Internet security experts are seeing that tech support scams are on the rise. Malicious alerts are popping up on screens whilst you browse the Web, warning that a phone call to a support hotline is needed. Should you pick up your phone and dial that number, you will likely end up having a criminal remotely controlling your mouse and stealing your money or identity.
You can be peacefully surfing the Internet, searching for webpages or images. Suddenly, a full screen message warns you of a dangerous virus on your computer. The message often looks very formal, using a comprehensive design, or the logos of Microsoft or even that of your security suite antivirus provider. Obviously, in most cases, any attempt to ignore or close the window is impossible as it refuses to go away or it reappears instantly.
As if by magic, this alert provides you with a telephone number that you are urged to call immediately if your computer is to be rescued and repaired. Some of the companies involved in the universe of cybercrime have made this kind of scam their speciality. They disguise themselves as experts on remote technical assistance, pretending to act on the behalf of famous high-tech companies. They take advantage of the fears and dismay of Internet users who believe that their computer is infected, only to then undertake all kinds of reprehensible actions.
What happens if I call the number displayed?
When you call the number displayed, a very friendly correspondent will first seek to reassure you and get you to let your guard down. Although it is sometimes advertised as free, note that the number called is often more expensive. The important thing during these first exchanges is to acquire your confidence and then to guide you through a few steps, usually ending with an installation of some sort of troubleshooting tool. This tool is obviously anything but what it claims to be. It allows the interlocutor to take absolute control of your computer.
At first, it will try:
- To steal your contact address book (to send malicious emails on your behalf to friends and colleagues),
- To retrieve passwords stored in your e-mail software and in your web browsers,
- To steal personal information starting with banking information.
The second step will be to make sure there is a backdoor with malwares installed on your computer allowing them to do more damage. In some cases, they will even try to sell you fake antivirus protection or a fake tool to clean and optimize your PC.
The art of deception
This type of technical assistance scam has existed for several years already, but is experiencing a surge in recent months especially around Europe (mostly in France, England and Germany). There are several variations: in some cases the browser window displayed in full screen mimics the Windows' blue screen of death, indicative of a major system crash.In other cases, the false alert can be in the form of a notification or a popup window that looks exactly like your antivirus alerts.
The common point between all these false alarms remains the insistent invitation (usually the alert does not close or it reappears immediately otherwise) and insists you call a phone number. Please also note that sometimes, the warning of an infection and the offer to help you remotely can also be sent by email. Other times you may even be directly approached by phone. You could receive a call (or a text message) supposedly from Apple, Microsoft or a manufacturer, informing you that your smartphone or PC has apparently been hacked or is infected. Here, you do not initiate the phone call but the trap is all the same.
How to respond to these types of scams?
So what are you supposed to do when approached by a scam? First, never call the number displayed! Turn off the computer and restart it: then the alert will normally have disappeared. If you made the mistake of calling the number displayed on the alert, hang up immediately. And if you’re not sure, or you think you may have been scammed, the next step would be to clean up your computer.
Norton Security users benefit from an active protection against these threats both by Web shields and the IPS built at the core of the software, as shown in the caption below. Also remember that technical support is there to help you in case of any concerns you may have. The publisher is so confident in its ability to protect your PC and service you, that it will refund your purchase of the software in the (improbable) case where the threat could not be eradicated.