With the blogs in this series I want to reach not only my typical audience, security professionals, but especially less security aware people to help them improve their personal security. If you think the content is helpful for people you know, share it with them!
My previous two posts were about ransomware and phishing. These forms of online crime both use deception techniques to convince people to download a malicious attachment or click a phishing link. Very similar techniques are used in different other kinds of online fraud. Today I will cover tech support scams.
What is a tech support scam?
A tech support scam is a fraudulent operation in which the criminals try to convince people that they have serious problems on their computer that put them at risk. The scams can be initiated either by the criminals calling people out of the blue or when people call the numbers that are shown on this kind of pop-ups in the browser.
Regardless of who initiated the call the conversation will most likely follow a script very similar to this:
- The criminals will show you "evidence" of the problems or risks on your computer. Typically they will ask you to open windows event viewer and look to some errors in the event logs. It's perfectly normal that there are error messages in these logs, but a lot of users are not aware of this.
- They will ask you to download software so that they can access your computer to fix these "problems" for you.
- At a certain moment they will ask you to pay an amount of money for fixing your computer or for particular software licenses.
Do watch this video, which nicely explains this process.
How to prevent
If you watched the video, you'll notice that they give a lot of useful tips. I'll recap them here and add some more.
Keep in mind that:
- Companies like Microsoft or Apple won't call or email you out of the blue.
- Pop-up windows in the browser that tell you you're computer are at risk are fake.
Thus:
- Immediately hang up when someone calls you to offer tech support.
- Never call numbers displayed on browser pop-ups.
- If you're in doubt after seeing such a message, contact a trusted computer technician.
- Don't click or close the browser pop-up but instead close the browser window. If the pop-up is blocking, close the browser process via the task manager if you're running windows or via the activity monitor if you're running macOS.
- Never give remote access and control to your computer to someone you don't know.
- Never share passwords or credit card data with someone you don't know.
- Never enter credit card or other banking data when someone is watching along via a remote session.
More info to protect yourself against tech support scams can be found in this article from Microsoft.
What if you became victim of a tech support scam
- Don't be ashamed, report this fraud to the police. It might help them to catch the scammers and maybe you can get your money back.
- If the criminals have taken control over your machine it's recommended to do a clean install of your machine. If they have installed certain tools, removing them might not be enough. In case of doubt contact a trusted computer technician.
- Block your credit card immediately if the criminals saw any of your credit card data.
Conclusion
Microsoft, Apple, Google or any other company won't call you or alert you in the browser that your device is blocked or has viruses. Just hangup the call or close the browser window.
That's everything for today. More awareness stuff tomorrow. In the meantime stay safe online!