The scam relies on social engineering techniques to convince the user of the technicians’ credentials. The scammers call, claiming to be a technical support assistant associated with well-known companies for example Microsoft. They will state that they have detected viruses or other malware on the user’s computer and then trick them into giving them remote access or paying for software they do not need. In most cases scammers can get names and other basic information from public directories and then guess what computer software the computer user is using.
The scammer will ask the victim to log onto their computer so that they can talk them through the fix. They convince the user to visit legitimate websites to download “Remote Access Control” software that will allow them to take control of the computer remotely and adjust settings to leave the computer vulnerable. They may also trick the user into installing malicious software that could capture sensitive data, such as online banking usernames and passwords or remotely install malware themselves. The objective is to compromise internet banking profile credentials for later use. The victim then needs to pay for the service via a credit card and is asked for the credit card details, or is asked to make an internet payment.
Awareness Tips for consumers to avoid falling victim:
- Keep your software up to date, using the latest security patches available.
- Do not give control of your computer to a third party who call you unexpectedly.
- Do not rely on call line identification (CID) alone to authenticate a caller. Criminals spoof CID numbers. They may appear to be calling from a legitimate company or a local number, even when they’re not in the same country as you.
- Never provide your password, credit card or other financial information to someone who calls and claims to be from tech support.
- If you’re concerned about your computer, call a reputed security software company directly and ask for help.