Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

12/27/2017
08:00 AM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
50%
50%

6 Tips to Protect Against Technical Support Fraud

Just when you're having fun over the holidays and not paying attention, you can be hit with a tech support scam. Here's how to stay safe into the new year.
Previous
1 of 7
Next

Tech support scams have become big business for criminals, so don’t expect them to stop over the holidays. In fact, the FBI’s most recent Internet Crime Report lists tech support fraud as one of the top cybercrime trends, costing victims some $8 million last year alone.

Since 2015, according to a Microsoft spokesperson, the company has received more than 300,000 customer reports of tech support fraud and the software company receives an average of 12,000 reports of tech support scams a month worldwide.

Microsoft’s global survey conducted in 2016 also reported that two out of three consumers have experienced this type of scam, with one in five losing money to the fraudsters. On an interesting note, Microsoft found that millennials between the ages of 18 and 34 are actually more apt to be the victim of a tech support scam than people over 55. 

The FTC said the scammers run ads that resemble pop-up security alerts from Microsoft, Apple, or other prominent technology companies. Users are warned that their computers are infected with viruses or are under attack by hackers. Some of the pop-ups even feature a countdown clock, allegedly showing the time remaining before the hard drive will fry unless the consumer calls a toll-free number claiming to be affiliated with one of the big-name technology companies.

Once operators have consumers on the phone, the operators claim to need remote access into the victim’s computer so they can run so-called diagnostic tests. This is the gravest danger.  At all costs, people should not let people they don’t know access their computers. The tests the scammers run claim to reveal grave problems that can only be solved by one of their “certified technicians.” Companies use high-pressure tactics to strong-arm consumers into paying several hundred dollars – sometimes more -- for unnecessary repairs, anti-virus software and other tech support products and services. 

The FTC has cracked down on these fraudsters, prosecuting many of them earlier this year as part of its Operation Tech Trap.

Based on interviews with the FTC’s Will Maxson, Microsoft and Michael Kaiser of the National Cyber Security Alliance, we developed a list of six tips for users. Computer security geeks spending time with family members over the holidays may want to point out this story to friends and relatives who have questions or believe they have been the victim of a tech support scam.

Check this link for more consumer information from the FTC on tech support scams.

 

 

Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md. View Full Bio
 

Recommended Reading:

Previous
1 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
maklonkosmetik
50%
50%
maklonkosmetik,
User Rank: Apprentice
1/8/2018 | 9:01:12 PM
Re: Excellent advise to pass around...
Wow.. these tips are very useful. During the holidays we often neglect the security. thank you for reminding me of this
Marilyn Cohodas
100%
0%
Marilyn Cohodas,
User Rank: Strategist
12/28/2017 | 1:31:36 PM
Excellent advise to pass around...
Very useful info to share during this holiday season...
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting
CVE-2020-12513
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection.
CVE-2020-12514
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd
CVE-2020-12525
PUBLISHED: 2021-01-22
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
CVE-2020-12511
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface.