • Previous
    The ‘Fix’: Claiming Windows Is Not Activated
    Next

    The ‘Fix’: Claiming Windows Is Not Activated

    Windows 7's Support Ended in January 2015. Scammers use a sham demonstration to scare users into needlessly purchasing a new, fake Windows key.
  • Previous
    The ‘Fix’: Removing Viruses
    Next

    The ‘Fix’: Removing Viruses

    Scammers offer free antivirus software, or install it using an illegal key. Sometimes they try to add legitimacy and magic with command prompt windows and scrolling text. These fake windows are very low effort and typically consist of contents on the hard drive. Window listing files hog hard drive time and substantially slow program installation.
  • Previous
    Payment
    Next

    Payment

    Most scammers require payment before the "repair." Those that offer repair first and pay later threaten to "take legal action" if the caller does not pay. Some scams use the reputable squareup.com to collect payments.
  • Previous
    Holding Hostage
    Next

    Holding Hostage

    If the scammers "repair" your computer before demanding payment, they password-protect the Teamviewer settings, to keep control of your computer, so you will not be able to easily disable it from running during startup. SOLUTION: disconnect the computer from the Internet and uninstall Teamviewer. If that doesn't work, disable the Teamviewer service and end its processes. Afterwards, uninstall Teamviewer.
 

As IT leaders, educating non-tech employees on the dangerous scams out there (and how to avoid them) can be a time-consuming endeavor, but it's one of the most important tasks tech leaders must take on. Cyber-criminals show no mercy when it comes to naive end users, demonstrated by the latest scam: fake tech support. Scammers who pose as a company's tech support team are on the rise. They've imitated tech support at Dell, Microsoft, Apple and Google. In 2015, the FTC shut down those tech support scammers but said they had duped consumers for $17 million. Since May 2014, Microsoft has received more than 180,000 complaints about tech scams. Dodi Glenn, vice president of Cybersecurity at antivirus/malware security firm PC Pitstop said, "Tech support scams are not new and have ballooned into the largest type of fraud in the United States. This raises concern as to how these scammers obtain knowledge of each customer's technical support incidents, and, of course, that they have this personal information in the first place." According to David Finn, associate general counsel and executive director of the Digital Crimes Unit at Microsoft, "Tech support scams victimize an estimated 3.3 million people each year—many of them senior citizens—at an annual cost of $1.5 billion. This translates to a victim nearly every 10 seconds, with an average loss of $454 per consumer." Glenn describes typical scams and how IT leaders can help users avoid them.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...