Cybersecurity Tips Newsletter
September 16, 2024

Turn it Off and On Again: Avoiding Fake Tech Support Cybercrime

Turn it Off and On Again: Avoiding Fake Tech Support Cybercrime

Users should be aware of a variety of ongoing scams as they navigate the internet. One particularly pervasive threat is the fake tech support scam, where cybercriminals exploit individuals’ limited IT knowledge to pose as tech support professionals to steal personal information or money.

“Tech support” refers to services provided to assist users in managing and troubleshooting their computers, mobile devices and software. These services can range from resolving hardware issues to addressing software glitches and guiding users through complex technical processes. Legitimate tech support is provided by reputable companies or certified professionals via direct communication channels such as phone, email or online chat.

Tech support scammers masquerade as legitimate IT professionals and convince users to pay for unnecessary services to repair a nonexistent problem. They may try to enroll a victim in a useless computer maintenance or warranty program, possibly directing them to a realistic website where the user enters credit or debit card information. Scammers may also request payment by way of wire transfer, gift cards, prepaid cards, cryptocurrency or a money transfer app; these payment types are difficult to reverse or trace, and a legitimate company would never require such types of payment.

Tech support scams were one of the top five scams reported to the FBI last year. There were 37,560 complaints, resulting in losses of nearly $1 billion, and nearly half the victims were over 60, according to the FBI’s Internet Crime Complaint Center 2023 report.

Tech support scammers use an array of convincing tactics to trick users. By learning the warning signs, you can protect yourself.

Pop-Up Alerts Scam

One of the most common tech support scams involves pop-up alerts that may look like an error message, claiming your computer is infected with malware or has critical issues that require immediate attention. These alerts often appear as full-screen messages that mimic the look and feel of genuine system warnings. Scammers may direct users to call a provided phone number for support or instruct you to download software to fix the supposed problem.

Avoid interacting with pop-up alerts that claim to be from tech support. Never call a phone number provided on one of these pop-up alerts. Instead, close the browser window or restart your computer to eliminate the pop-up. Ensure that your system has up-to-date antivirus software and consider using reputable ad blocking software to reduce the risk of encountering such scams.

Fake Tech Support Calls

Another widespread tech support scam involves unsolicited phone calls from individuals claiming to be tech support representatives. These cybercriminals often say that they have detected an issue with your device or network and need remote access to fix it. They might use high-pressure tactics to convince you to grant remote access or make payments for unnecessary services.

Reputable companies will never contact you without prior authorization. If you receive such a call, hang up. If they claim to be from a reputable company, contact the company directly using official contact information you find on their website.

Fake Tech Support Websites

Tech support scammers may also create fake websites that mimic those of legitimate tech support companies. These sites often offer free diagnostic services or claim to be affiliated with well-known tech brands. You may find them via online ads or listings in online search results. Once on the site, users may be prompted to download malicious software or enter personal information.

Always verify the URL of a tech support website and ensure it matches the official site of a reputable company. Look for signs of authenticity, such as the URL beginning with HTTPS and contact information that matches the company's verified details. Be wary of offers that seem too good to be true, such as free extensive diagnostics or services.

What to Do If You Are a Victim

If you fall victim to this attack, or any attack by a cybercriminal, do not feel embarrassed or ashamed! These criminals spend their professional lives honing their skills to trick people – it is their day-to-day job. By not reporting an attack because of shame, you are helping them access additional victims.

If you have given remote access to a scammer, immediately disconnect from the internet and run a thorough security scan. Change all passwords (make sure they are long and hard to guess) and monitor your accounts for suspicious activity. Report the incident to your local authorities and the Federal Trade Commission (FTC) to help prevent further fraud. In addition, notify the legitimate tech company that was impersonated to help them address the scam.

Legitimate Technical Support

If you need help fixing an actual problem with your device, work with a company or organization you know and trust. Ask colleagues or friends for recommendations. Many software companies offer support via online chat or a phone number. Your local store that sells computers typically offers in-person tech support, as well.

Tech support scams continue to evolve, exploiting a lack of deep technical knowledge and leveraging the inherent trust we place in technological experts. By understanding the nature of these scams and implementing preventive measures, you can significantly reduce the risk of falling victim to cyber fraud.

Additional Resources

FTC: How To Spot, Avoid, and Report Tech Support Scams 

Consumer Financial Protection Bureau: What you should know about tech support scams 

AARP: Tech Support Scams Are Rampant in 2024

NYS Attorney General: File a complaint

NYS Department of Taxation and Finance: Report fraud, scams, and identity theft

Better Business Bureau: File a Complaint

 

Cyber Habit of the Month

Enable automatic updates on any software or apps that have this option. Automatic updates can give you peace of mind, knowing that your devices are protected with the latest “fixes” or patches in the software you use. Cybercriminals access many devices through vulnerabilities in software; think of it as an unlocked back door in your home. Automatic updates pushed to your device “lock the door” and help keep the bad guys out.