Increasing numbers of people are getting calls from supposed ‘Tech Support’, but it’s really ‘The Tech Support Scam’. Who are they and why do they do it?
For the past few years I’ve had clients telling me of how ‘microsoft’, ‘bt’, or ‘my ISP’ have called them about their computer issues. It cost some of them over £6000.
Windows Prefetch Folder
‘Hello, we are calling from the Windows and your computer looks like it is infected. Our Microsoft Certified Technician can fix it for you.’
They (the scammers) will usually start by showing you some standard windows files, that are actually safe files, that are part of your operating system, they will claim that each of these legitimate files is in fact a virus in an effort to scare you.
Windows is made up of many thousands of files, The prefetch is sort of a store of files that will be loaded in readiness for their use, they certainly aren’t an indicator that there is a problem. Indeed they improve your windows experience.
Few users delve into these parts of windows, so the tech support scammer will use this against them.
Windows Event Log
They’ll then go on to show Windows event logs – again part of windows, and being windows, there are often warnings and errors shown – These aren’t always critical, in fact in most cases are minor, but the scammer will use these to frighten you that your computer does indeed have serious problems!
They may get you to visit sites showing some of the errors/warnings, or indeed for the legitimate windows file they showed you – Of course usually it’s one of their own sites, shaped to make it look like explorer.exe or whichever file is ‘malicious’.
They will then offer to ‘fix’ the problem remotely – ask you to visit a website where you download sofware, teamviewer is a common one, join.me is another – These sites and applications ARE legitimate, used correctly they are excellent tools – but the scammers are using them for their own means.
Next up they’ll install a whole heap of programs, a fake antivirus being one of the main ones. They’ll then show you all the 1000’s of errors, virri and hackers that are on your system, remember the software is fake and is again only theit to frighten you (and annoy you by popping up every minute!), the scammer will use this false information to talk you into a ‘service plan’ whereby they’ll ‘fix’ your computer. By this point they have access to your files, potentially passwords and other private information on your computer. In rare cases they have also installed other remote access software, enabling them to gain access whenever they like.
More recently they’re installing the Slimcleaner virus, claiming that it will ‘clean’ your PC. Don’t be misled when it reports things that need cleaned or fixed.
Worryingly I’m even seeing some UK ‘technicians’ installing this malware onto computers, and charging people for the privilege of them infecting the computer!
If you see a ‘tech’ installing malware as featured on this page, you know it’s a scam and that the ‘tech’ has little or no knowledge of computers – perhaps they should go back to washing cars for a living! If you’ve fallen victim, take your computer to a reputable repair centre.
Don’t give the scammers ANY card or bank details: We’ve had people paying them anything from £100 to £200 – We’ve even had one case where they changed the windows password without the customers knowledge and demanded £600 to tell them the new password. I’ve had a couple of cases where clients have later had £7000 taken from their accounts.
EDIT: It seems that adding/changing the password files is commonplace for these scammers now – I’ve just let them loose on a test machine and watched their activities. They also offered the option of ‘moneygram’ as a payment option.
So in essence, if they call you – even if they sound convincing, just remember that unsolicited calls are usually some type of scam. Unfortunately sometimes these scams come at very coincidental moments – like the day after you’ve called your ISP – I know from a recent customer that the fraud squad are currently looking into a large ISP and coincidental ‘follow up calls’ from fradusters.
Please pass on this knowledge, perhaps it will save a friend of family member from being scammed. It astounds me that more is not done to inform the public, millions of pounds are going out of our economy each week yet very little is done. Yes it is difficult to police when the fraudsters are cross country boundaries, but much more needs to be done. In many cases I have traced the location of the scammers, I’m not sure that the police and fraud squad even try. Protect yourself – knowledge is an important tool.
Have you have been a victim of the tech support scam? Give us a call or visit the shop for further advice.
Update: The above information is even now more important now that talktalk have admitted that they have lost private customer data, the news is reported it as a hack – I’ve suspected for some time now that it’s more an internal problem whereby someone with access to their database has been selling talktalk customer data to scammers. Be aware, and be sure your friends and family are aware, even if they’re not using talktalk.
Unwanted telephone calls in general? Click the image on the left to hear real call recordings (With information and added humour!)