Protecting Yourself From Seven Tech Support Scams
October is Cybersecurity Awareness Month, so it’s time to remind folks that the FTC is warning of a surge in tech support scams again. Many of these scams are tricky to recognize, so be aware of them. In a previous blog, I mentioned my father’s tangle with a fraudster. In this case, a company purporting to be Microsoft’s vendor contacted him with a fake story about a computer issue that needed to be resolved.
Halloween is the only time of the year that we open our doors to strangers (well mostly, albeit that they’re typically kids in costume), so this is a fitting topic for the season. It all comes down to don’t talk to or deal with strangers puporting to be someone they’re not — unless you want to get tricked.
Do your best to learn about cybersecurity basics, common scams and how to report them. Learn how to spot the red flags after you receive an unsolicited phone call, email or warning pop-up message on your computer. Below are red flags that should give you pause, alerting you that the advisory is not legitimate:
You receive an unsolicited phone call, text message or email from an individual claiming to represent a company’s “Tech Support,” “Help Desk,” “IT Department” or a similar office.
Bonafide companies such as Microsoft and Apple will never initiate contact via the phone, a text message or personal email. They will also not instruct their vendors to do so. If you do receive a phone call like this, don’t engage with the caller. Hang up and report the call to the FTC at FTC.gov. You may also want to let the spoofed company (such as Microsoft as in my dad’s case) know about the scam, so look up their actual contact information and contact them to prompt an investigation.
You receive an alarming pop-up message on your laptop or another personal computing device. The message warns you about a “major security” issue with your device and instructs you to call a listed phone number.
Do not call any unknown phone numbers, and do not answer any calls that you do not recognize. Even if the caller ID appears to be from a company that you recognize, keep in mind that scammers can spoof the caller ID, which makes their calls appear to originate from a legitimate company.
You receive a call from someone who requests remote access to “fix a problem” on your computer or run a “diagnostic test.”
Never give anyone remote access to your computer. This gives them complete control over anything that you may access online.
You receive notification that your computer or other personal device has an “issue,” and that in order to prevent or repair any issues, “virus protection software” must be installed on your computer.
First, take time to think about how the information was delivered to you. Did it originate from an unknown email address or in a pop-up message on your computer? If so, it’s likely fraudulent. If it appears to be from a reputable program and you are a paying customer, verify by finding the published contact information for that (legitimate) company and then contact the company to validate the information. If you have reason to suspect a security vulnerability, run a scan using your own means and then update your security software.
You receive a message that asks you to click a link or visit a website to install a program on your computer that will repair the “issues.”
These programs will not fix your computer. Instead, they will download malware to your device. Legitimate computer security companies do not advertise via unsolicited notifications.
You are asked to pay for computer repair “services” with a gift card, Paypal transfer, wire transfer or through an application like Venmo, Zelle or Cash App.
Legitimate companies will never accept any of these payment methods or channels. If they insist they do, it is likely a scam.
You are asked to share your digital banking credentials or to provide your account numbers as a payment method.
Your banking credentials should never be shared with anyone for any reason. Giving someone your username and password provides a fraudster with direct access to your money.
How Can You Protect Yourself From Tech Support Scams?
- As I suggested previously, if you think there may be a problem with your computer, update your computer’s security software and run a scan.
- If you need help fixing a problem, go to so someone you know and trust. Most software companies offer support online or by phone. Stores that sell computer equipment also offer technical support in person. My dad went to Geek Squad, and although they couldn’t restore his files (the fraudster did irreparable damage), they were sympathetic and helpful.
- If you think that your bank or service provider login credentials may have been compromised, contact the financial institution or service provider immediately for help.
- If you think a scammer has accessed your personally identifiable information, such as social security number or date of birth, you are vulnerable to identity them. Be sure to put a fraud alert on your credit reports with the credit bureaus to help secure your information.
- If you think a scammer has accessed your usernames and passwords for websites that you have used, change your passwords immediately and add additional security controls, if available.
- If you believe that your identity has been stolen, file a report online at https://www.identitytheft.gov and contact your financial institutions immediately.
- If you suspect that your data and files have been compromised, update your computer’s security software and run a scan. Delete and files or data that your security software identifies as a security issue.
- If you have used a credit or debit card to pay a suspected scammer, you may be able to stop the transaction. Call the credit card company or financial institution to ask about disputing the charge. That’s what we did for my dad.
- If you bought a gift card and paid the scammers that way, you may be out of luck. Call the company that issued the gift card and explain the story. Most companies want to fight fraud and will be happy to assist you.
- If you use identical passwords across multiple accounts and websites, be sure to change those regularly.
Laurie Head is an owner of AIS Network.