Not so savvy

Duke Winston always thought he was a savvy tech guy because he had a degree in computer science and worked in the IT department for a large corporation. One evening at home he received a telephone call from an individual claiming he was a computer tech working for a major software company.

Winston was impressed with the caller’s knowledge and allowed him to do a “free” security check on his computer to spot viruses or malware. The caller convinced Winston that he’d found malware and told him that not only could he fix the current problem, he’d also protect Winston’s computer from any future viruses or other malware if Winston purchased a new “revolutionary” software program.

Winston purchased the software on a website with his personal credit card. When Winston scanned his credit card statement the following month he noticed that there were thousands of dollars of charges that he didn’t make. He immediately notified his bank and credit card company and was told that he, like many others, had been scammed.

Technical support scams

This case is fictional but represents a common version of the “technical support” scams that have recently ravaged many consumers and generated huge profits for fraudsters.

Technical support scams are very lucrative because fraudsters have a captive audience of electronic device users who know the importance of keeping updated with recent security software and, as a result, will normally listen to spiels about an offer to do a “free” check to spot malware on their computer or “new” software products that they can purchase that supposedly will fix current or future security problems. But, alas, good things sometimes have dire consequences.

Contacting potential victims

The first step in this scam is to contact potential victims. Fraudsters do this in a variety of ways with the intent to target their devices that have internet connections. According to the FBI, in a public service announcement, fraudsters use the following common contact methods:

• “Telephone: This is the traditional contact method. Victims receive a ‘cold’ call from a person who claims the victim’s computer is sending error messages and numerous viruses were detected. Victims report the subjects have strong foreign accents.”
• “Pop-up message: The victim receives an on-screen pop-up message claiming viruses are attacking the device. The message includes a phone number to call to receive assistance.”
• “Locked screen on a device (Blue Screen of Death – BSOD): Victims report receiving a frozen, locked screen with a phone number and instructions to contact a (phony) tech support company. Some victims report being redirected to alternate websites before the BSOD occurs. This has been particularly noticed when the victim was accessing social media and financial websites.”
• “Pop-up messages and locked screens are sometimes accompanied by a recorded, verbal message to contact a phone number for assistance.”

Variations on a theme

There are many variations of the scam, but all of them have the same motive — to rob you of your money and/or personally identifiable information (PII). According to a June 5, 2016, public alert posted on the FBI’s website, “These new tricks have led to a surge in complaints at the FBI’s Internet Crime Complaint Center (IC3), with the agency reporting 3,669 cases that caused victims damages of $2,268,982 only in the first four months of the year.”

In the latest version, the fraudster calls a victim after obtaining his number from a directory. In a January 2014 post by the Federal Trade Commission (FTC), “Once they have you on the phone, they often try to gain your trust by pretending to be associated with well-known companies or confusing you with a barrage of technical terms. They may ask you to go to your computer and perform a series of complex tasks. Sometimes, they target legitimate computer files and claim that they are viruses. Their tactics are designed to scare you into believing they can help fix your ‘problem.’ ” The key here is to avoid the temptation to comply with their wishes.

In another variation of the scam, the fraudster bluffs the victim into thinking he has access to his computer and then attempts to convince him that he’s detected viruses or other malware. Or, if the fraudster contacts the victim via a tablet, smartphone etc., he’ll attempt to convince him to connect it to his computer. Then he’ll tell the victim that he’s detected malware, viruses or scareware that can be removed for a fee to be paid with a debit or credit card, electronic check, wire transfer or prepaid card.

In addition, according to the FTC in the June 2014 post, once the fraudster thinks he has gained the victim’s trust he might try to do one or more of the following:

• Gain remote access to your computer to change your settings, which leaves your computer vulnerable.
• Enroll you in a fake computer maintenance or warranty program.
• Obtain your credit card information for phony services or services you could get for free.
• Install malware that could steal user names and passwords.
• Direct you to websites to obtain your credit card number and PII.

The fundamental basis of most of these versions of this scam is to gain access to the victim’s devices. According to the FBI, once the fraudster gains access, he might:

• Control your device and/or bank account and demand money to regain access.
• Access computer files with PII, passwords and banking account information.
• Install computer viruses.

Fraudsters might also gain access to victims’ PII on their devices by conning them into purchasing software contaminated with malware. Like most other scams, the fraudsters use high-pressure tactics and a sense of urgency to prompt the victims to make irrational decisions that they’ll soon regret. High-pressure tactics in any situation is usually a red flag. The key here is to hang up and call the company directly that the fraudster claims he’s representing. Let it know what happened and one hopes it will alert the public that its name is fraudulently being used in this scam.

Avoid being victimized. The FBI provides these tips:

• “Don’t give control of your computer to a third party who calls you out of the blue.”
• “Do not rely on caller ID alone to authenticate a caller. Criminals spoof caller ID numbers. They may appear to be calling from a legitimate company or a local number, when they’re not even in the same country as you.”
• “Online search results might not be the best way to find technical support or get a company’s contact information. Scammers sometimes place online ads to convince you to call them. They pay to boost their ranking in search results so their websites and phone numbers appear above those of legitimate companies. If you want tech support, look for a company’s contact information on their software package or on your receipt.”
• “Never provide your credit card or financial information to someone who calls and claims to be from tech support.”

The FTC recommends these additional actions:

• Hang up immediately and refuse all contact with the fraudster.
• Don’t act without thinking. Ignore the false urgency and conduct your due diligence.
• Don’t give an unknown person any access to devices or accounts. A legitimate software or security company won’t directly contact individuals.
• Keep your anti-virus, security and malware protection up to date. Some anti-virus software warned victims before they fell into the clutches of the fraudsters.
• If a pop-up or locked screen occurs, shutting down the device immediately can remove them.
• If you realize that you’ve been victimized, immediately contact your financial institutions, monitor your accounts and report it to the IC3 and the FTC.

More help for the community

Please share this information with your family, friends, fellow workers and clients and include it in your outreach programs. The information is very important to all individuals.

Please contact me if you have any identity theft issues you’d like me to research and possibly include in future columns or if you have any questions related to this column or any other cybersecurity and identity theft questions. I don’t have all the answers, but I’ll do my best. Stay tuned!

Robert E. Holtfreter, Ph.D., CFE, CICA, CBA, is distinguished professor of accounting and research at Central Washington University in Ellensburg, Washington. He’s also on the ACFE’s Advisory Council and the Editorial Advisory Committee. His email address is: doctorh007@gmail.com.