Detecting Common Tech Support Scams 101

Detecting Common Tech Support Scams 101

You make your way into the office, turn on your computer – and boom. You’re greeted with the big blue screen of death. This is just the start of a carefully crafted tech support scam unfolding before your eyes.

Your computer alerts you that your PC (and all the precious data on it) has been compromised. Goodbye family photos, credit card data, social security information, and more. You’re also given a toll-free tech support line for “help.”

Your immediate reaction is suspicion (hopefully). But to test the waters and see what would come out of such a scam, three SUNY Stony Brook security researchers actually dialed the number.

They were each connected with human tech support scammer who “analyzed” the security of their PCs via a remote connection. Every time, they discovered supposed infections and viruses. Then they proceeded to offer a cleanup fee for hundreds of dollars.

These tech support scams are more prevalent than we’d like to think. Here are a few trends unveiled and tips to keep yourself protected:

Tech Support Scam Tip 1: Watch out for These Predictable Steps

The researchers found that the scammers each started out by saying they needed to know more about the malware, asking the user to download a remote admin tool to give them access. In reality, the users were connecting to fake virtual machines that hid the identity of the scammers.

From there, the scammers would do some digging around, asking the user about their recent PC usage. They’ll also give credit to the PC’s underlying hardware, making it seem like it’s still worth salvaging despite infection. This is also to give their victim a sense that the cleanup service will be worth it.

Finally, the scammers will request a x amount of dollars for a cleanup service to rid their computer of the supposed malware (usually averaging at around $300).

How to Stay Protected

Although going to law enforcement and blacklisting phone numbers are a few ways to counter these types of scams, they’re not always the most effective.

Stony Brooke computer science professor Nick Nikiforakis encourages people to stay educated on online fraud. Victims must be able to spot fake malware warnings long before spending 20+ minutes on the phone with a tech support scammer.

“People need to understand there’s no legitimate scenario where your computer will start beeping and ask you to call a toll-free number,” says Nikiforakis.