A technical support scam refers to any class of telephone fraud activities in which a scammer claims to offer a legitimate technical support service.
The scammers may pretend to be from a well-known tech company, such as Microsoft. The scammer will typically attempt to get the victim to allow remote access to their computer so he/she may ask you to open some files or runs a scan on your computer and then he/she tells you those files or the scan results show a problem. The use of Windows Event Viewer has become a popular tactic used to convince the victim that their computer is infected. This includes showing errors, which often are used to provide the evidence of a system under attack. Anyway this is an effective attack vector, because it can give an attacker physical access to network computers. It only takes a matter of seconds for someone to compromise a computer with physical access.
One of the best technological tools at the disposal of a social engineer is a USB thumb drive. These are small, easy to conceal, and can be loaded with different payloads depending on what task needs to be done.
The scammer will often then steal the victim’s credit card account information or persuade the victim to log into their online banking account to receive a promised refund, only to steal more money, claiming that a secure server is connected and that the scammer cannot see the details.
Legitimate remote access software often is abused by scammers, who convince the victim to download the program and allow the scammer, who they believe to be a tech support agent, remote access to the computer. Once this occurs, the scammer can install malware such as ransomware, adware packages to generate ad revenue, keyloggers or banking Trojans to steal online banking credentials. (Source: securityboulevard.com)
In a detailed report on cyberattacks in 2019, FBI put Technical Support Scam at list of most successful attacks. The report states that 13633 people or organizations in the United States were victims of this family of cyber-attacks in 2019. In other words, this family has caused about $54,041,053 in loss to organizations. You can read this report.
How to Protect Your Business?
- If a caller says your computer has a problem, hang up. One of the best ways to protect against phone attack is to know who you are speaking with.
- If you get a pop-up message to call tech support, ignore it.
- Disable USB autorun. Autorun.inf is a file that is put on USB devices and CD’s that automatically run a file when inserted. Also hold shift to keep a possibly infected drive or CD from running the malicious code.
- If you’re worried about a virus or other threat, call your security software company directly, or consult a trusted security professional.
- Never give someone your password.
- Never don’t give remote access to your computer to someone who contacts you unexpectedly.
- You must know who your tech support person is. Unless someone new has been hired, you should have the same technician working on your computer.