Microsoft has released new figures that show there has been a sizeable increase in tech support scams over the past year. The number of victims that have reported these scams to Microsoft increased by 24% in 2017. The true increase could be much higher. Many victims fail to report the incidents.

According to Microsoft, in 2017 there were 153,000 reports submitted from customers in 183 countries who had been fooled by such a scam. While not all of the complainants admitted to losing money as a result, 15% said they paid for technical support. The average cost of support was between $200 and $400, although many individuals were scammed out of much more significant amounts. While victims may not willingly pay much more to fix the fictitious problem on their computers, if bank account details are provided to the scammers, accounts can easily be drained. One victim from the Netherlands claims a scammer emptied a bank account and stole €89,000.

The rise in complaints about tech support scams could, in part, be explained by more scammers pretending to be software engineers from Microsoft, prompting them to report the incidents to Microsoft when they realize they have been scammed.

However, the rise in tech support scams is backed up by figures released by the FBI. Its Internet Crime Complaint Center (IC3) received 86% more complaints in 2017 from victims of tech support scams. Around 11,000 complaints were received by IC3 about tech support scams last year and more than $15 million was lost to the scams.

It is easy to see why these scams are so attractive for would-be cybercriminals. In many cases, little effort is required to pull off the scam. All that is required in many cases is a telephone. Cold calling is still common, although many of the scams are now much more sophisticated and have a much higher success rate.

Email is also used. Some tech support scams involve warnings and use social engineering techniques to convince the recipient to call the helpline. Others involve malware, sent as an attachment or downloaded as a result of visiting a malicious website via a hyperlink supplied in the email.

Once installed, the malware displays fake warning messages that convince the user that they have been infected with malware that requires a call to the technical support department.

The use of popups on websites is common. These popups cannot be closed and remain on screen. Browser lockers are also common which serve the same purpose. To prompt the user to call the support helpline.

While many more experienced users would know how to close the browser – CTRL+ALT+DEL and shut down the browser via Windows Task Manager – less experienced users may panic and call the helpline number, especially when the popup claims to be from a well-known company such as Microsoft or even law enforcement.

The typical process used in these tech support scams is to establish contact by telephone, get the user to download software to remove a fictitious virus or malware that has previously been installed by the attackers. Remote administration tools are used that allows the scammer to access the computer. The user is convinced there is malware installed and told they must pay for support. Payment is made and the fictitious problem is fixed.

These techniques are nothing new, it is just that more cybercriminals have got in on the act and operations have been expanded due to the high success rate. Fortunately, there are simple steps to take that can prevent users from falling for these tech support scams.

To avoid becoming a victim of such a scam:

  • Never open any email attachments you receive from unknown senders
  • Do not visit hyperlinks in email messages from unknown senders
  • If contacted by phone, take a number and say you will call back. Then contact the service provider using verified contact information, not the details supplied over the telephone
  • If you are presented with a warning via a popup message or website claiming your device has been infected, stop and think before acting. Genuine warnings do not include telephone numbers and do not have spelling mistakes or questionable grammar
  • If you receive a warning about viruses online and want to perform a scan, download free antivirus software from a reputable firm from the official website (Malwarebytes, AVG, Avast for instance)
  • Before making any call, verify the phone number. Use a search engine to search for the number and see if it has been associated with scams in the past
  • ISPs and service providers rarely make unsolicited telephone calls to customers about viruses and technical issues and offer to fix the device

If you believe you are a victim of a tech support scam, report the incident to the service provider who was spoofed and notify appropriate authorities in your country of residence.

In the USA, that is the Federal Trade Commission or the FBI’s IC3; in the UK it is the National Fraud and Cyber Crime Reporting Center, the European Consumer Center in Ireland, or the equivalent organizations in other countries.