Anti-Phishing, DMARC , Email Threat Protection , Endpoint Security

Google Promises Crackdown on 'Tech Support' Fraudsters

But Tech-Support Fraud Is Surging via Cold Calls, Phishing and More, FBI Warns
Google Promises Crackdown on 'Tech Support' Fraudsters
One prevalent tech support scam (Source: U.S. Federal Trade Commission)

"Hi, I'm calling from Windows technical support. We have detected a problem with your computer."

See Also: The State of Organizations' Security Posture as of Q1 2018

So goes the well-worn scam, often pursued via cold calls, backed by tech-support boiler rooms. Scammers may also send unsolicited emails, place advertisements with search services, craft software that locks PC windows, launch phishing attacks or trigger website pop-ups. One such scam reads: "Virus detected! Call now for a free security scan and to repair your device."

Beloved by fraudsters, such scams have proliferated for years, preying on the less technologically sophisticated to try and turn a quick buck. Unfortunately, they've proven impossible to eradicate, leading to mounting monetary losses for victims, not to mention hassles.

"Their plan is to get your money by selling you worthless software, enrolling you in fake programs or getting you to pay for useless tech support," often by enticing victims to immediately call a toll-free number, Carol Kando-Pineda, an attorney with the U.S. Federal Trade Commission's Division of Consumer and Business Education, warns in a blog post.

"When you call, the scammer might ask you to give them remote access, pretend to run a diagnostic test or tell you they've found a virus or other security issue," she says. "They try to sell you a security subscription or other "services" that range from worthless - for instance, they're available for free elsewhere - to malicious - they install dangerous software that can help them steal your personal information."

Tech Support Fraud: Typical Attack Chain

Source: Microsoft

Many tech-support fraudsters, once they get a victim on the phone, attempt to trick them into installing remote-control software such as TeamViewer. The fraudster then pretends to run scans that - inevitably - reveal evidence that the PC has been "hacked" and urgently needs expensive security software to repair and protect it.

In one incident, shared by Matt Suiche, an incident response expert who runs Comae Technologies in Dubai, fraudsters phoned a would-be victim - in reality, an information security expert - who gave them remote access to a virtual machine so he could watch what they were doing.

"System has been hacked from Russia," the attackers entered into a Windows command-line prompt, intending to scare their would-be victim.

Tech Support Fraud Increases

Despite these types of scams having been around for years and well documented, losses from such attacks appear to have been surging. The FBI's Internet Complaint Center, IC3, says that last year, it received roughly 11,000 tech support fraud complaints from U.S. victims. "The claimed losses amounted to nearly $15 million, which represented an 86 percent increase in losses from 2016," it says. "While a majority of tech support fraud involves victims in the United States, IC3 has received complaints from victims in 85 different countries."

Reputations are also under attack. Scammers often pretend to hail from technology giants - especially Microsoft and Apple - as well as from law enforcement or government agencies, leaving all of those organizations having to explain such scams to victims defrauded in their name.

Microsoft says it receives 12,000 reports of such fraud per month, and it saw a 24 percent increase in such complaints last year. It has issued detailed recommendations, including preventive advice, for anyone who suspects they may have been a victim of such scams.

Fraudsters Advertise

One engine of tech-support scammers' ongoing success is their ability to use - or procure - search engine optimization tactics that allow them to pretend to be legitimate enterprises.

On Friday, the Wall Street Journal reported that the first hit for a search it recently conducted on Google for "Apple tech support" returned a result that linked to Apple.com and listed a toll-free telephone number, along with this message: "Get instant help from our experts." The newspaper, however, reports that the phone number didn't lead to Apple, but rather to a known tech-support scam outfit.

Google Promises Verification

Google has eradicated that listing and also promised to make it harder for fake tech-support outfits to advertise their services, as part of its efforts to combat "misleading, inappropriate and harmful ads."

"We have teams of engineers, policy experts, product managers and others who wage a daily fight against bad actors," David Graff, Google's director of global product policy, says in a blog post, noting that the technology giant currently nukes hundreds of bad advertisements per second.

"When we see an increase in misleading or predatory behaviors in specific categories, we take additional action," he says. "For example, we've banned ads for payday loans and bail bonds services and developed advanced verification programs to fight fraud in areas like local locksmith services and addiction treatment centers."

Graff says Google will soon also begin restricting all advertisements by third-party technical support providers. "For many years, we've consulted and worked with law enforcement and government agencies to address abuse in this area," Graff says. "As the fraudulent activity takes place off our platform, it's increasingly difficult to separate the bad actors from the legitimate providers."

Accordingly, he says that before the end of the year, Google plans to "roll out a verification program to ensure that only legitimate providers of third-party tech support can use our platform to reach consumers."

Using SEO techniques to trick people into seeing tech-support advertisements placed by fraudsters is just one tech-support tactic. Accordingly, Google's move won't eradicate such scams. But Graff says it will hopefully make it harder for them to proliferate.

Victims: Report Fraud

Authorities urge tech-support scam victims to always report such crimes. "The more often fraud and scams are reported, the better equipped law enforcement can be to address the issues," IC3 says.

Contact points vary by country:

Microsoft says tech support victims can also report such scams to the company. "If you have been contacted by someone claiming to be from Microsoft and felt it was a scam, you can help us stop these fraudsters by reporting all information about your interaction with them," Microsoft says on a dedicated "Report a Scam" page on its site. "The information you provide will assist Microsoft in ongoing investigations with law enforcement as we take appropriate action against businesses targeting our customers."

Tech Support Fraud: Some Justice

While not every report will lead to arrests, authorities say they help. In the U.S., for example, the FTC has pursued dozens of actions against such fraudsters, including arrests and charges that have led to guilty pleas.

In May 2017, the FTC and the state of Florida announced settlements involving Florida-based Big Dog Solutions, which also did business as Help Desk National, Help Desk Global, PC Help Desk US, Inbound Call Specialist and CJM Consulting.

In January, the FTC said that as a result of those settlements it was dispersing more than $668,000 to 3,791 victims of the tech-support scammers, averaging about $176 per victim.

In April, meanwhile, Bob Ferguson, Washington state's attorney general, won a $6.3 million judgment against iYogi, as well as its Indian parent company, which he had accused of scamming customers by pressuring and deceiving them into buying unnecessary technical support software and services. "This lawsuit shut down a major international tech support scammer," Ferguson said.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.