For years, you thought you were one of millions of IT users carrying out your day-to-day computing just like anyone else, but it turns out you're actually special. Incredibly, a computer expert from one of the world's largest IT companies identified a problem with your computer and is now calling to help you fix it.
So, what makes you worthy of a call from this IT whizz? Sadly, the hope that you might be gullible enough to fall for a tech support scam makes you a target. The term refers to the practice of contacting someone with a helpful offer to provide technical support for an alleged problem, in hopes of either soliciting payment to fix a fake problem or gaining control of the computer to access private data and financial accounts or install malware.
Contact could occur through many different channels. Traditionally, contact comes mainly from phone calls from someone pretending to work for a large IT company like Microsoft or IBM, but an increasing number of scams are hosted on websites you might visit.
These scams typically work by creating pop-up messages while you're browsing or causing your browser to suddenly switch to a blue screen in full-screen mode or display a Windows activation page or a page warning of a malware infection or system error. These warnings always include a tech support number you should call or a website you should visit.
No matter how the scammer attempts to snare you, the end goal is always the same: to convince you to allow them to help for their own nefarious purposes. Fortunately, there are a number of ways to counter the threat of the tech support scammer.
Pause to think about why an IT company would call you. The simple answer is it would not. Even if you have a real problem with your PC, you would have to report it — and probably wait in a long phone queue, by the way. The company is not going to detect it and report it to you. Even in cases where large IT companies are legally allowed to track and monitor individual users, they simply do not have the time and resources to take that type of proactive approach.
The unwillingness of many people to offend others is one of the pillars of social engineering, but sometimes the desire to be polite is detrimental. If a phone call seems suspicious, simply hang up. If you believe the call could possibly be legitimate, then disconnect and call the company's official number. Do not use the phone number the person on the phone gave you or the number shown on your caller ID. Go online and find the correct phone number yourself. If the call is a scam, any number associated with the scam will lead straight back to them.
It’s also a good idea to use a different phone, because scammers can hold open the phone line so that even if you think you’ve dialed a new number, you’re actually still speaking to them – this is doubly dangerous because, if you think you’ve dialed the right number – that adds legitimacy to their requests.
Regardless of whom you are talking to, you should be extremely protective of your personal data and bank information. Even if the person calling you is from a legitimate company, think very carefully about any information you provide.
Installing a security solution is an absolute must for every computer and connected device. If you have a top of the line security solution installed and updated, your computer simply won't display fraudulent warnings or strange pop-ups.
If you think your computer may already be compromised or infected, take the following steps:
Not falling victim to tech support scams is like avoiding most cybercrime. It depends on you to be vigilant, routinely suspicious, and sensible.