It’s no news that great, reliable technical support is extremely important – and yet, too many individuals and businesses neglect the issue, putting themselves at risk of being violently scammed.
For instance, new variants of an old internet service provider (ISP) targeting scheme are affecting many customers in the US and UK. It’s basically a twist on cold calling – scammers are not keen on contacting the victims directly via phone and claiming they are, for example, Microsoft representatives. Way too many people are able to spot the fraud presented this way, so scammers found a new way to trick the internet users.
Instead, the new generation of fraudsters will initiate a very realistic pop-up interrupting your normal browsing session, and the message that appears, although pretty generic, still looks legit, as if it was really coming from your ISP. The message claims that your provider has “detected malware”, urging you to call the provided number for “immediate assistance”. Unlike cold calling, this scam is much more personable and seems legitimate to many users, therefore, at almost no cost for scammers, this scheme produces much better results compared to old methods.
But how exactly scammers find who your service provider is? Well, there are a few relatively easy ways, unfortunately. Apart from lucky guessing (which still produces good results, as the stats on most popular ISPs are not hard to find), there are techniques such as tracing the IP address. Long story short, criminals place infected ads on major websites, with an infected patch of pixels that the users don’t even need to click on to initiate the scenario. The invisible processes on the background check the victim’s computer and discover the IP, which allows identifying the ISP. The entire process takes seconds and happens on the background while the user is browsing an otherwise legitimate website.
Tech support scams affect the users worldwide – for instance, this year West Australians have already lost almost $400,000 to frauds this year. The scheme involves the criminals introducing themselves as tech support officers contacting the victims either via phone or online, requesting remote access to their computers, which gives them an opportunity to silently retrieve personal information such as passwords, log in details and even documents. The scammers don’t stop there, however – if the victim is falling for the scam, the fraudsters often proceed to ask the users to log on to their online banking system. As they already have the remote computer access, all criminals need to do is simply withdraw the money and disconnect, leaving the customers puzzled. Consumer Protection indicates that this year the scam has already affected 44% more people compared to 2015.
Please stay safe online and remember – your tech support providers will only contact you personally in case of emergency (no pop-ups!) and will never request any passwords or login information via phone. If you’ve noticed some suspicious activity, report it immediately and contact your real ISP to put together an appropriate action plan.