Support Scams – Largest Fraud in US

Support Scams – Largest Fraud in US

On October 21st, the US Senate Special Committee on Aging took up the issue of Tech Support Scams. The link below provides a full transcript of the hearing – along with video.

http://www.aging.senate.gov/hearings/virtual-victims-when-computer-tech-support-becomes-a-scam

Among those testifying was David Finn, associate general counsel and executive director of the Digital Crimes Unit at Microsoft. Finn offered the following facts as part of his testimony:

Tech support scams are perhaps the single largest consumer fraud perpetrated in America today, victimizing an estimated 3.3 million people each year — many of them senior citizens — at an annual cost of $1.5 billion. This translates to a victim nearly every 10 seconds, with an average loss of $454 per consumer.

Since May 2014, Microsoft alone has received over 180,000 complaints about tech scams — and we know these are merely the tip of the iceberg. Consumers are also being victimized and many of these victims are not even aware that they have been scammed.

msft_target

msft_impact


U.S. Senator Susan Collins

U.S. Senator Joe Donnelly in a Senate Special Committee on Aging Hearing questioned testifying witnesses about computer tech scams and what can be done to prevent these scams

Don’t Be a Support Scam Victim

Computer users from around the world are being targeted by 3 types of technical support related scams: 1)Phone calls from companies claiming to be associated with well known software vendors – offering assistance with a problem with your PC 2)Deceptive advertisements for technical support for a particular software product placed on search engines like Google and Bing and 3)Browser Hijacking – that promotes phone based technical support.

Phone Support Scams

Direct Calls Offering Support

ALERT: We have recently received reports of Tech Support scam phone calls being made by persons claiming to represent PC Matic. PC Matic has NO relationship with these parties and does NOT solicit consumers or businesses over the phone. We are actively investigating this issue and will continue to provide information about the warning signs of these scams.
If you need assistance with PC Matic – our support team is available 7 days a week via pcmatic.com/help.

PC ‘Tech Support’ Cold-Call Scam Resources
http://avien.net/blog/pc-support-scam-resources/

Browser Hijacks – Promoting Tech Support Phone Numbers

As you browse the internet are you seeing endless pop-ups with offers of 800 numbers for technical support and more?

Your browser may have been hijacked.

Sophisticated malware now has the ability to recognize the type of page you are visiting, hijack your browser and serve you related pop-up ads.

Pop-ups like the one pictured below (being served to a visitor to pcpitstop.com) are most likely associated with a browser hijack/malware infection.

hijack1

The pop-ups are in NO way associated with PC Matic or PC Pitstop.

Search Engine Support Scams

WARNING: It has come to our attention that companies are deceptively promoting PC Matic “Support” via Google & Bing ads (like the one below). The company behind the majority of these ads -iYogi – is in NO way associated with PC Matic or PC Pitstop and is exploiting ‘loopholes’ in search engine advertising policy.

iyogi5


Consumers who respond to these ads are charged a minimum of $149.99 – for answers otherwise available for free in basic online documentation or via official PC Matic support.

PC Pitstop has repeatedly petitioned Google and Microsoft to have these ads removed.

Great advice from our good friend Leo Notenboom:

Avoiding the scam

Classic scam-avoidance 101: never completely trust someone who you don’t know who calls you.
Listen to them, if you like. Ask questions, if you feel so motivated, but never ever give them access to your PC and never ever give them your payment information.
Let them know that you’ll have your local tech look into it (even if you don’t have one).
Once it becomes clear that you’re not going to fall for the trap, it’s very likely that you’ll get hung up on, or that the caller may even become abusive. At that point, you can hang up on them.
If you’re concerned that there is a real problem, do the research yourself, or contact the technical resources that you trust and ask them about it.
Chances are there’s nothing to see here.

Recovering from the scam

If you handed over payment information, you’ve just given that information to a complete stranger. Immediately contact your credit card issuer or other payment provider and put them on fraud alert.
If you allowed the scammer access to your machine … well, things get ugly.
The short answer is that you have no idea what they did. If you saw them install software in the guise of tools to help repair your system, it’s very possible that software’s really a bundle of malware that’s now residing on your machine.
Even if you didn’t see them download something, they still could have placed malware on your machine.
You just don’t know.
And there’s no way to prove that they didn’t.
There are two approaches at this point:
Assume the worst. Revert to a system image backup taken before the access was granted. If you don’t have such a backup, then backup your data, reformat, and reinstall Windows. This is the only way to know that whatever the scammer might have left on your machine is truly gone.
Hope for the best. Run up-to-date anti-virus and anti-spyware tools, making sure that each is running with an up-to-date database. I’d be tempted to scan with an additional tool or two; I would specifically recommend a scan with MalwareBytes Anti-Malware, which seems to catch a lot of the more aggressive malware. I’d be tempted also to try the process outlined here, as well as Windows Defender Offline. And then I’d hope that whatever may have been left was caught.

It’s a scam

This appears to be a common scam right now and the best defense, as you can guess, is to not fall for it in the first place.
If you do, then the next best thing is to make sure that you have regular system backups that you can revert to.
And if you walk away remembering just one thing, remember this:
They won’t call you.
If “they” do, be very, very suspicious.
Read more from Leo here

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles