Fake Technical Support And Scareware

Background

A technical support scam is a form of fraud, utilizing social engineering and fear tactics to fool victims into divulging useful and confidential information or paying for unnecessary support services due to alleged technical error or software problems.

There are 2 common methods of tech support scams: via a phone call and scareware.

Phone call

In a fake technical support call, the scammer may pretend to be from a reputable company and may use technical jargon to convince their victims that their PC or network has been infected or compromised. They might then persuade the victim to install a remote access application which supposedly runs a diagnostic test and removes the "virus". This application will allow the hacker to remotely access the target computer and install malware. The victim will then be urged to pay a fee using their credit card in order for the PC to be fully "fixed".

Scareware

Scareware is where the scammer sets up a website or a pop up message designed to fool people into thinking that their PC is "infected".  The pop up message may lock your browser, tricking the victim to call the support hotline number as displayed. When called, they will offer fake solutions and ask for payments via credit card.

IMPACT

  • Data or financial losses  
  • Confidential information such as debit or credit card details will be exposed 
  • Personal information will be compromised if the scammer has your credentials

 

RECOMMENDATIONS

  • Real security warnings and messages would never ask you to call a technical support number. 
  • Legitimate technical companies will not contact you via phone, email or text message to inform you there’s a problem with your computer. 
  • Inform your bank immediately if u have paid a scammer.
  • Scan your devices with the latest antivirus or anti-malware. 
  • Patch your operating system frequently. 
  • Do not accept connections from unknown devices. 
  • Do not use links to download software or begin sessions. Access the supplier’s website by typing the URL into the browser in order to avoid corrupt links. 
  • Use only official support services.