Tech support scams pose a growing threat to organizations, exacerbated by the complexity of software licenses, the diversity of user bases, and the fast-paced nature of the way businesses of today operate. These scams can cause significant disruption and pose serious security threats to your operations. Scammers employ a variety of tactics, including phony support calls, malware-laden pop-ups masquerading as antivirus software alerts, and fake error messages on websites that urge you to call for help.

The Incident

One of our clients faced a critical situation when they needed assistance with Sage software. Without a second thought, they turned to Google and dialed the first support number that appeared in the search results. Unfortunately, the number they called was not for legitimate Sage support but a fraudulent site poised to exploit vulnerable users. The scammer on the other end attempted to gain unauthorized access to our client’s computer system.

Thankfully, due to our proactive installation of SentinelOne on their computer, the malicious attempt was blocked. However, by then, our client had unfortunately already granted access and even made a payment to the scammer. This incident underscores the cunning tactics used by cybercriminals and the critical need for vigilance and continual education about these types of scams.

Tips to Avoid Tech Support Scams

1. Verify Support Numbers and Avoid Search Engine Traps: Always double-check the contact information for tech support through the official company website. Do not rely solely on search engine results and bookmark official websites for the products you use.
2. Look for Red Flags: Be wary of unsolicited calls or messages claiming to be tech support. Legitimate companies do not proactively request access to your devices unless support is explicitly requested by you. Always be cautious of incoming emails, links to websites and social media post links.
3. Beware of False Urgency and Trust Your Instincts: Scam artists often like to create a sense of urgency to try and trick you into making a quick decision. If it feels wrong in your gut, it most likely is.
4. Do Not Share Personal Information: Never share passwords or give remote access to your computer to someone whose identity you cannot absolutely verify as trustworthy.
5. Use Secure Payment Methods: If payment is necessary, ensure it is done through secure, traceable means. Avoid using untraceable methods like wire transfers or gift cards.
6. Educate Your Team: Regular training sessions on cybersecurity can help your staff recognize and avoid scams. This is crucial in building a resilient defense against various cyber threats.

Tech Support Scams in the News

There have been some significant tech support scams reported recently that have been making big news. For instance, fraudsters have continued to use sophisticated techniques, evolving beyond simple phone calls and fake pop-ups to include emails that mimic legitimate companies. They often trick victims into downloading remote desktop software under the guise of processing refunds or fixing issues, which then allows them to access and steal from the victim’s bank accounts​ (ESET Community)​.

The Federal Trade Commission (FTC) has been actively combating these scams by targeting payment processors that facilitate these fraudulent activities. Recently, a multinational payment processing company was fined for processing credit card payments for tech support scammers, highlighting the ongoing challenge and the extensive networks these scammers use​ (Malwarebytes)​.

These examples illustrate the growing sophistication and persistence of tech support scams, underlining the importance of vigilance and education in protecting against these types of cyber threats.

What to do if You Fall Victim to a Tech Support Scam

If you suspect that you’ve fallen victim to a tech support scam, act quickly to minimize potential damage.

1. First, if you made a payment, contact your bank or credit card provider immediately to dispute the charges and to secure your accounts.
2. Change any passwords that may have been compromised during the interaction.
3. If you granted remote access to your computer, disconnect it from the internet and perform a thorough scan using reliable security software to detect and remove any malicious software that may have been installed.
4. Report the scam to the appropriate authorities, such as the Federal Trade Commission (FTC) in the U.S., to help prevent others from falling prey to similar scams. Remember, documenting all communications with the scammers can be helpful when reporting the incident.

Conclusion

This incident that happened to our client that we’ve described in this blog was specific to Sage software but honestly could have happened with any of the many software technologies our customers use. Falling victim to a tech support scam can be a distressing and costly experience, but it’s preventable with the right knowledge and precautions. At V2 Systems, we equip our clients with a customized cybersecurity plan to fit their business needs, their budget, a dedicated engineer, top-tier protective software like SentinelOne and 24/7 support to safeguard their digital environment.

By Kelly Weist

Contact Us

Concerned about your cybersecurity? Contact us today to schedule a complimentary two-hour cybersecurity consultation. Our experts at V2 Systems are dedicated to ensuring your business is protected from all types of cyber threats. Let us help you secure your operations and achieve peace of mind.

Since 1995, V2 Systems has employed local systems administrators, network engineers, security consultants, help desk technicians and partnering companies to meet a wide range of clients’ IT needs, from research, to implementation, to maintenance. Concentrate on your VISION…We’ll handle the TECHNOLOGY!