You are currently viewing Tech support scams revisited

Tech support scams revisited

Hundreds and thousand of people complain about technical support scams from all over the world. The scammer generally claims to be either an employee or an affiliate of a major computer software or security company offering technical support to the victim. Recent complaints showed that the scammer claims to be a technician or agent for a cable or Internet company to offer assistance with digital cable boxes and connections, modems, and routers. The scammer claims the company has received notifications of errors, viruses, or security issues from the victim’s internet connection. Subjects are also claiming to be part of government agencies to resolve computer viruses and threats from possible foreign countries or terrorist organizations. From January 1, 2016, through April 30, 2016, the IC3 received 3,668 complaints with adjusted losses of $2,268,982.

Technical Details

Initial contact with the victim occurs by different methods. Any electronic device with Internet capabilities can be affected, whether it’s a PDA, smartphone or a pc.

  • Telephone: This is the traditional contact method. Victims receive a cold call from a person who claims the victim’s computer is sending error messages and numerous viruses were detected. It has been reported that the scammers have strong foreign accents.
  • Pop-up message: The victim receives an on-screen pop-up message claiming their device is being attacked by viruses. The message includes a phone number for technical assistance.
  • Blue Screen of Death: Victims have reported that they received a frozen, locked screen with a phone number and instructions on how to contact a tech support company. Some victims report being redirected to alternate websites before the Blue Screen Of Death occurs. This has been particularly noticed when the victim was accessing social media and financial websites.
  • Pop-up messages and locked screens are sometimes accompanied by a recorded, verbal message to contact a phone number for tech support.

Once this phony tech support company makes contact with the victim, the scammers tries to convince the victim to provide remote access to their device.

If it is a mobile device like a tablet or smartphone, the subject often instructs the victim to connect it to a computer in order to fix it. Once the subject is remotely connected to the device, they claim to found multiple viruses, malware, and/or scareware that can be removed for a fee. Fees are collected via a personal debit or credit card, electronic check, wire transfer, or prepaid card. A few instances have been identified where the victim paid by personal check.

Different types and trends:

This particular sort of scam has a multitude of variations. An increasingly reported variation of the scam occurs when the subject contacts the victim offering a refund for tech support services previously rendered because the company who offered them, has closed down, for whatever reason.

The victim is convinced to allow the scammer access to their device and to log into their online bank account to process the refund. The perpetrator has full control of the victim’s device and bank account. With this access, the scammer appears to have “accidentally” refunded too much money to the victim’s account, and requests the victim wire the difference back to the phony company. In reality , the subject transferred funds from the victim’s own accounts like savings, check, retirement, etc. This makes it appear as though the funds were deposited. Without even knowing until later, the victim transfers money to the phony company, which came from one of their own accounts. The victim can in fact lose thousand of dollars due to the refunding and wiring process.

Victims have also reported that subjects are becoming more hostile, abusive, and using vulgar language and threats when being challenged by victims.

Additional Threats:

  • The victim’s device and/or bank account can be held for ransom and won’t be released until the ransom is paid.
  • The subject can access computer files that may contains sensitive information such as financial accounts, login details, health records, etc.
  • Viruses or spyware may intentionally be installed on the victim’s device.
  • The subject threatens to destroy the victim’s computer or keeps harassing the victim with phone calls.

Protecting yourself from tech support scams

  • Recognize the attempt and cease all communication.
  • Resist the pressure to act quickly. Subjects do this to create a sense of urgency and lure the victim into immediate action.
  • Never give unknown, unverified persons remote access to devices or accounts. A legitimate software or security company will not contact the customer, unless the customer has initiated contact or made a request to be contacted.
  • Ensure that all anti-virus, security and malware protection is up to date and activated. Some victims have in fact reported that their antivirus software provided warnings prior to the attempt.
  • If a victim receives a pop-up or locked screen, the devices can be shit down. Some victims report that shutting down the device and waiting for a short period of time to restart, usually removes the pop-up or screen lock.
  • If a subject gains access to a device or account, victims should take a few precautions to protect their identity. They should immediately contact their financial institutions to place protection on their accounts, and monitor their accounts and personal information for suspicious activity.

Reporting the incident

Individuals who believe they may have been a victim, can file a complaint with the IC3 at

In order to report a tech support scam, please be as descriptive as possible in the complain including:

  1. Name of the subject and company.
  2. Any phone numbers and email addresses used by the subject.
  3. Website used by the subject company.
  4. Account names and numbers and financial institutions that received any funds through any method.
  5. Description of interaction with the subject.

Please keep all the original documentation, emails, faxes and logs from your communication with the subject, as this can help in the investigation.