Online scammers cost time and money. Here’s how to fight back.

by | Nov 5, 2018 | Security

used with permission from Microsoft On the Issues, by Athima Chansanchai

A message pops up on your screen. It screams that your computer is at risk or has been infected by a virus. Or, you receive a phone call from someone claiming to be from tech support.

And then, before you know it, responding to these warnings has delivered your passwords and personal information to scammers, your PC is under their control and now they’re extorting you by peddling bogus security software and services.

A new Microsoft survey of 16 countries released this month, focused on tech support scams and their impact on consumers, shows less people are now susceptible to these scams. And the percentage of respondents who’ve been exposed to them is decreasing. Overall, people are losing less money. This 2018 Global Tech Support Scam Research report follows an earlier one Microsoft released in 2016.

Just in time for October, National Cybersecurity Awareness Month, this research revealed consumers have developed a healthy skepticism about unsolicited contact from technology and software companies. They’ve become savvy to flagging such contact as a potential scam.

If faced with unsolicited contact from a reputable tech company, 38 percent of consumers would try to block that company from making contact in the future and 33 percent would look up the issue online. Forty-six percent of consumers rely on search engines to research tech support scams and 31 percent use company websites.

But that doesn’t mean the danger is any less.

People are still losing money – and time. Three out of five consumers have been exposed to a tech support scam in the previous 12 months. And one out of five consumers were tricked into continued engagement with scammers, often leading to victims losing hundreds of dollars to these fraudsters.

And that, in turn, causes a lot of stress.

Scammers have adapted to changing technology by using more sophisticated tactics to target users online via phishing emails, phony websites and pop-up windows to gain access to computers. In addition to stealing personal and financial information, scammers install malicious software and con people out of hundreds of dollars for fake tech support to fix non-existent computer problems.

“It’s a huge problem,” says Doug Shadel, state director of AARP (formerly the American Association of Retired Persons) Washington, who says the organization’s fraud center receives thousands of calls every month from people targeted by scammers.  “When somebody calls them up to tell them that there’s something wrong, they get anxious and may just follow instructions. A variety of things that can happen. A robo-dialer might call, threaten to cut their service off or warn them that someone is trying to hack them. Out of fear, they call back or dial one, and the next step is that the scammer takes over their computer. The more benign scenario is the scammer tells them they’ll take care of the virus for $300, and maybe that leads to recurring fees. Or, they can download malware that infects computers, going into personal address books, stealing logins and passwords.”

Shadel says AARP likes it when consumers call to report scam calls before they have fallen for it. Once a person has lost money to a tech support scam, it’s much harder to deal with.

Microsoft has partnered with AARP since 2015 to build awareness around tech support scams and has developed a joint booklet encouraging AARP members to report these incidents.

“One of the reasons we’re thrilled to be working with Microsoft is that it’s one thing for law enforcement to give advice for crime prevention, but when Microsoft says they don’t initiate these calls, it’s very powerful,” Shadel says.

But anyone can fall prey to these schemes.

Similar to the 2016 results, Generation Z and Millennials fall prey to tech support scams more often, and also men. They may be more likely to engage in riskier online behavior, such as visiting torrent sites and giving up their email in exchange for downloading videos or images. But because they can be more familiar with technology companies than older generations, it may lead to overconfidence in their web and device expertise.

Each month, Microsoft receives about 11,000 complaints from people across the globe who have been the victim of a tech support scam with fraudsters pretending to be from reputable tech companies, including Microsoft, Dell and Apple.

To help protect consumers from online scams, Windows includes security features and updates with free real-time protection, and the SmartScreen filter built into Microsoft Edge helps protect against malicious pop-ups. In addition, the Bing Ads team took action to block 25 million ads in the tech scam category in 2017 as part of its ad quality work.

Microsoft also fights back through advanced analytics and investigations of thousands of customer complaints received annually, thanks to its Digital Crimes Unit, which identifies key players perpetrating these scams. Collaborating with enforcement agencies globally, they take action to disrupt these fraudulent enterprises and hold them accountable under the law.

For example, Microsoft provided critical information for the May 2017 sweeping enforcement action “Operation Tech Trap” in which the U.S. Federal Trade Commission and law enforcement partners announced 16 new actions against tech support fraudsters. While the UK National Fraud Investigative Bureau reports the number of instances of consumers reporting tech support scams using the Microsoft brand has dropped from 76 percent to 17 percent after a string of successful joint Microsoft and law enforcement operations.

Courtney Gregoire, assistant counsel for the DCU, recently returned from Delhi, India, where many of the call centers behind these frauds are located and where Microsoft has been dedicating resources to raise awareness with Indian government officials, law enforcement and private industry, particularly the legitimate Business Processing Management (BPM) industry.

“Microsoft applauds the recent raids taken by the Cyber Cell of Delhi Police against 10 call center locations engaged in tech support scams targeting individuals in the UK, Australia and the United States, resulting in 24 arrests,” says Gregoire. “Strong action such as this by local law enforcement, sends the message that engaging in tech support fraud is not a ‘get rich quick’ scheme but rather a ‘pay the consequences’ scheme.”

Microsoft also educates consumers about how to stay safe online.

If you receive a notification or call from someone claiming to be from a reputable software company, here are a few key tips to keep in mind:

  • Be wary of any unsolicited pop-up message on your device; don’t click on it and don’t call the number.
  • Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.
  • Never give control of your computer to a third-party unless you can confirm that it is a legitimate representative of a computer support team of whom you are already a customer.
  • If you’re ever unsure about whether Microsoft is trying to contact you, hang up and contact Microsoft directly at support.microsoft.com.
  • If you think you may have been the victim of a Tech Support Scam, report your experience to Microsoft as well as file a report with law enforcement authorities, including your local consumer protection authority.