Last Updated on April 18, 2021 by Calvin C.
The internet has miscreants whose goal is to gain something out of the data breaches they execute. Amongst these cybercriminals, there is a heartless group called tech support scammers.
These scammers masquerade as genuine employees from popular companies like Microsoft, Amazon, Google to name a few.
Background of tech support scams
Tech support scams target vulnerable groups of the society, mainly the elderly.
Fortunately, there are individuals like Jim Browning, who are doing immense work in combating tech support scammers.
Jim Browning is a leading expert in exposing scam call centers and also alerts victims before they fall for the scams. The majority of these centers are in India and teams of scammers work full-time hunting for their next victims.
All the scams follow a similar script, which I will describe later and the goal is to steal money from the victim.
I was shocked at the amounts these scammers demand for “services rendered”, with some figures in excess of US$500.
The main tool that enables these attacks to be successful is a remote access software.
This software gives the scammers full access to the victim’s computer and the ability to extract any information that they need remotely.
How the attack works
Tech support scams come in many forms, but let’s look at pop-up scams.
This attack starts off as a pop up message that appears on the victim’s computer screen while they are browsing the net.
The message is usually a warning, either indicating that the computer has been infected by a virus, or it has been locked.
In some cases, a brief description of the virus or fault is given in order to instill fear in the victim.
A toll-free phone number is also displayed so that the victim can call tech support and usually it’s “Microsoft tech support” in the case of Windows PC.
For someone who is not familiar with this kind of scam, the next logical step is to call the number and seek assistance.
Unfortunately, on the other end of the call, a scammer pulls out a playbook to set the scam in motion.
Countries that are targeted in most cases are the USA, UK and Australia, so to put the victim at ease, the scammers ditch their native names for English names like Oliver.
- In all types of tech support scams, the scammer requests for remote access to the victims computer and this is the backbone of the attack.
During the call, the scammers distract the victim with compliments, technical jargon or other mumbo jumbo while they go through computer files in the background.
How do the get the money?
Payment for fixing the computer
In a straightforward scam, the scammer pretends to fix the victim’s computer by running a scan, uninstalling programs and installing software.
All this is done on a computer that has no problems at all and in most cases the computer is left in a worse state because malware can be installed to leave a door open for future attacks.
I noticed that they demand payment upfront before any work is done by a technician (who is obviously an accomplice in the call center)
The fee is a one-time exorbitant fee and in one instance, the scammer demanded at least 1000 pounds from a UK citizen and it made my blood boil.
Payment is usually done with gift cards because they can easily be redeemed online for cash.
If scammers want to hit the victim hard, they use this method and the victim ends up sending thousands of dollars to these bad guys.
The attack begins like any usual pop-up scam, but in this case instead of paying a fee for a problem to be fixed, the victim is told there is a refund.
As I highlighted previously, the scammer requests for remote access to the victim’s computer.
They then ask the victim to log in to their online bank so that the refund can be processed, and it’s usually an amount that is hard to refuse, like US$250.
All this time they can see what the victim is doing, including the amounts in the savings account and checking account.
Since the scammers have remote access, they can move funds from one account to the other and this is exactly what they do so that the victim thinks a refund has been paid.
To avoid suspicion, the victim’s screen is frozen remotely or blacked out temporarily and they are told not touch the mouse.
In the background, the scammer simply moves funds around in the victim’s account, takes a screenshot and adds a ridiculous figure that they know equates to the amount in the saving’s account.
The edited screenshot is what is displayed to the victim and the scammer tells the victim that they have sent excess funds by mistake and need the balance back.
Some even dramatize the process over the phone, telling the victim they will lose their job if the money is no sent back.
Since the most targeted group consists of the elderly, they give in more easily to the scammer’s request but what ends up happening is that the victim sends funds from their own savings account.
No real refund takes place and for the scammer, it’s another good day in office.
How to prevent tech support scams
There is need for strong cybersecurity laws in countries where these scammers operate and harsh penalties should be handed down to any perpetrators.
At individual level, it is important to make sure there is always a high index of suspicion for any requests that land in emails and pop ups.
When there is a warning message on your computer, visit the genuine website of the manufacturer and use contacts that are on that website.
Avoid opening suspicious links as they may contain malware that increases vulnerability to security breaches.
Another way that I recommend is to browse the internet privately and anonymously by using a VPN.
- Hide your traffic and change your IP address with NordVPN:
There is a rise of scambaiters on YouTube who disrupt the operations of scammers by hacking their systems and deleting records of victims or software used to carry out various scams.
If the media gives more attention to these tech support scams, companies whose resources are used by scammers are pressured to take measures so that less damage is done to the society.
One of the popular remote access software companies, Teamviwer, has a section on their website where they wrote:
“At TeamViewer, we want to help you to be prepared for any potential scam attacks.
We can’t guarantee that a scam won’t happen, and TeamViewer isn’t liable for any scams that occur through third parties, but we think it is important to raise awareness of this topic and to provide information that helps each other.
Let’s work together to make everyone more secure.”
You can also raise awareness by sharing this post on social media. Ruthless scammers are preying on helpless individuals and it is our duty to protect these victims. Leave a comment below and support us so that this fight gains momentum.