They give your computer a problem and then say they can fix it. All you need to do is give them your authentication credentials and a credit card number…. Then, as soon as you hand over this critical information, they disappear, snatching every dollar and social security number they can.
These tech support phone scams are taking too many victims unawares and costing our economy dearly. In April, we reported that the face of cybercrime has changed drastically. Not only are there teams of cybercriminals, organized into departments and business units, they often work nine-to-five “jobs.” Their offices can look by all outward appearances like a normal business.
Tech support phone scams are one example of just how realistic these scams can seem, while countless victims lose money, identities, and more.
“Tech scamming is at minimum a $6.35 billion industry….”
Security research team from SUNY Stony Brook analyzed tech scammers in an exhaustive study. What they found is shocking, impressive, and scary.
The team discovered 22,000 tech support scam pages hosted at 8,700 domains, raking in approximately $17.4 million per day…. Keep in mind that this figure is only based on the domains discovered by the team, leaving countless others undiscovered and leeching value from the economy. It is anybody’s guess what the full value of this market is; however, based on known data, tech scamming is at minimum a $6.35 billion industry, most likely as large as Major League Baseball by now ($10 billion).
The industry manages to operate at this size while undergoing rapid changes in order to avoid authorities. Whereas Major League Baseball operates out in the open, with established stadiums and fans across the United States, tech scamming domains are completely unknown. No one calls them on purpose. More impressively (or scarily) almost three out of every four domains is operational for less than three days. Imagine how much money MLB would lose if they had to change domains and addresses every three days.
For as large as the tech support scamming cybercrime industry is, it is remarkably agile.
What Can Businesses and Consumers Do to Stop Feeding the Tech Support Scam Market?
Victims need to learn to spot online virus infection warnings as fraud, long before they pick up the phone for a fake help-desk support agent.
Know your tech support scam types
Scammers ultimately rely on getting a person on the phone and persuading the victim to hand over sensitive information, install malware, and pay money for “services rendered.” However, there are multiple pathways these scams will take. Knowing the most common types is the best way to prevent tech scamming fraud in your office.
The scammer calls the office directly, usually pretending to be a support team member for an established company, usually Microsoft. The most successful scammers will look up publicly available information about you, so that when they call, they can gain trust by calling you by name immediately.
After they gain your trust, they might request username/password credentials, or to install software that will enable them to fix your computer.
This scam is easily defeated. If anyone calls you claiming to be Microsoft Support, hang up immediately. Microsoft has stated clearly that they never make these kind of calls.
Web scams can be slightly more difficult to spot because they use your own computer to convince you to call their fraudulent support number. By redirecting you to fake websites, by installing malware to your computer, or through malicious ads, the attack will fake an error to make you believe your computer needs to be fixed. These type of infections can also trick your computer into performing tasks like:
- Disabling Task Manager
- Displaying multiple pop-up windows automatically
- Play audio messages warning you of infection
- Turn your browser to full-screen mode, showing the error message across the entire screen
These various attack vectors all aim to convince you that your computer needs to be fixed, and they all present the number of their “support center” for you to call immediately.
Real error messages on both Windows and Apple Operating Systems do not request you to call tech support.
If you are a Platte client, and you receive an error message like this, you are always safe if you call us at (303) 255-1941. Please call us and let us know the phone number of the tech support scammer, as authorities can use the phone numbers to limit nefarious activity.
Make sure all employees are aware of this threat. Pass this article along to the entire office, so that your business stays safe.