Skip to main content

What Is A Technical support scam

A technical support scam refers to any of class a telephone fraud activities in which a scammer claims to offer a legitimate technical support service, often via cold calls to unsuspecting users. Such calls are mostly targeted at Microsoft Windows users, with the caller often claiming to represent a Microsoft technical support department.

In English-speaking countries such as the United States, Canada, United Kingdom, Ireland, Australia and New Zealand, such cold call scams have occurred as early as 2008[1] and primarily originate from call centers in India.

The scammer will typically attempt to get the victim to allow remote access to his or her computer. After remote access is gained, the scammer relies on confidence tricks, typically involving utilities built into Windows and other software, in order to gain the victim's trust to pay for the supposed "support" services. The scammer will often then steal the victim's credit card account information or persuade the victim to log into his or her online banking account to receive a promised refund, claiming that a secure server is connected and that the scammer cannot see the details. Many schemes involve convincing the victim to purchase expensive gift cards and then to divulge the card information to the scammer.[3]

OPERATION 

Fake Blue Screen of Death pop-up tricking the victim that their computer has a "system crash" and can no longer operate safely unless they call the toll-free number to "resolve" the issues.
Technical support scams typically rely on social engineering. Scammers use a variety of confidence tricks to persuade the victim to install remote desktop software (often by informing the victim that the scammer is connecting the computer to a "secure server"), with which the scammer can then take control of the victim's computer. With this access, the scammer may then launch various Windows components and utilities (such as the Event Viewer), install third-party utilities (such as rogue security software) and perform other tasks in an effort to convince the victim that the computer has critical problems that must be remediated, such as infection with a virus. The scammer will urge the victim to pay, with a credit card or gift card, in order that the issues may be "fixed".[1][4][5]

INITIATION 

Screenshot of a Recent Changes page from a MediaWiki site affected by customer support scammers promoting their "help lines" through unethical means such as spamming.
Technical support scams can begin in a variety of ways.[4][6] A scam most commonly begins with a cold call, usually claiming to be associated with a legitimate-sounding third party, with a name like "Microsoft" or "Windows Technical Support".[2] Scammers have also lured victims by purchasing keyword advertising on major search engines (with ads triggered by phrases such as "Microsoft live chat", "Facebook support", or "Outlook login help"), though both Bing and Google have taken steps to restrict such schemes. Other techniques include email spamming and cybersquatting to lead potential victims to web pages containing scammers' phone numbers.[7][8] Some scams have been initiated via pop-up ads on infected websites instructing the potential victim to call a number. These pop-ups often closely resemble legitimate error messages such as the Blue Screen of Death.[9][10]

Remote Access 

While normally following a script, the scammer usually instructs the victim to download and install a remote access program, such as TeamViewer, AnyDesk, LogMeIn, GoToAssist,[11] ConnectWise Control (known also as ScreenConnect), etc. With the software installed, the scammer convinces the victim to provide them with the remote access software's credentials or other details required to initiate a remote-control session, giving the scammer complete control of the victim's desktop.[1][12]

Confidence Tricks 

Further information: Confidence trick
After gaining access, the scammer attempts to convince the victim that the computer is suffering from problems that must be repaired, most often as the putative result of malicious hacking activity. Scammers use several methods to misrepresent the content and significance of common Windows tools and system directories as evidence of malicious activity, such as viruses and other malware. Normally the elderly and other vulnerable parties, such as those with limited technical knowledge, are targeted for technical support scams.

The scammer may direct users to Windows' Event Viewer, which displays a log of various events for use by system administrators and expert users to troubleshoot problems. Although many of the log entries are relatively harmless notifications, the scammer may fraudulently claim that log entries labeled as warnings and errors are evidence of malware activity or that the computer is becoming corrupted, and that the errors must be "fixed".[4][6][13]
The scammer may present system folders that contain unusually named files, such as Windows' Prefetch and Temp folders, and claim that the files are evidence of malware on the system. The scammer may open some of these files (especially those in the Prefetch folder) in Notepad, where the file contents are rendered as mojibake. The scammer claims that malware has corrupted these files, causing the unintelligible output. In reality, the files in Prefetch are typically harmless, intact binary files used to speed up certain operations.[13]
The scammer may misuse Command Prompt tools to generate suspicious-looking output, for instance, the tree or dir /s command, which displays an extensive listing of files and directories. The scammer may claim that the utility is a malware scanner, and while the tool is running, the scammer will enter text purporting to be an error message (such as "security breach ... trojans found") that will appear when the job finishes, or into a blank Notepad document.[14]
The scammer may misrepresent values and keys stored in the Windows Registry as being malicious, such as innocuous keys whose values are listed as not being set.[4]
The "Send To" Windows function is associated with a globally unique identifier. The output of the command assoc, which lists all file associations on the system, displays this association with the line ZFSendToTarget=CLSID{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}; this GUID is the same on all versions of Windows. The scammer may claim that this is a unique ID used to identify the user's computer, or claim that the CLSID listed is actually a "Computer Licence Security ID" that must be renewed.[15][16]
The scammer may claim that the system's problems are the result of expired hardware or software warranties, for example, Windows product keys, and coax the victim into paying for a "renewal".[6][13]
The scammer may run the obscure syskey utility and configure a startup password known only to the scammer, thereby locking the victim out of his or her own system after the computer is rebooted.[17][18] As syskey is only present in Windows versions previous to Windows 10, the scammer may force the user to become locked out by installing a keylogger and changing the user's account password and/or setting a PIN login requirement if the victim's computer runs on Windows 10.[19]
The scammer may delete Windows critical files and folders such as system32, making the computer unusable until the operating system has been reinstalled.
The scammer may use their remote access software to surreptitiously download or delete confidential files or documents from the victim’s system while employing distraction techniques.
The scammer may block the victim from viewing his or her screen, claiming that it is the result of malware or of a scan being run, and use the time to search the user's files for sensitive information, attempt to break into the user's accounts with stolen or stored credentials or activate the webcam and see the user's face.[19]
The scammer may run the netstat command in a terminal/command window, which shows local and foreign IP addresses. The scammer then tells the victim that these addresses belong to hackers that have intruded the computer.
The scammer may claim that a normal Windows process such as rundll32.exe is a virus. Often, the scammer will search the Internet for an article about the Windows process and will scroll to a section saying that the process name can also possibly be part of malware, even though the victim's computer does not contain that malware.
Objectives Edit
These tricks are meant to target victims who may be unfamiliar with the actual uses of these tools, such as inexperienced users and senior citizens—especially when the scam is initiated by a cold call.[1][2][20] The scammer then coaxes the victim into paying for the scammer's services or software, which they claim is designed to "repair" the computer but is actually malware that infects it or software that causes other damage.[21] The scammer may gain access to the victim's credit card information, which can be used to make additional fraudulent charges. Afterward, the scammer may also claim that the victim is eligible for a refund, and request the user's bank account information—which is instead used to steal more money from the victim, rather than providing the promised refund.[4][6][2][13][22][23] Alternatively, a scammer may attempt to request payment using gift cards for online platforms such as Amazon.com, Google Play, and iTunes Store.[24][25]

If their targets show resistance or refuse to follow the scammer or pay them, the scammer may become belligerent and insult, threaten[26][27] or even blackmail the user into paying them. Canadian citizen Jakob Dulisse reported to CBC that, upon asking the scammer why he had been targeted, the scammer responded with a death threat; 'Anglo people who travel to the country [India] were "cut up in little pieces" and thrown in the river.'[28][29]

In an investigation conducted by Symantec employee Orla Cox, it was revealed that after Cox paid for the fee for the scammer to remove the nonexistent "malware" infections, the scammers would then merely clear the log in the Event Viewer and disable Windows' event logging feature. This merely means that errors would no longer appear in the Event Viewer, i.e. had malware actually existed on Cox's computer, it would remain intact.[30]

Unethical and fake "support" companies Edit
The great majority of the complaints and discussion about companies that cold-call and offer "technical support"[31] report them as being not merely incompetent or ineffective, but actively dishonest, doggedly trying to convince the victim of non-existent problems by trickery and, when possible, damaging the computer to which they gain access.[4][32][33] Computer-support companies advertise on search engines like Google and Bing,[31][34] but some are heavily criticised, sometimes for practices similar to those of the cold callers. One example is the India-based company iYogi, which has been reported by InfoWorld to use scare tactics and install undesirable software.[35][36] In December 2015, the state of Washington sued iYogi's US operations for scamming consumers and making false claims in order to scare the users into buying iYogi's diagnostic software.[37] iYogi, which was required to respond formally by the end of March 2016,[38] said before its response that the lawsuit filed was without merit.[39] In September 2011, Microsoft dropped Comantra, a Gold Partner, from its Microsoft Partner Network following accusations of involvement in cold-call technical-support scams.[40]

In December 2014, Microsoft filed a lawsuit against a California-based company operating such scams for "misusing Microsoft's name and trademarks" and "creating security issues for victims by gaining access to their computers and installing malicious software, including a password grabber that could provide access to personal and financial information".[41] In an effort to protect consumers, Microsoft-owned advertising network Bing Ads (which services ad sales on Bing and Yahoo! Search engines)[42][43] amended its terms of service in May 2016 to prohibit the advertising of third-party technical support services or ads claiming to "provide a service that can only be provided by the actual owner of the products or service advertised".[7][44] Google Search followed suit in August 2018, but went further by banning any advertising related to technical support, regardless of source, citing that it had become too difficult to differentiate legitimate providers from scams.[45]

scam baiting 

Main article: Scam baiting
Tech support scammers are regularly targeted by scam baiting[46] both online and offline, with individuals seeking to raise awareness of these scams by uploading recordings on platforms like YouTube, cause inconvenience to the scammers by wasting their time, and by disabling the scammer's computer systems by deploying RATs, distributed denial of service attacks and destructive computer viruses. Scam baiters may also attempt to lure scammers into exposing their unethical practices by leaving dummy files or malware disguised as confidential information, such as credit/debit card information and passwords, on a virtual machine for the scammer to attempt to steal, only to himself or herself become infected.

In November 2017, a company called Myphonesupport initiated a petition seeking the identities of John Doe defendants in a New York case involving a telephonic denial-of-service attack against its call centers. The case has since been disposed.

Comments

Popular posts from this blog

Common Scams and Frauds

Telephone Scams Telephone scammers try to steal your money or personal information. Scams may come through phone calls from real people, robocalls, or text messages. The callers often make false promises, such as opportunities to buy products, invest your money, or receive free product trials. They may also offer you money through free grants and lotteries. Some scammers may call with threats of jail or lawsuits if you don’t pay them. See types of scams
For more help in resolving consumer issues, you can report scams to Zambia Police on 991 How to Protect Yourself From Telephone Scams Remember these tips to avoid being a victim of a telephone scam: Do Be wary of callers claiming that you’ve won a prize or vacation package. Hang up on suspicious phone calls. Be cautious of caller ID. Scammers can change the phone number that shows up on your caller ID screen. This is called “spoofing.” Independently research business opportunities, charities, or travel packages being offered by the ca…

I was contacted by a scammer on twitter claiming to have alot of money for charity organization

Example of a social media scam
On this day a scammer caught me up on twitter claiming she is from England and have alot of money for charity organization. She said I should send some money to process my visa card for reception of money in my country Zambia. The Scammer sent a copy of a visa card by UBA but the card expired 3 years ago even if he thought I was so dumb that would fall for such a scam.

Here is the message she sent;

My dearest, how are you doing over there in your country? how is your health and family? I do missed you so much, and It is a very joyful thing to break this good news to you. I am very happy that my funds has been release from UBA bank, and i thank God who make it possible, and now the charity project/assignment has been started over there in Yemen.

My dear, i made a vow to myself that even if you fail to complete the transaction with me, that i must surely compensate you. And i want to inform you that i have successfully transferred the fund through a good …

Commonest scams in Zambia

Scams in Zambia have become a new deal of crime in Zambia. These reports are received from Zambia police .It is a latest method of theft for thieves. The idiots are so much advanced that they first gather information about you Saiya Zambia police.  Scams in Zambia are fuelled by the fact that people are ignorant about it.  Here I will talk about the most common scams in Zambia including secrets and tricks they play according to Zambia Police. Keep reading 😎
 The commonest scams in Zambia
1.Get rich quick scam.
Someone advertises to have magic ring, wallet or whatever that will turn you into a millionaire.  ( They will ask you to pay a certain amount but logically it doesn't make sense. They just want to chop your dollar)
2.Join Illuminati scam.
You will never join Illuminati. The theives just want to chop your dollar and disappears. They can even collect your information for malicious purposes. 
3.Someone looking for love scam.
Here, mostly by a beautiful lady on profile advertises a…

9 Scam Tactics Scammers Use To Steal money from people

The real key to success is making great products and putting a lot of hard work into them. See Types of scamslol ….F*CK THAT!!!We don’t like this “hard work” stuff.
So let’s take the easy way and scam people into giving us money!Our goal here is to deeply exploit human psychology, and get the most vulnerable and needy people to fork over what little cash they have. Let’s put our “Evil Hats” on and get started:SCAM TACTIC #1:
Make sure you focus on a hopeful yet sort-of-dumb crowd.These are people who think internet riches are “a push of a button away!”
These are people who subscribe to the idea they “deserve” to live a good life.
These are people who dream of “finding a passive income source that requires no work!”This will be our target audience.By the time we apply some fancy copywriting and psychology to these gullible people, they’ll be willingly handing over their money.This kind of crowd doesn’t understand that success usually requires years of hard work. They want the end result, w…

I WAS SAVED BY A SIGNAGE AT AXS MACHINE

Credit-for-Sex Scam 

Met this attractive lady on wechat nearby search and ask me to chat on line instead. offered sex for S$100 for 2 hrs. curious, meet up at simei Eastpoint/MRT as advised by her. she then asked me to take a picture of the nearby macdonald and told me that her boss will contact me after giving her my mobile number. Shortly, a man called without any caller ID. spoke in mandarin and ask me for security reason and 1st time client, to purchase something at AXS machine. then i REALISED he wants me to purchase alipay credit at Rmb500. He also wants me to enter their email address for the purchase which made me suspicious. this is because the password will be sent to the email address to claim the credit purchase. I noticed something was amiss when they want to make me pay/credit in advance. I also noticed there is a big police signboard near the axs machine warning public about the recent scam. for me, i am lucky that no money is lost in this process...i have uploaded a c…

Scammer got a loan using my bank details

Here is a story about scams in Zambia. It happened in September 2018
Scammer claimed to have connections with people who can make my father's pension be paid faster. It was an irritating story how I have been traveling to Lusaka for my father's package after he died. But through Facebook a Scammer inboxed me that he could help me through his uncle who worked from the pensions offices.He calmed to me that i would have the money paid instantly. It all turned to be a loan scam.

After asking for my details including the bank details he managed to get a loan from the worst financial institution called getBuks in Lusaka. The getBuks financial services are the dumbest in everything they do. Not competent and easy to scam. They are agents of Scammers.
He got ZMW15k too bad.

Loan Scam
received a Whatsapp text messages 2 weeks ago (no. +91 73238 19746). i checked it out, person name "martin" replied. he requested for my nric, singpass. all seems normal. till there was a tran…
Go Top