It starts when your phone rings, with the caller ID showing an unfamiliar number. When you answer, the caller (usually, but not always, speaking with a foreign accent) informs you that there’s a serious problem with your computer, and that they’re calling to help you correct it. If you believe anything they say, you’ll end up bitterly regretting having done so. It usually ends with one or more of these sorry outcomes: you lose money, the use of your computer, and/or your data; you become the victim of identity theft; your computer is hijacked into a bot-net (a network of computers used to send spam, distribute malware or commit other crimes). Welcome to the tech support scam, which can ensnare even fairly sophisticated computer users. Read on to learn how the scam works, and what you need to do to avoid becoming a victim.
How the Scam Works
Most tech support scam calls seem to come from India, not because Indians are any more criminally inclined than anyone else, but because of the unique circumstances in that country. India has more English speakers than any other nation except the US. It also has a huge population of highly educated young people, many of whom cannot find jobs commensurate with their education. Each professional level job opening typically attracts hundreds (if not thousands) of applicants. To make matters worse, Indian authorities have been mostly ineffective in shutting down the call centers where most of the scamming takes place. Under those circumstances, some of those job seekers turn to scamming, and spend their work shifts trolling for victims in the US, Canada, the UK, and other English speaking countries.
The scammer will usually begin the conversation by claiming to be calling from Microsoft, or from “Windows” (as if Windows were a company or a service, rather than an operating system). They’ll explain that they’ve detected a problem with your computer, and then spew some techno-babble that supposedly describes the problem. If you’re an IT professional, you’ll quickly see through the mumbo jumbo, but if not it may sound reasonable to you.
In order to make their lies more believable, the scammer may then direct you to look at the Windows Event Viewer and then ask what you see there. When you tell them you see a huge number of entries they’ll cite that as proof that the supposed problem they’re talking about actually exists. In fact, it’s absolutely normal for the Event Viewer to show hundreds or thousands of errors, warnings and other informational entries. In virtually all cases, the presence of those entries is completely benign, but most users don’t know that, and that’s what the scammers are counting on. Just to further prime you for the sting, the caller will then explain that the problems they’ve identified are critical and must be corrected immediately.
If you haven’t yet terminated the call, at this point the scammer will usually request two things: remote access to your computer so they can fix the non-existent problem they’ve identified, and a payment (typically hundreds of dollars) to compensate them for the service they’re supposedly providing to you. For remote access, they’ll direct you to download and run a remote control application. Most such programs are completely legitimate, and are frequently used to provide actual technical support, but in the hands of a scammer they become instruments of crime. For the payment, they’ll offer to conveniently charge your credit or debit card, and will often claim that their fee includes a warranty against further problems for the next year, or even for life.
If you pay their fee, the best case scenario is that you’ve paid a lot of money to fix something that wasn’t broken in the first place. While that’s bad enough, it often gets much worse. Additional unauthorized charges may be made against your credit card or bank account. If you run the remote access application and follow the scammer’s instructions, you will give them complete control of your computer. With that control, they can wreak all sorts of havoc, including downloading your personal files and other data, using your data to commit identity theft, and installing malware on your computer. The malware could be used to send spam, distribute child pornography, mount denial of service attacks against other computers, and commit a host of other crimes. Finally, if you’ve granted them remote access but refuse to pay their fee, some scammers become spiteful and use the remote access to encrypt or delete your files, or even lock you out of your own computer.
How to Protect Yourself
To avoid becoming a victim of tech support scams, follow the recommendations below. And if other household members use the same computer, urge them to do the same.
- If you receive a cold call claiming there’s a problem with your computer, simply hang up (unless you want to bait the scammer and waste their time, thus delaying them from moving on to another potential victim). It’s hard enough to get honest technical support even when you’re actively seeking it – neither Microsoft nor any other legitimate company will call you out of the blue to help you correct problems with your computer.
- NEVER give a caller remote access to your computer. The only exception to this is if the call is from a company you’ve initiated contact with to get technical support, but in that case keep the following items in mind.
- One variation on the tech support scam involves scammers who advertise on the internet (and possibly elsewhere) that they provide support for well known hardware and software brands (such as Microsoft, Dell, HP, Lenovo, etc.). When a customer sees the advertising and calls the toll free number to get support from one of those brands, the scammer simply proceeds to run the same scam as described above. In some cases they will even pretend to be an employee of the brand in question. So the bottom line is that you really need to know who you’re dealing with. Either call a trusted local company, or at least be sure you’re not dealing with an imposter. For example, if you want tech support from Dell, get the phone number from Dell’s own website (dell.com), not some random web advertisement.
- Yet another variation involves a pop-up window on the screen that announces some problem with your computer and directs you to call a phone number for assistance with resolving it. These often appear when you’re browsing the web, and sometimes include loud irritating beeps played through the computer speakers. The pop-up may even prevent you from closing the browser window or switching to a different tab. The whole point is to make it seem like you must call the scammer’s phone number in order to correct the problem and regain control of your computer. Needless to say, don’t do it. Just shut down the browser, or if necessary shut down the computer and restart it, and then continue with whatever you were doing. See Task Manager Is Your Friend – Take a Minute to Get Acquainted and What To Do When Your Computer Freezes for instructions on how to force a program, or the computer itself, to shut down in any circumstances.