Old-school internet scams: five that just won’t die
We would like to think that people learn by their mistakes, and given the publicity surrounding certain online scams, nobody would fall for them any more.
Unfortunately, this doesn’t appear to be the case. Scammers are sticking with tried and trusted methods of stealing information and, ultimately, money from their victims.
The keyword for the people who perpetrate these scams is profit, and as long as that profitability remains, there is no compelling reason for them to be retired.
While the average PC Pro reader is surely too savvy to fall for such scams, the people criminals target are the less technically-adept family and friends that our readers provide free IT support for.
Point them in the direction of this feature, or print it out and make sure they read it, and you could save yourself some precious time. Here are our top five old-school scams that are still doing the rounds, and our tips on how to mitigate them.
This is Microsoft calling…
A PC Pro reader contacted us recently to advise he had just been cold-called by someone from the ‘Windows Support Service Centre’ which told him Microsoft had noticed he was downloading infections every time he browsed the Internet with his PC.
They got him to look at the Event Viewer and claimed all the entries under applications were infections and these were causing his PC to run slowly. The solution was to grant remote access (using TeamViewer to keep it simple for the victim) and, no doubt, then pay a fee of some kind.
These kind of ‘IT support scams’ have been ongoing for at least seven years now, and show no sign of stopping. Why would they? All it takes is for the scammer to persuade to victim, and they are always the less technically adept, to look at the Event Viewer in Windows and inform them the list of errors and system messages they see are proof of infection.
The payload for the scammers can be as simple as a one-off fee paid to remove infections that aren’t actually there, by directing the victim to a website where a fake scan will run, or by persuading them to allow the ‘support guy’ to take remote control of the target machine. Other times, scammers will try to convince victims to buy an ongoing subscription to a support service that isn’t needed, or to purchase rogue security software – which, ironically, may install data-stealing malware.
A new twist on the tech support scam has been spotted by researchers at Malwarebytes, moving away from the traditional Windows using victim it has seen the perpetrators moving into the smartphone and tablet arena.
The mobile hardware is simply being used as a way to attack the desktop. The scam works by placing sponsored adverts in search engines that offer Android tech support. When contacted by phone, the scammers get the victim to connect the device to the desktop PC and install remote access software to enable the smartphone or tablet to be accessed and scanned.
Then the usual claim of an infection on the PC, causing whatever problems the victim was having on Android, is made – and the same-old same-old solution of a support subscription to make it go away offered.
To mitigate the risk of falling victim yourself, or more likely a family member less IT-savvy than you, common sense applies. Firstly, Microsoft advise that neither itself nor its partners make unsolicited phone calls in order to charge for security support fixes.