8 / 11 - 12

南港展覽二館

Resilience Matters

韌性決勝

資安新知 Cyber Insight

Tech Support Scams and What They Mean

    分享這篇文章:

Teamviewer Channel Account Manager

Since 2008, Tech Support scams have been raking in millions of dollars annually, with victims often paying several hundred dollars in the false belief that the person on the other end is helping them to prevent a far greater danger from infecting their computer. Driven by advances in technology and software that allow for a third party to control the victim’s computer remotely, tech support scams are incredibly profitable. However, before the scammer gains access to the computer remotely, the scam begins with the use of older, more humble technology: an email or a phone call.
 

How Scammers Operate
One of the best methods of protection against a tech support scam is knowing how they operate. Majority of these scams begin with a phone call or an email from a supposed tech support agent requesting they receive a call back to solve a fake problem. In one popular tactic, the scammer pretends to be a Windows support agent. Another method exploits web page features, creating a page that opens full-screen and cannot be closed easily. The web page states that the computer is infected with several pieces of malware and the user needs to contact the number provided.
Regardless of the scammers’ chosen method—be it a phone call, email or a web page that fails to close—the main aim is to get in contact with potential victims. Then the next phase of the scam begins: trying to gain the potential victim’s trust by being a supposedly legitimate agent for a company. Several tactics are used to accomplish this, from simply providing a fake agent number to the victim to using Windows tools to convince them that there is indeed a problem with their computer.
The use of Windows Event Viewer has become a popular tactic used to convince the victim that their computer is infected. Event Viewer operates as a system monitor, tracking the performance and activity of the computer. This includes showing errors, which often are used to provide the evidence of a system under attack. In reality, generating errors is normal for computers. In other cases, scammers have gone so far to direct the user to a link or email attachment that will download a piece of malware in an attempt to prove their legitimacy.
Remote Access
The above tactics are an insidious use of social engineering and exploiting people’s lack of technical know-how. If the scammer is successful, the scammer them tries to gain remote access to the target computer. Legitimate remote access software often is abused by scammers, who convince the victim to download the program and allow the scammer, who they believe to be a tech support agent, remote access to the computer.
Once this occurs, the scammer can install malware such as ransomware, adware packages to generate ad revenue, keyloggers or banking trojans to steal online banking credentials. To add insult to injury, the scammer then demands payment for their service once they have “protected” the victim from further attacks, demanding anywhere between $100 USD and $600 USD.
Payment can also be done in several ways. In the past, scammers would ask for the victim’s credit card information, which put the credit card at risk for future fraudulent purchases. But a crackdown by credit card companies and the inclusion of newer payment verification methods have forced scammers to move away from demanding payment directly. In one case, the scammer demanded that the victim purchase Google Play Store cards preloaded with the requested amount.

How to Spot a Tech Support Scam
One of the first telltale signs of a tech support scam is an unsolicited phone call or email. Legitimate tech support agents do not contact customers in this way. Recipients should simply hang up or not reTech Support Scams: What and How
Tech Support scams rake in millions of dollars annually, with victims often paying hundreds  of dollars, believing that the person on the other end is helping them to prevent a far greater danger from infecting their computer. Driven by advances in technology and software that allow for a third party to control the victim’s computer remotely, tech support scams are incredibly profitable. 
How do scammers operate
One of the best methods of protection against a tech support scam is knowing how they operate. Majority of these scams begin with a phone call or an email from a supposed tech support agent requesting they receive a call back to solve a fake problem. In one popular tactic, the scammer pretends to be a Windows support agent. Another method exploits web page features, creating a page that opens full-screen and cannot be closed easily. The web page states that the computer is infected with several pieces of malware and the user needs to contact the number provided.
Regardless of the scammers’ chosen method—be it a phone call, email or a web page that fails to close—the main aim is to get in contact with potential victims. Then the next phase of the scam begins: trying to gain the potential victim’s trust by being a supposedly legitimate agent for a company. Several tactics are used to accomplish this, from simply providing a fake agent number to the victim to using Windows tools to convince them that there is indeed a problem with their computer.
The use of Windows Event Viewer has become a popular tactic used to convince the victim that their computer is infected. Event Viewer operates as a system monitor, tracking the performance and activity of the computer. This includes showing errors, which often are used to provide the evidence of a system under attack. In reality, generating errors is normal for computers. In other cases, scammers have gone so far to direct the user to a link or email attachment that will download a piece of malware in an attempt to prove their legitimacy.

Remote Access
The above tactics are an insidious use of social engineering and exploiting people’s lack of technical know-how. If the scammer is successful, the scammer them tries to gain remote access to the target computer. Legitimate remote access software often is abused by scammers, who convince the victim to download the program and allow the scammer, who they believe to be a tech support agent, remote access to the computer.
Once this occurs, the scammer can install malware such as ransomware, adware packages to generate ad revenue, keyloggers or banking trojans to steal online banking credentials. To add insult to injury, the scammer then demands payment for their service once they have “protected” the victim from further attacks, demanding anywhere between $100 USD and $600 USD.
Payment can also be done in several ways. In the past, scammers would ask for the victim’s credit card information, which put the credit card at risk for future fraudulent purchases. But a crackdown by credit card companies and the inclusion of newer payment verification methods have forced scammers to move away from demanding payment directly. In one case, the scammer demanded that the victim purchase Google Play Store cards preloaded with the requested amount.

Spotting a Tech Support Scam
One of the first telltale signs of a tech support scam is an unsolicited phone call or email. Legitimate tech support agents do not contact customers in this way. Recipients should simply hang up or not respond. Those needing support can search the web for the correct number—legitimate companies will have their numbers registered and customers can check the company contact details via official correspondence.
In addition, users should know what software is being installed on their computer. When in doubt, leave it out. However, this may more difficult to adhere to, as tech support scammers use legitimate software to gain remote access.spond. Those needing support can search the web for the correct number—legitimate companies will have their numbers registered and customers can check the company contact details via official correspondence.
In addition, users should know what software is being installed on their computer. When in doubt, leave it out. However, this may more difficult to adhere to, as tech support scammers use legitimate software to gain remote access.

更多精彩的 Cyber Insight