Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

12/27/2017
08:00 AM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
50%
50%

6 Tips to Protect Against Technical Support Fraud

Just when you're having fun over the holidays and not paying attention, you can be hit with a tech support scam. Here's how to stay safe into the new year.
Previous
1 of 7
Next

Tech support scams have become big business for criminals, so don’t expect them to stop over the holidays. In fact, the FBI’s most recent Internet Crime Report lists tech support fraud as one of the top cybercrime trends, costing victims some $8 million last year alone.

Since 2015, according to a Microsoft spokesperson, the company has received more than 300,000 customer reports of tech support fraud and the software company receives an average of 12,000 reports of tech support scams a month worldwide.

Microsoft’s global survey conducted in 2016 also reported that two out of three consumers have experienced this type of scam, with one in five losing money to the fraudsters. On an interesting note, Microsoft found that millennials between the ages of 18 and 34 are actually more apt to be the victim of a tech support scam than people over 55. 

The FTC said the scammers run ads that resemble pop-up security alerts from Microsoft, Apple, or other prominent technology companies. Users are warned that their computers are infected with viruses or are under attack by hackers. Some of the pop-ups even feature a countdown clock, allegedly showing the time remaining before the hard drive will fry unless the consumer calls a toll-free number claiming to be affiliated with one of the big-name technology companies.

Once operators have consumers on the phone, the operators claim to need remote access into the victim’s computer so they can run so-called diagnostic tests. This is the gravest danger.  At all costs, people should not let people they don’t know access their computers. The tests the scammers run claim to reveal grave problems that can only be solved by one of their “certified technicians.” Companies use high-pressure tactics to strong-arm consumers into paying several hundred dollars – sometimes more -- for unnecessary repairs, anti-virus software and other tech support products and services. 

The FTC has cracked down on these fraudsters, prosecuting many of them earlier this year as part of its Operation Tech Trap.

Based on interviews with the FTC’s Will Maxson, Microsoft and Michael Kaiser of the National Cyber Security Alliance, we developed a list of six tips for users. Computer security geeks spending time with family members over the holidays may want to point out this story to friends and relatives who have questions or believe they have been the victim of a tech support scam.

Check this link for more consumer information from the FTC on tech support scams.

 

 

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Previous
1 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
maklonkosmetik
50%
50%
maklonkosmetik,
User Rank: Apprentice
1/8/2018 | 9:01:12 PM
Re: Excellent advise to pass around...
Wow.. these tips are very useful. During the holidays we often neglect the security. thank you for reminding me of this
Marilyn Cohodas
100%
0%
Marilyn Cohodas,
User Rank: Strategist
12/28/2017 | 1:31:36 PM
Excellent advise to pass around...
Very useful info to share during this holiday season...
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/22/2020
How an Industry Consortium Can Reinvent Security Solution Testing
Henry Harrison, Co-founder & Chief Technology Officer, Garrison,  5/21/2020
Is Zero Trust the Best Answer to the COVID-19 Lockdown?
Dan Blum, Cybersecurity & Risk Management Strategist,  5/20/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13616
PUBLISHED: 2020-05-26
The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.
CVE-2020-13614
PUBLISHED: 2020-05-26
An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
CVE-2020-13615
PUBLISHED: 2020-05-26
lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates.
CVE-2020-9046
PUBLISHED: 2020-05-26
A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files.
CVE-2020-12388
PUBLISHED: 2020-05-26
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.