We’ve become so reliant on our computers that a virus or error message makes the average user queasy. So, it’s not surprising to learn that an estimated 3.3 million U.S. consumers lost $1.5 billion last year to tech support scams.
A 2018 survey by Microsoft found that three out of five consumers have been exposed to a tech support scam in the previous 12 months. And one out of five consumers were tricked into continued engagement with scammers, often leading to victims losing hundreds of dollars to these fraudsters. Globally, Generation Z and Millennials are more likely to fall prey to tech support scams more often, although in America, older generations are also most likely to fall victim.
Here’s more information about what the tech support scam is, what to know, and what to do if you think you’ve been targeted.
What is it?
Scammers try to gain your trust by pretending to be associated with well-known companies or confusing you with a barrage of technical terms, like in the following situations:
- Consumers could get a call from someone claiming to be with a well-known company like Apple, Dell, or Microsoft with a warning that their computer is infected with a dangerous virus that can be fixed if allowed remote access.
- A victim may get a phony e-mail offering a free security scan.
- You may also get a pop-up window on your device that claims a virus has been detected, and you need to call a phone number right away or download software to protect your files.
They might also:
- Trick you into thinking there’s something wrong with your computer, so you feel you need to pay for phony tech support.
- Install malicious software that captures sensitive information and then charge you to remove this software.
- Adjust settings, which leave your computer vulnerable.
- Access your personal, financial, or credit card information.
What to know:
- Know that computer manufacturers and protection-software companies don’t proactively make “personal” phone calls or send email warnings about an infection in a particular computer. When real threats are detected, a security update or warning is usually sent en masse and directly to your computer through the antivirus protection already installed on your machine.
- Don’t be fooled if a phony tech support caller knows your name, address, or even the operating system you’re using. They often select their targets through public phone directories and guess your operating system by citing more popular ones.
- Unless you initiate contact with a trusted technology assistance firm, never give strangers remote access to your computer.
- At least once a week, check for updates in your security software, and run scans several times a week. Turn on automatic updates if they are offered. With automatic updates, you don’t have to search for updates online or worry about missing critical fixes.
- If you’ve already been swindled in this scam, beware of follow-up messages claiming that you’re entitled to a “refund” for fees you already paid. That’s another maneuver that aims to get your bank account information for a supposed direct-deposit reimbursement.
What should you do if contacted or if your computer has been infected?
- Don't stay on the phone with someone who claims to be a tech support person. Hang up and call the company yourself.
- Don't give control of your computer to a third party who calls you out of the blue.
- Don't rely on caller ID alone to authenticate a caller—criminals spoof caller ID numbers. They may appear to be calling from a legitimate company or a local number, when they may not even be in the same country as you.
- Don't provide your credit card or financial information to someone who calls and claims to be from tech support.
- Don't give your password on the phone. No legitimate organization calls you and asks for your password.
- Update your security software and keep your automatic updates turned on. It's best to make sure you have the latest version every week, as the programs are tweaked as criminals make tiny adjustments to the scam.
- Change the password on your computer, email accounts, and financial accounts. Make your passwords complicated, update them often, and do not share them with anyone.
For more information about scams, visit www.aarp.org/fraudwatchnetwork