Endpoint

12/27/2017
08:00 AM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
50%
50%

6 Tips to Protect Against Technical Support Fraud

Just when you're having fun over the holidays and not paying attention, you can be hit with a tech support scam. Here's how to stay safe into the new year.
Previous
1 of 7
Next

Image Source: towfiqu barbhulya via Shutterstock

Image Source: towfiqu barbhulya via Shutterstock

Tech support scams have become big business for criminals, so don’t expect them to stop over the holidays. In fact, the FBI’s most recent Internet Crime Report lists tech support fraud as one of the top cybercrime trends, costing victims some $8 million last year alone.

Since 2015, according to a Microsoft spokesperson, the company has received more than 300,000 customer reports of tech support fraud and the software company receives an average of 12,000 reports of tech support scams a month worldwide.

Microsoft’s global survey conducted in 2016 also reported that two out of three consumers have experienced this type of scam, with one in five losing money to the fraudsters. On an interesting note, Microsoft found that millennials between the ages of 18 and 34 are actually more apt to be the victim of a tech support scam than people over 55. 

The FTC said the scammers run ads that resemble pop-up security alerts from Microsoft, Apple, or other prominent technology companies. Users are warned that their computers are infected with viruses or are under attack by hackers. Some of the pop-ups even feature a countdown clock, allegedly showing the time remaining before the hard drive will fry unless the consumer calls a toll-free number claiming to be affiliated with one of the big-name technology companies.

Once operators have consumers on the phone, the operators claim to need remote access into the victim’s computer so they can run so-called diagnostic tests. This is the gravest danger.  At all costs, people should not let people they don’t know access their computers. The tests the scammers run claim to reveal grave problems that can only be solved by one of their “certified technicians.” Companies use high-pressure tactics to strong-arm consumers into paying several hundred dollars – sometimes more -- for unnecessary repairs, anti-virus software and other tech support products and services. 

The FTC has cracked down on these fraudsters, prosecuting many of them earlier this year as part of its Operation Tech Trap.

Based on interviews with the FTC’s Will Maxson, Microsoft and Michael Kaiser of the National Cyber Security Alliance, we developed a list of six tips for users. Computer security geeks spending time with family members over the holidays may want to point out this story to friends and relatives who have questions or believe they have been the victim of a tech support scam.

Check this link for more consumer information from the FTC on tech support scams.

 

 

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Previous
1 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
maklonkosmetik
50%
50%
maklonkosmetik,
User Rank: Apprentice
1/8/2018 | 9:01:12 PM
Re: Excellent advise to pass around...
Wow.. these tips are very useful. During the holidays we often neglect the security. thank you for reminding me of this
Marilyn Cohodas
100%
0%
Marilyn Cohodas,
User Rank: Strategist
12/28/2017 | 1:31:36 PM
Excellent advise to pass around...
Very useful info to share during this holiday season...
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2016-10739
PUBLISHED: 2019-01-21
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possib...
CVE-2019-6499
PUBLISHED: 2019-01-21
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system.
CVE-2019-6500
PUBLISHED: 2019-01-21
In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request with %2e instead of '.' characters, as demonstrated by an initial /h2hdocumentation//%2e%2e/ substring.
CVE-2019-6498
PUBLISHED: 2019-01-21
GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in dbus/gattlib.c because strncpy is misused.
CVE-2019-6497
PUBLISHED: 2019-01-20
Hotels_Server through 2018-11-05 has SQL Injection via the controller/fetchpwd.php username parameter.