Tech support scams are a widespread issue where professional scammers use deceptive means to trick users into paying for tech support services they neither need nor actually receive. After making unsolicited contact with victims, scammers offer to fix a “problem”. However, the problem doesn’t actually exist. Scammers can use a variety of scare tactics against users to persuade them. And if they’re successful at tricking unsuspecting users, they may take off with hundreds if not thousands of dollars for a single victim.
Tech support scams are nothing new, they’ve been around for many years now. But despite their long existence and increasing awareness, tech support scams continue to lure millions of dollars from unsuspecting victims every year.
Tech support scammers are usually not individuals or small groups of cybercriminals. In most cases, entire companies are created, usually disguised as call centers. Many of these call centers are located in India. So these scams aren’t just random cybercriminals looking to make a quick buck. Scammers are part of sophisticated operations that work on a large scale.
While stopping these tech support scams is largely impossible, continued effort to raise awareness is necessary in order to prevent more victims. This report will explain the different types of tech-support scams, how they work, who is most at risk, how to identify them, as well as what to do if you become a victim.
Types of tech support scams
While tech support scams are all more or less the same, the way scammers reach out to potential victims differs.
- Pop-ups in browser
Pop-up alerts are one of the most common ways users encounter tech support scams. The alerts are made to look like error messages shown by your operating system (whether Windows or macOS) or by an anti-virus program. They often display company logos in an effort to make them appear more legitimate. These alerts usually warn users about a security issue or a virus infection.
A tech support scam targeting Mac computers
Users are redirected to these pop-up alerts when browsing questionable websites (sites with pornographic or pirated content). The sites displaying these tech support scams may closely resemble legitimate websites, which may convince less-observant users. Some scams also display fake blue screens, as well as activation dialog boxes in full screen, and make it difficult for users to close them, giving the impression that the computer has actually been blocked. In some cases, the pop-ups may reappear over and over again even after users close them. This is all done to convince users that the issues are real, pressuring them to call the shown number.
A classic example of a Microsoft tech support scam
The contents of these tech support alerts are mostly nonsense but scare tactics are used to convince less tech-savvy users. For example, a common tactic is to claim that personal information (social media logins, credit card details, email login credentials) and personal files are being stolen by the malicious infection. This type of tactic is particularly effective against older people who are more likely to have little knowledge about how computers and malware work.
Phone tech support scams work in a similar fashion. Only instead of getting redirected to tech support scams, users receive phone calls from scammers claiming to be from companies like Microsoft or Apple. They inform users that they were able to detect suspicious/malicious behavior on their computers and offer to fix the problems. It’s not uncommon for them to address users by name if such information is easily accessible online or in phone directories. The same scare tactics are used by phone scammers as well. For example, they may claim that they detected personal information and/or files being stolen.
To avoid being traced, scammers use disposable mobile phones. They’re also often located in countries like India, making it difficult for law enforcement in other countries to track them.
While less common, tech support scammers also try to reach potential victims via email. The emails may inform users about supposed unusual activity in some accounts (e.g. Microsoft), and request that they call the provided number to secure their account.
How do tech support scams work
When users call the provided numbers (or receive an unsolicited call), tech support scammers impersonate known tech companies (usually Microsoft or Apple) and offer to fix computer issues that don’t actually exist, or renew non-existent subscriptions, or just generally promote questionable software. Scammers claim to be able to fix the issues users are supposedly having with their computers and usually request remote access to the devices. They instruct users to download certain programs and use certain services to do this.
If users do allow remote access to their devices, scammers may pretend to remove viruses or install some programs. To make their deception appear more legitimate, they use quite simple tactics like typing the name of the virus in the command prompt window. This makes it seem like they’re actually doing something while users are watching. While remotely connected, scammers may also steal personal files and information. In some cases, they even set a password for the computer as a guarantee that users will pay. These “repair” sessions can last up to a couple of hours during which the scammers will use various scare tactics against users. Once they’ve sufficiently wasted their time, scammers demand that users pay for the services they’ve received. In most cases, they demand at least a couple of hundred dollars.
Payments are requested to be made in gift cards or via wire transfers. They give detailed instructions for buying gift cards and even stay on the phone while users go to physical stores to buy them. In case a user is asked to make a wire transfer, they also provide extensive directions that include how to answer specific questions asked by bank employees.
Unfortunately, falling for a tech support scam once means users will be targets again in the future. If scammers notice that their victim is someone who knows very little about computers and can be easily persuaded, they may target them again and again. This could allow them to scam users out of thousands of dollars.
For those interested to see what tech support scams actually look like, there are some great creators on YouTube who make educational/entertaining videos where they engage tech support scammers in order to waste their time and prevent more victims. Software engineer Jim Browning regularly makes videos baiting and investigating tech support scam call centers, while streamer Kitboga engages with scammers to aggravate them for hours at a time.
Money losses caused by tech support scammers
The Internet Crime Report by the US Federal Bureau of Investigation (FBI) has revealed that losses from tech support scams have increased by 137% in 2021, causing more than $347 million in damages to users all over the world. FBI’s IC3 (Internet Crime Complaint Center) has received 23,903 complaints related to tech support scams from victims in 70 countries in 2021. The majority of victims (~60%) are reportedly over the age of 60.
Source: IC3’s Internet Crime Report for 2021
In one case, a man with Parkinson’s was scammed out of nearly $100,000 during a period of 7 months after scammers contacted him to provide “technical services”. The scam was uncovered only after the man’s death. In another case, a 90-year-old woman was scammed out of $20,000 when tech support scammers contacted her to “provide help” and asked her to wire money for the provided services. Scammers used scare tactics to frighten the woman and even trained her to answer a bank employee’s questions so as not to arise suspicion that she may be getting scammed.
But older people are not the only ones losing money to tech support scams. A survey by Microsoft released in 2018 revealed that those born between 1981 and 1996 were the most vulnerable to tech support scams because they tend to engage in riskier online behavior (e.g. using torrents) and are overconfident in their online expertise.
Source: Global tech support scam research (2018) by Microsoft
In a 2021 survey, Microsoft revealed that younger consumers remained most at risk for the same reasons.
Source: Global tech support scam research (2021) by Microsoft
Interestingly enough, while it appears that the younger generation encounters fewer tech support interactions compared to 2018, they are now more likely to lose money to scammers.
Source: Global tech support scam research (2021) by Microsoft
How to identify tech support scams
As long as users know what to look for, tech support scams are fairly easy to spot. Here are some of the easiest ways to identify a tech support scam:
- Unsolicited contact from companies like Microsoft/Apple
Tech support scammers always claim to be from legitimate companies like Microsoft and Apple. Because these companies are well known, it’s supposed to give them some credibility and make the scam seem more convincing. As we already explained, scammers always reach out first in some form, whether it’s a phone call or a virus alert. But companies like Microsoft and Apple will never make unsolicited contact with any of their users. So every single phone call from them will be a scam unless it’s been arranged by users beforehand.
- Browser pop-ups claim your computer is infected with a virus
Browser pop-up tech support scams are always very easy to identify. Tech support scam virus alerts always pop up in a browser, and that’s an immediate giveaway. Legitimate virus alerts can only be shown by an anti-virus program, never by a browser. Therefore, every single virus alert that appears in a browser will be some sort of scam, whether it’s promoting fake tech support or questionable programs.
- Virus alerts have a phone number
In addition to Microsoft and Apple not reaching out to their users unsolicited, their pop-up alerts will never display phone numbers for tech support. Nor any other legitimate company’s alerts for that matter. But as we’ve explained and shown in examples, tech support scams show phone numbers for users to call. So it’s safe to say that every single alert with a phone number will be a scam of some kind.
- Payment for services requested in gift cards
In many cases, to avoid being tracked, tech support scammers request payment for “services” to be paid in gift cards. Victims are asked to purchase certain gift cards (Google Play, Apple, etc.) and then to dictate the numbers. In the US, stores selling gift cards are familiar with these types of scams and often inquire further when they notice someone (particularly the elderly) purchasing gift cards worth hundreds of dollars. There are also various warnings displayed in such stores, informing people that they may have become a victim of a scam.
In short, if you were on the phone with tech support, and they suddenly request payment for the services to be made in gift cards, it’s a scam.
What to do if you’ve fallen for a tech support scam
- Uninstall all programs installed by scammers
Whatever you were asked to install (or scammers installed themselves when they had remote access), you need to remove it.
- Run a scan of your computer with anti-malware software
If you allowed scammers remote access to your computer, they could have installed questionable programs or outright malware onto your device. Scan your computer with an anti-virus program just in case there’s something that shouldn’t be there.
- File a report with law enforcement
It’s very likely that the people behind the tech support scam are located overseas so it’s unlikely that they will be apprehended if you file a report. Nonetheless, it’s worth contacting a law enforcement agency to file a report. This allows law enforcement agencies to gather valuable data and prevent more victims by issuing warnings.
- Contact your bank to contest the charges if you paid them via payment card
If you made the payment with your card, you need to immediately contact your bank to dispute the charges as well as potentially replace your card. If you paid in gift cards, there’s no way to get your money back but if you used your card, your bank may be able to refund you the money. But the most important thing you need to do is cancel your payment card if you provided its details to scammers. Having your card details would allow cybercriminals to make unauthorized transactions and steal your money.