Hello and welcome! Today I’m going to write about phone support scams – phone calls from people who pretend to be representatives of big-name firms like Microsoft or Facebook. These calls originate from various countries, including the U.S., and there are things you should be aware of to avoid falling victim to scammers.
There are two main types of scam:
- Paid Technical Support. The caller attempts to persuade you to pay for “technical support” or “malware removal/cleanup” services that you do not need or even buy software that is available elsewhere for free. This type of scam does not necessarily include installing malware on your PC, but it may include installing remote access software for “analyzing and troubleshooting issues” that, according to scammers, your computer might have.
- Unauthorized remote access to your computer. When the caller tries to persuade you to install remote access software and grant them access credentials in an attempt to steal information, such as your credit card data, from your computer.
In this article I will write about the following:
- Who is most vulnerable to phone scams - How the phone support scam works - How to protect yourself from phone scams - How to minimize the consequences of granting a scammer access to your PC - How to report phone scams
Let’s delve deeper into these topics.
Most often, seniors and people who lack of computer knowledge fall prey to phone support scams. They are easily persuaded to either click on a suspicious link or download software they are not familiar with.
Children also fall into this category, especially if they can operate a PC but are too young to understand they are being manipulated.
Tip: if you fall in one of the categories above, ask a person with good computer knowledge (your son, daughter, friend or parents, if you are a kid) before doing anything the caller wants you to do.
If you are computer-literate but you have elderly people and children in your family who could potentially fall victim to phone scams, educate them. Tell them what they should and should not do when they receive such calls.
It is easier to defend against scams if you know how they work. Although scammers never run out of clever ways to deceive people, this sample scam is simple and straightforward.
You receive a phone call from a fake Microsoft (Facebook, Apple etc.) representative. It must be a big name, otherwise even an unsuspecting victim is not likely to trust the caller. Everyone recognizes Microsoft and Facebook, so normally such a call does not arouse suspicion. If you do not question the purpose of the call or who the real company/person behind the call is and agree to listen further, the scammer will continue with the ploy.
The next step for the scammer is to gain remote control over your computer. The software he uses can be perfectly legitimate, such as Remote Utilities or LogMeIn. The trick is that when the software is installed, the person who possesses access credentials (i.e. ID and access password) can gain unrestricted access to your PC from anywhere in the world.
When remote access is granted the “tech support person” connects to your computer. At this stage he will try to persuade you that you have “errors” or “malware” on your computer and urgent cleanup is necessary. This service is paid, of course. There are plenty of ways to scare a computer-illiterate person to death by showing them routine error messages in Windows Event Viewer or “anomalies” in CPU load in the Task Manager.
Anyway, when you are scared enough to finally ask yourself “How do I get rid of all these scary things infesting my computer? Can you help me?” the scammer is ready with a prepared answer. Sighing, you take out your wallet, and the scammer’s goal is achieved.
A variation of this scam is when the scammer, once gaining remote access to your PC, deliberately installs malware or keylogger software to steal information from your PC.
Tip: Never install remote access software when a stranger asks you to. Even when you receive legitimate remote support from a known company, always familiarize yourself with the software to be used. Some remote access programs, including Remote Utilities, have powerful settings that allow the PC owner to actually control the remote session or limit the scope of the software and close it if they see any signs of abuse.
As Microsoft clearly pointed out, they never make unsolicited phone calls offering technical support or ask you for payment for “computer fixing” services.
There are simple yet effective rules you need to follow to avoid being scammed:
- Never give your credit card data, SSN or any other personal information to a stranger regardless of whether it’s a phone call or a face-to-face meeting. You must always know who is requesting information.
- Never click on links in e-mail messages if you are not sure who sent the message. Even if the message is from someone you know, the ‘From’ address can still be forged or that person’s account can be hacked. So do not click on suspicious links.
- Never take out your wallet unless you are absolutely sure you have to. This is a valuable piece of advice not just for phone scams, but for life in general. Impulse buying is evil. Think, then pay, in that order.
- Keep your antivirus software up-to-date and set it to actively scan your e-mail messages. Many modern AV software packages have a “mail scan” feature.
- Educate your family members and friends, especially if they are easily persuaded or have little computer knowledge. Remember that scammers can be very resourceful when it comes to targeting unsuspecting victims.
- Use parental control and restricted Windows accounts on your PC if it is shared with your kids or elderly family members. Parental control and restricted user accounts allow you to limit what the user can do on the PC, e.g. installing software or changing security settings.
So what do you do if you unknowingly granted a scammer access to your computer?
- Terminate the remote session. The simplest way to do this is to physically disconnect the computer from the Internet by pulling out your LAN cable (or disabling your Wi-Fi connection)
- Find more information about the software being installed. Once you know which remote software is installed, follow the manufacturer’s instructions on how to uninstall it.
- Run a full antivirus scan on your computer.
- Change your passwords, especially critical ones, like your Windows password, your mail account and financial services/banks.
Here are some links to authorities where you can report phone scams in various countries:
We hope that the advice in this article will help you protect you and your family against phone scams.