Protecting Yourself From Tech Support Scams

October is Cybersecurity Awareness Month, and reminding everyone that the Federal Trade Commission (FTC) is warning about a surge in tech support scams is essential. These scams can be challenging to recognize, so it is essential to be aware of them. In a previous blog post, I shared my father’s experience with a fraudster where a company posing as Microsoft’s vendor contacted him with a fake story about a computer issue that needed resolution.

During Halloween, we often receive visits from strangers, mostly kids in costumes. However, being cautious when dealing with people you don’t know is crucial, especially those pretending to be someone else. The last thing you want is to fall for a trick.

You must educate yourself about the basics of cybersecurity, common scams, and the appropriate steps to report them. Familiarize yourself with the warning signs that indicate a potential threat after receiving an unsolicited phone call, email, or pop-up message on your computer. Below are some red flags that you should watch out for, which can help you identify illegitimate advisories:

You receive an unsolicited phone call, text message, or email from an individual claiming to represent a company’s “Tech Support,” “Help Desk,” “IT Department,” or a similar office.

Reputable companies like Microsoft and Apple never initiate contact through phone, text, or personal email. If you receive such communication, don’t engage, hang up, and report the incident to FTC.gov. Inform the spoofed company and prompt an investigation.

You receive an alarming pop-up message on your laptop or another personal computing device. The message warns you about a “major security” issue with your device and instructs you to call a listed phone number.

Do not call unknown phone numbers or answer calls you do not recognize. Even if the caller ID appears to be from a company you recognize, remember that scammers can spoof the caller ID, making their calls appear to originate from a legitimate company.

You receive a call from someone who requests remote access to “fix a problem” on your computer or run a “diagnostic test.”

Never give anyone remote access to your computer. This gives them complete control over anything that you may access online.

You receive a notification that your computer or other personal device has an “issue” and that “virus protection software” must be installed to prevent or repair any issues.

First, take time to think about how the information was delivered to you. Did it originate from an unknown email address or a pop-up message on your computer? If so, it’s likely fraudulent. If it appears to be from a reputable program and you are a paying customer, verify by finding the published contact information for that (legitimate) company and then contact the company to validate the information. If you have reason to suspect a security vulnerability, run a scan using your means and then update your security software.

You receive a message that asks you to click a link or visit a website to install a program on your computer that will repair the “issues.”

These programs will not fix your computer. Instead, they will download malware to your device. Legitimate computer security companies do not advertise via unsolicited notifications.

You are asked to pay for computer repair “services” with a gift card, Paypal transfer, wire transfer, or through an application like Venmo, Zelle, or Cash App.

Legitimate companies will never accept any of these payment methods or channels. If they insist they do, it is likely a scam.

You are asked to share your digital banking credentials or to provide your account numbers as a payment method.

Your banking credentials should never be shared with anyone for any reason. Giving someone your username and password gives a fraudster direct access to your money.

How Can You Protect Yourself From Tech Support Scams?

1. As I suggested, if your computer has a problem, update its security software and run a scan.
2. If you need help fixing a problem, go to someone you know and trust. Most software companies offer support online or by phone. Stores that sell computer equipment also provide technical support in person. My dad went to Geek Squad, and although they couldn’t restore his files (the fraudster did irreparable damage), they were sympathetic and helpful.
3. If you think your bank or service provider login credentials may have been compromised, contact the financial institution or service provider immediately for help.
4. If you think a scammer has accessed your personally identifiable information, such as your social security number or date of birth, you are vulnerable to identifying them. Be sure to put a fraud alert on your credit reports with the credit bureaus to help secure your information.
5. If you think a scammer has accessed your usernames and passwords for websites you have used, change your passwords immediately and add additional security controls, if available.
6. If you believe your identity has been stolen, file a report online at https://www.identitytheft.gov and contact your financial institutions immediately.
7. If you suspect that your data and files have been compromised, update your computer’s security software and run a scan. Delete any files or data your security software identifies as a security issue.
8. If you have used a credit or debit card to pay a suspected scammer, you may be able to stop the transaction. Call the credit card company or financial institution to ask about disputing the charge. That’s what we did for my dad.
9. If you bought a gift card and paid the scammers that way, you may be out of luck. Call the company that issued the gift card and explain the story. Most companies want to fight fraud and will be happy to assist you.
10. Change those regularly if you use identical passwords across multiple accounts and websites.

Laurie Head is the Co-Owner and CMCO of AIS Network. She has been working in the IT industry since the mid-90s.