Incidents of tech support scams targeting susceptible PC users are increasing, Microsoft warned. The company received 153,000 reported complaints from consumers in 2017, 24 percent higher than the prior year, according to its detailed security report released on Friday.
Image via Microsoft cloud blog
Reported incidents came from 183 countries, suggesting a widespread global problem. Of those who fell prey to the scam, roughly 15 percent lost money averaging between $200 and $400. There were cases of victims paying significantly more. In December 2017, Microsoft was notified of a tech support fraud in the Netherlands that resulted in the financial loss of €189,000, or about $109,000.
Called social engineering attacks, scammers use a variety of ways to initiate the fraud. Cybercriminals send phishing emails, display strategic online ads or full-screen error messages, install malware, or place unsolicited phone calls to convince victims that their systems or devices have been compromised.
Once victims contact the call center for help, a fake technical support specialist instructs them to install remote administration tools (RATs). This allows fraudsters to have complete control over the device and unrestricted access to sensitive information. They make changes inside the device and point out system errors to convince victims of the ‘problem’. This then prompts unsuspecting consumers to pay for the removal of fake or nonexistent malware.
According to Microsoft, the widespread problem is not limited to its platform but has affected users of MacOS, iOS, and Android systems as well. The FBI received 11,000 tech support fraud complaints in 2017 from 85 countries. Of these, claimed losses amounted to approximately $15 million, representing an 86 percent increase compared to prior year.
The FBI also noticed an emerging trend: re-targeting past victims of tech support fraud. Scammers pose as government officials or law enforcement and offer assistance in recovering losses in exchange for fees. Other fraudsters act as collection services and threaten the victim with legal action for nonpayment of outstanding tech support fees. Some criminals use obtained personal information to commit additional fraud, such as unauthorized bank transfers or opening of new accounts for unlawful payments.
Microsoft expressed concern over tech support scams that bypass secure platforms like Windows 10 easily and coerce users into giving unrestricted access to their devices. Because the problem is far-reaching, the company called for industry-wide collaboration and law enforcement partnership. Microsoft continues to form partnerships with web hosting providers, telecom networks, browser developers, antivirus solutions, and financial networks in detecting tech support scammers.
The graphic below shows how the scam usual works.
Image via Microsoft cloud blog
Customers, on the other hand, can protect and empower themselves through education. Be wary of error or warning messages with phone numbers or emails with malicious attachments. Shut down your device once you receive a pop-up message or locked screen. If you have been a victim, notify your bank to reverse the charges and change all your passwords. Uninstall any application used during the tech support and run a virus scan for remaining malware.
[Featured image via Pixabay]