The Meridian Blog: Tech News, Tips & More for SMB and Enterprise Environments

Helpdesk Tech Support Scams Target Businesses in the DC Metro Area

Robert Bruce

Posted by Robert Bruce
Tue, Jan 20, 2015

Many IT security attacks happen covertly and entail sophisticated software. Advanced persistent threats, buffer attacks, or unpatched software attacks, just to name a few examples, usually occur behind the scenes and are best defended against with a good security program. Trust your IT department, if you have one, or your managed services provider (MSP), if you don’t, to ward off attacks such as these.

But not even the best IT security system in the world can't protect you from hackers if you personally open the door and let them come into your system. I’m talking about a recent wave of helpdesk tech support scams involving SMS text messages, emails, and even phone calls to unsuspecting consumers and business owners offering free security scans. The good news is that these attacks are easy to defend against; they just take a little awareness on your part. A great place to start is by simply clicking "Read More" for an overview of how these scams work, how to spot them, and how you can protect yourself and your business from them.

Laptop Work-6

How Technical Support Scams Work

These attacks are simple. They involve the age-old technique of one person lying to another. They are really no more sophisticated than a salesman knocking on your door and trying to sell you a bottle of fake medicine. The only difference between the 21st century tech scam artist and the 19th century snake oil salesman is that now con artists use the Internet or the phone system to hawk their phony goods.

You’ve seen the ads — the annoying ones that pop up on your computer screen warning you that your system may be infected — that offer a free security screen online. At best, they charge you money for bogus security software, or anti-virus software that is freely available over the Internet. At worst, they load destructive malware and/or spyware onto your system. But lately, hackers have been using an old-fashioned 20th century tool — the telephone.

The latest version of this phony security scam starts with a phone call. Often, they just get your number — or your company’s number — from another very old source, the telephone directory. Hackers are also very good at collecting loads of personal information about you, and even your company and work colleagues, from social networking sites like Facebook and LinkedIn. Once they have you on the line, they try to sound trustworthy and competent by naming your operating system, bombarding you with a lot of technical jargon, and claiming that some of your files contain viruses. Next, they may ask your permission to access your system so they can “fix” your problem.

Simple Scams, Simple Solution

While many people with even a basic knowledge of computers would laugh at these amateurs and promptly hang up, believe it or not there are a few trusting souls who fall for this scam. It is not their fault. Some of these hackers are very good con artists, and once they get their unsuspecting victims on the phone they can sound very convincing.

They may claim to be from legitimate IT security software firms like Norton, McAfee, Kaspersky, or Malwarebytes. Some claim to be from Microsoft, knowing that the vast majority of personal computers use the Windows operating system. After trying to confuse you with a barrage of technical terms, they may ask to go to your system to perform a series of "tests." Or, they may just cut to the chase and try to sell you a worthless security system. At this point, you should simply hang up the phone because none of these companies, or any other legitimate software firm, would contact a customer in such a manner.

In any case, never give control of your computer to unknown parties who place unsolicited phone calls to you or your business. Also, do not rely on caller ID to authenticate callers. Hackers have software that can display legitimate sounding addresses and phone numbers, even when they are in another country — this is called "spoofing."

Never give financial information or passwords to someone who calls you and claims to be from a tech support firm. If you have concerns that your system may have been compromised, scan it yourself with legitimate security software or consult with a trusted DC managed technology services partner for peace of mind.

Two other great sources of info about these technical support scams are the Federal Trade Commission’s (FTC) website and this article from AARP.

 

Like what you read? Click here to subscribe to our blog and get the latest posts delivered right to your inbox.

Robert Bruce

Ready to Become a Pro?

 Our White Paper can help.

whitepaper-4-key-elements-for-building-your-technology-road-map-thumbnail-3Subscribe to our blog and get your copy of "4 Key Elements to Consider When Building Your Technology Road Map"

You'll learn:

  • What role people play in determining your road map
  • How to build a plan in a multi-device world
  • What types of applications need to be considered
  • How data plays a key role in success

 

Subscribe to get your copy

Leave A Comment

About this blog

News, best practices and more to help you get the most out of your office technology. Whether you're an SMB owner who wears a lot of hats, or an enterprise IT director, facilities manager or just someone who wants to work smarter — this blog has the resources you need to maximize the business impact of all your tech investments. Be sure to subscribe to receive email updates about new posts!

Download our eBook

 
DM_Workbook_Cover_Page.jpg

Download

Sort Posts by Topic

see all