Technical support scam

A technical support scam (often abbreviated tech support scam) refers to class of telephone fraud activities, in which a scammer claims to offer a legitimate technical support service, often via cold calls to unsuspecting users. Such cold calls are mostly targeted at Microsoft Windows users, with the caller often claiming to represent a Microsoft technical support department.

In English-speaking countries such as the United States, United Kingdom, and Australia, such cold call scams have occurred as early as 2008 and primarily originate from call centers in India.

The scammer will typically attempt to get the victim to allow remote access to their computer, following remote access is gained, the scammer relies on confidence tricks typically involving utilities built into Windows and other software in order to gain the victim's trust to pay for the supposed "support" services, when the scammer actually steals information from the victim's credit card account.

Operation

Technical support scams typically rely on social engineering. Scammers use a variety of confidence tricks to get the victim to install remote desktop software, with which they take control of the victim's computer, and then use various Windows components and utilities (such as the Event Viewer), third-party utilities (such as rogue security software), and other tasks to make the victim believe that the computer has issues that need to be fixed, before proceeding for the victim to pay for "support".[1][2]

Initiation

Technical support scams can begin in a variety of different ways.[2][3] It most commonly begins with a cold call, usually claiming to be associated with a legitimate-sounding third-party, with a name like "Microsoft" or "Windows Technical Support",[4] or via advertising on popular search engines such as Bing or Google, cybersquatting keywords related to commercial products and services that an unsuspecting user may search for (such as "Microsoft live chat", "Facebook support", or "Outlook login help"), and leading to web pages containing a number to be called.[5][6] Some scams have been initiated via pop-up ads on infected websites instructing the potential victim to call a number. These pop-ups often resemble error messages such as the Blue Screen of Death.[7][8]

Remote access

The scammer instructs the victim to download and install a remote access program, such as TeamViewer, LogMeIn, etc., and provide them with the details required to remote-control their computer using that program.[1]

Confidence tricks

After gaining access, the scammer attempts to convince the victim that their computer is suffering from problems that must be repaired. A number of common methods are used during many technical support scams—most of which involve misrepresenting the content and output of various Windows tools and system directories as evidence of malicious activity, such as viruses and other malware.

Objectives

These tricks are meant to target victims who may be unfamiliar with the actual uses of these tools, such as inexperienced users and senior citizens—especially when the scam is initiated by a cold call.[1][4][15] They then coax the victim into paying for their services or software which they claim is designed to "repair" their computer, which actually is malware that infects it or software that causes other damage.[16] The scammers in turn, gain access to the victim's credit card information, which can be used to make additional fraudulent charges. Afterwards, the scammer may also claim that the victim is eligible for a refund, and request the user's bank account information—which is instead used to steal more money from the victim, rather than providing the promised refund.[2][3][4][9][17][18]

In an investigation conducted by Symantec employee Orla Cox, it was revealed that after Cox paid for the fee for the scammer to remove the nonexistent "malware" infections, the scammers would then merely clear the log in the Event Viewer and disable Windows' event logging feature. This merely means that errors would no longer appear in the Event Viewer, i.e. had malware actually existed on Cox's computer, it would remain intact.[19]

Unethical and fake "support" companies

The great majority of the complaints and discussion about "companies" that cold-call and offer "technical support"[20] report them as being not merely incompetent or ineffective, but actively dishonest, doggedly trying to convince the victim of non-existent problems by trickery, and when possible damaging a computer they gain access to.[2][21][22] Computer support companies advertise on search engines like Google and Bing,[20][23] but some are heavily criticised, sometimes for practices similar to the cold callers. One example is the India-based company iYogi, which has been reported by InfoWorld to use scare tactics and install undesirable software.[24][25] In December 2015, the state of Washington sued iYogi's US operations for scamming consumers and making false claims in order to scare the users into buying their diagnostic software.[26] iYogi, which was required to respond formally by the end of March 2016,[27] said before its response that the lawsuit filed was without merit.[28] In September 2011, Microsoft dropped Comantra, a Gold Partner, from their Microsoft Partner Network because of accusations of being involved in cold-call technical support scams.[29]

In December 2014, Microsoft filed a lawsuit against a California-based company operating such scams for "misusing Microsoft's name and trademarks" and "creating security issues for victims by gaining access to their computers and installing malicious software, including a password grabber that could provide access to personal and financial information."[30] In an effort to protect consumers, Microsoft-owned advertising network Bing Ads (which services ad sales on Bing and Yahoo! Search engines)[31][32] amended its terms of service in May 2016 to prohibit the advertising of third-party technical support services or ads claiming to "provide a service that can only be provided by the actual owner of the products or service advertised".[5][33]

See also

References

  1. 1 2 3 Arthur, Charles (18 July 2012). "Virus phone scam being run from call centres in India". Guardian. Retrieved 31 March 2014.
  2. 1 2 3 4 5 6 Segura, Jérôme. "Tech Support Scams - Help & Resource Page | Malwarebytes Unpacked". Malwarebytes Corporation. Retrieved 28 March 2014.
  3. 1 2 3 4 Hunt, Troy (February 21, 2012). "Scamming the scammers – catching the virus call centre scammers red-handed". Retrieved 1 April 2014.
  4. 1 2 3 "Hello, I'm definitely not calling from India. Can I take control of your PC?". Ars Technica. Retrieved 16 November 2014.
  5. 1 2 "Microsoft to Bing users: No more shady third-party ads for tech support, password recovery". ZDNet. Retrieved 13 May 2016.
  6. "Despite Crackdowns, Tech Support Ads In Search Are Still Cause For Consumer Confusion". Search Engine Land, Ginny Marvin on August 5, 2014
  7. Harley, David (7 October 2015). "Tech Support Scams: Top of the Pop-Ups". We Live Security. Retrieved 28 July 2016.
  8. "Do not respond to scam pop-up messages in your web browser". www.communications.gov.au. Department of Communications and the Arts. Retrieved 2016-04-19.
  9. 1 2 3 4 Solon, Olivia (11 April 2013). "What happens if you play along with a Microsoft 'tech support' scam?". Wired.co.uk. Retrieved 10 November 2014.
  10. Lodhi, Nauman. "Beware of Microsoft Tech Support Scammers". Business 2 Community. Retrieved 18 April 2014.
  11. "Support desk scams: CLSID not unique". We Live Security. ESET. Retrieved 15 November 2014.
  12. "Support-Scammer Tricks". We Live Security. ESET. Retrieved 15 November 2014.
  13. Woodchip computers:Have you been caught by the "I am Windows Support" scam?
  14. Holzman, Carey (14 November 2014). "'Microsoft Partner' Claims Fuel Support Scams". Kerbs on Security. Retrieved 26 July 2016.
  15. "Microsoft Phone Scams". www.which.co.uk/. Which?.
  16. Scott, Gini. Scammed: Learn from the Biggest Consumer and Money Frauds How Not to Be a Victim. Skyhorse Publishing, Inc. ISBN 9781621535041.
  17. "Tech Support Scams". Federal Trade Commission. Retrieved 16 November 2014.
  18. Winterford, Brett (May 18, 2011). "How the Microsoft/LogMeIn support scam works". ITnews.com.au. Retrieved 1 April 2014.
  19. Cox, Orla (22 June 2010). "Technical Support Phone Scams". Symantec. Retrieved 3 August 2016.
  20. 1 2 Hunt, Troy. "Interview with the man behind Comantra, the "cold call virus scammers"". Retrieved 18 April 2014.
  21. "YooCare Davy Fake service, destroyed computer, would not refund Colorado Springs Colorado". Ripoff Report.
  22. "Reputation of guruaid.com". WOT.
  23. "How iYogi & Guruaid running tech support campaigns?". AdWords Community. Retrieved 2 May 2014.
  24. Cringley, Robert (28 March 2012). "The downward (dog) spiral: iYogi exposed". InfoWorld. Retrieved 3 April 2014.
  25. Cringley, Robert (21 March 2012). "Tech support or extortion? You be the judge". InfoWorld. Retrieved 9 June 2015.
  26. Washington state sues firm, alleges tech support scam, Associated Press, 16 December 2015
  27. Joe Panettieri (18 March 2016). "iYogi IT Services Lawsuit: State of Washington Awaits Response - ChannelE2E". ChannelE2E. Retrieved 24 March 2016.
  28. Lawsuits Cloud iYogi Remote Tech Support Reputation, 11 Jan 2016
  29. Microsoft Drops partner accused of Cold-Call Scams, 22 February 2016
  30. Whitney, Lance (19 December 2014). "Microsoft combats tech support scammers with lawsuit". CNET. Retrieved 21 December 2014.
  31. "Microsoft loses exclusivity in shaken up Yahoo search deal". Ars Technica. Retrieved 30 June 2015.
  32. "Ad Tech And Mobile In Focus In Microsoft And Yahoo's Renewed Search Deal". TechCrunch. Retrieved 30 June 2015.
  33. "Bing bans tech support ads—because they're mostly scams". Ars Technica. Retrieved 13 May 2016.

External links

This article is issued from Wikipedia - version of the 12/2/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.