Scammers have spent years offering fake technical support services and “solving” non-existent problems for users with their devices or software. Using a series of tried and tested social engineering tricks, they have had considerable success tricking victims into hand over your money or personal datasuch as passwords and financial information. Not surprisingly, they continue to do so, using increasingly sophisticated techniques that go beyond phone calls and fake pop-up alerts to trick their victims.
A 2021 study by Microsoft states that three-fifths of consumers worldwide had encountered this type of scam in the previous 12 months, and that “one in six consumers were tricked into continuing the scam”, often losing money in the process.
Tech support scams have evolved considerably in the last ten years. Early versions consisted of phone calls by fake tech support agents who were often based in India and claimed to work for Microsoft, Dell, Cisco, or another technology company, including well-known security vendors.
The scammers they called people unexpectedly and, more or less randomly, trying to convince them that their computer had a problem that needed to be fixed immediately in exchange for a commission. These attempts were based on finding victims with little knowledge of how computers actually work, and came to rely on websites and Facebook pages offering “help” to users of specific products.
Over time, this type of scam has become more sophisticated in attracting new victims. They are currently exploiting this scam in various ways.
How these scams work
It is quite common for the victim to receive a email from a domain that looks legitimate, warning you of the imminent and automatic renewal of a technical service (that is, a guarantee) for several hundred euros. The recipient is encouraged to contact a given phone number or email address if he or she does not wish to pay.
The goal is for the victim to call the scammers requesting an explanation/refund. The scammer tries to convince the victim to download software that uses Remote Desktop Protocol (RDP) in order to gain access to the user’s computer, perform technical support, and process the refund.
The scammer will claim to have issued a refund and ask the user to log in to their banking app to verify that it was successful. This will give the cybercriminal access to this account. Once inside the bank account, it freezes the victim’s screen or shows them a blank screen while secretly transferring funds from the account.
other variants
Of course, this is not the only variant of the tech support scam out there. Fraudsters can resort to phone calls, SMS or emails to establish the first contact with the victim. They can pose as representatives, not only of technology companies, but also of financial institutions, public service companies or even currency exchange houses.
The scammers could then convince the victim that their bank accounts have been compromised and that they need to move their funds elsewhere. It is also possible that they try to take remote control of the computer through the same RDP tools and open virtual currency accounts to transfer funds from the victim’s bank account.
How to avoid it
To avoid falling into these traps, the cybersecurity company ESET recommends do not answer directly or call to numbers that appear in unsolicited emails. If in doubt, look up the company in question and call them directly to check.
If a pop-up window or error message with a phone number appears on your computer screen, do not make the call. Likewise, if someone contacts you to tell you that your computer has an electronic problem, hang up.
Remember that you must not grant remote access to the computer to anyone you do not know personally, nor provide your passwords or bank keys to third parties. Keep in mind that scammers will always try to rush you into making rash decisions, often throwing the victim into a panic.