Technical support scams – Avoiding
Cybercriminals don’t just send fraudulent email messages. They might call you on the telephone and claim to be from Microsoft. They might also setup websites with persistent pop-ups displaying fake warning messages and a phone number to call and get the “issue” fixed. They might offer to help solve your computer problems or sell you a software license. Once they have access to your computer, they can do the following:
- Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.
- Convince you to visit legitimate websites (like www.ammyy.com) to download software that will allow them to take control of your computer remotely and adjust settings to leave your computer vulnerable.
- Request credit card information so they can bill you for phony services.
- Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.
“Remember, Microsoft will never proactively reach out to you to provide unsolicited PC or technical support.
Any communication we have with you must be initiated by you.”
Below is more information on what to look out for with telephone and web pop-up scams and how to report them:
Telephone tech support scams: What you need to know
Cybercriminals often use publicly available phone directories, so they might know your name and other personal information when they call you. They might even guess what operating system you’re using.
Once they’ve gained your trust, they might ask for your user name and password or ask you to go to a legitimate website (such as www.ammyy.com) to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information are vulnerable.
Do not trust unsolicited calls. Do not provide any personal information.
Another well-known trick is the website pop-up, that little browser window that sometimes appears while you’re searching the Web. Cybercriminals set up websites with scam pop-ups with messages and phone numbers. These pop-ups usually are not easy to close.
While some pop-ups are useful and important, others are traps that attempt to mislead you into revealing sensitive personal or financial information, paying for fake anti-virus software, or even installing malware and viruses onto your device.
Do not call the number in the pop-up. Microsoft’s error and warning messages never include a phone number.
Here are some of the organizations that cybercriminals claim to be from:
- Windows Helpdesk
- Windows Service Center
- Microsoft Tech Support
- Microsoft Support
- Windows Technical Department Support Group
- Microsoft Research and Development Team (Microsoft R & D Team)
How to report tech support scams
Whenever you receive a phone call or see a pop-up window on your PC and feel uncertain whether it is from someone at Microsoft, don’t take the risk. Reach out directly to one of our technical support experts dedicated to helping you at the Microsoft Answer Desk.
How to protect yourself from tech support scams
If someone claiming to be from Microsoft tech support contacts you:
- Do not purchase any software or services.
- Ask if there is a fee or subscription associated with the “service.” If there is, hang up.
- Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.
- Take the person’s information down and immediately report it to your local authorities.
- Never provide your credit card or financial information to someone claiming to be from Microsoft tech support.
What to do if you already gave information to a tech support person
If you think that you might have downloaded malware from a tech support scam website or allowed a cybercriminal to access your computer, take these steps:
- Change your computer’s password, change the password on your main email account, and change the password for any financial accounts, especially your bank and credit card.
- Scan your computer with the Microsoft Safety Scanner to find out if you have malware installed on your computer.
- If you are using an old version of Windows (Windows 7, Vista or XP), Install Microsoft Security Essentials. (Microsoft Security Essentials is a free program. If someone calls you to install this product and then charge you for it, this is also a scam.)
- Note: In Windows 8, Windows Defender replaces Microsoft Security Essentials. Windows Defender runs in the background and notifies you when you need to take specific action. However, you can use it anytime to scan for malware if your computer isn’t working properly or you clicked a suspicious link online or in an email message.
- Learn more about Windows Defender
Microsoft does not make unsolicited phone calls to help you fix your computer.
In this scam cybercriminals call you and claim to be from Microsoft Tech Support. They offer to help solve your computer problems. Once the crooks have gained your trust, they attempt to steal from you and damage your computer with malicious software including viruses and spyware.
- Although law enforcement can trace phone numbers, perpetrators often use pay phones, disposable cellular phones, or stolen cellular phone numbers. It’s better to avoid being conned rather than try to repair the damage afterwards.
- Treat all unsolicited phone calls with skepticism. Do not provide any personal information.
- If you receive an unsolicited call from someone claiming to be from Microsoft Tech Support, hang up.
- We do not make these kinds of calls.
How to Spot a Tech Support Scam
“Hello, I am from Windows. Your computer is sending us errors”
You’ve just become a target and potential victim of a PC Support Scam. This scam is known by many names, It’s been called the Fake Tech Support Call Scam, The Event Viewer Scam, The Ammyy Scam, and The TeamViewer Scam (the last two names denote the name of the legitimate remote connection tool used by the scammers to connect to and take control over your computer).
This scam is global and has likely bilked millions of dollars out of victims worldwide. The scam has been around for several years and doesn’t appear to be losing any steam. If anything it seems to be becoming more prevalent, with new variants cropping up every day,
How Can You Spot a PC Support Scam Attempt?
Here Are Some Clues to Help You:
THEY called YOU
This is the biggest tip-off of the scam. Microsoft, Dell, or any other major company’s tech support organization is not likely going to waste their resources to call you. If you have tech support problems, they know that you will call them. They are not going to go looking for trouble. The scammers will tell you that they are doing this is a “public service”. Don’t buy into this, it’s complete BS.
The Caller ID Says MICROSOFT, TECH SUPPORT,
or Something Similar and Appears to Originate From a Legitimate Number
This is another key part of the scam.
What’s the first thing you check when the phone rings? The caller ID information, of course. This information is what helps the scammer establish legitimacy. Your brain tells you that the caller ID info validates the claims of the caller so they must be for real, right? WRONG. The scammers are trying to build a pretext for their scam.
If someone was trying to scam you in person, they would wear a tech support badge. Spoofed caller ID information is just like putting on a fake badge, it looks legit, so many people believe it. Spoofing Caller ID info is extremely easy via Voice Over IP technology, Check out our article on Caller ID Spoofing for full details on how the process works.
They Have a Thick Foreign Accent
But Use a Name That is Usually of Western Origin
This is one of the funniest parts of the scam for me. The scammer will usually have an extremely thick foreign accent, but will claim that their name is something decidedly western such as “Brad”. If I tell them that they don’t sound like a “Brad” then they will usually counter with something like “my name is so hard to pronounce that I use Brad instead to make things easier for people”. Yeah, I’m sure that’s the reason.
They Claim That Your Computer is “Sending Off Errors”, “Sending Out SPAM”,
“Infected with a New Virus that is Undetectable by Current Scanners”, or something else similar
Nobody wants to cause problems for others or get in trouble for having a computer that is doing bad things, and no one wants a virus. This part of the scam scares the user into wanting to have the scammer take action.
Their purpose is to create fear in your mind that your computer is infected and is trying to do bad things to other computers.
They Ask You to Open The Windows Event Log Viewer
to “Show You The Problem”
The scammers want you to think that they are knowledgeable and that there is a problem by ‘showing you’ that your system has ‘Errors’. They do this by having you open the Windows Event Log Viewer so that they can attempt to prove their case,
News flash: there is almost always going to be some kind of minor error or warning in the event log viewer, This doesn’t mean that your system is having any real problems or is infected by anything.
They may ask you to perform some other steps as detailed in this article from Malwarebytes Unpacked.
They Ask You to go to a Website and Install a Tool
so That They Can Remotely Connect to Your Computer to ‘Fix’ The problem.
This is the part where the scam gets dangerous. The scammers want to take control of your computer, but not for the purpose of fixing it as they claim. The scammers want to infect your computer with malware, rootkits, keyloggers, etc. In order for them to do so, they need a way in.
There are several free remote connection software packages that are completely legitimate tools designed for remote tech support. Some of the more popular ones used by the scammers include Ammyy, TeamViewer, LogMeIn Rescue, and GoToMyPC, The scammers will ask you to install one of these tools and provide them with an ID number, or some other credential generated by the remote connection tool, They will then use this information to gain access to your computer., At this point your computer has been compromised. Check out the following articles if you’re computer has already been compromised
The quickest way to get these idiots off the phone is to tell them that you don’t have a computer at all.
As with any scam, there will be new variants as the scam is refined, so be on the lookout for new tactics, but the basic clues above will probably remain unchanged.
Thanks Microsoft, LifeWire and for reading Tech Support Scams
Help Support Our Work