India - The Epicenter of Tech Support Scams......by Gurjot Singh Kaler

Every year, tens of millions of Americans collectively lose billions of dollars to scam callers. According to the Federal Bureau of Investigation (FBI), Indian scammers have fleeced gullible Americans of a whopping $10 billion in 2022. 

According to the FBI's Internet Crime Complaint Center (IC3) Report, in 2022 Tech and Customer Support fraudsters made 32,538 victims with total reported damages amassing $806,551,993 in the US alone.

The biggest cybercrime these days is undoubtedly the tech-support scam which has duped gullible people worth thousands of crores. While a lot of information is generally available in the public domain about other types of cyber-crimes like ATM card cloning, phishing, hacking etc., but very less is known about the tech support scams.

 Most of the victims are not well versed with this dark crime and thus, fall prey to the mischievous tricks of digital scammers. Even the law enforcement authorities are at a sheer loss to understand the deep intricacies of these computer-based cyber tech support scams. 

Hence, it seems to be the right time to talk about it so that we do not become a victim of these high-tech scams and lose our hard-earned money to cyber criminals. 

According to the FBI’s IC3 report, tech support scammers cost victims over $800 million in 2022. Most of the victims of these frauds are elderly above the age of 60 years who are not tech-savvy and are usually gullible because of their old age, lack of awareness, and loneliness. 

According to an official estimate, cases related to ‘tech support’ have risen by more than 130% and have cost the gullible Americans Rs 9,200 crore in the last two years — $347 million (Rs 2,800 crore) in 2021 and $781 million (Rs 6,400 crore) during January-November 2022. 

The ‘tech support’ crimes, in which a pop-up appears on the computer of victims promising to provide technical support, increased 137% in 2021 (over the previous year) and 128% in 2022.

‘Norton’ named technical support scams as the top phishing threat to consumers in October 2021, having blocked over 12.3 million tech support scam URLs between July and September 2021.

Most of these tech-support scams are originating from India and as such, the global prestige and reputation of India is at stake. Even though these tech-support scams are not a national security concern right now, but these have put India at the risk of being labelled as the epicenter or net exporter of internet and call-centre-related swindles.

Th following article has been compiled from a wide variety of knowledgeable sources including various newspapers, website of Federal Trade Commission (FCT), Hewlett Packard (HP), Microsoft, etc., to give a comprehensive understanding of everything related to the ecosystem of tech-support cyber scams. Many points might overlap but it is important to repeat them wherever it feels necessary to augment the reader’s awareness about these deadly money-ripping scams. 

How do Tech Support Scams work – 

Telephone technical support scams are an ongoing threat to technology companies such as HP and their customers. Scammers might call you on the phone and pose as representatives from HP technical or customer support. 

In some cases, scammers mask their originating phone number (Caller ID spoofing) so the calls appear to be from a genuine HP contact number. The scammers attempt to gain the victims trust, and they might employ one or more of the following tactics:

• Try to convince you that your device requires urgent technical support, and then request payment information (such as credit card, debit card, or online gift card) to bill you for phony services.
• Request you to call them back at another time to "complete" a fraudulent technical support case and potentially further the scam.
• Request remote access to your device, or try to convince you to install software that enables remote access to the device.
• Try to trick you into installing malicious software including malware, viruses, or spyware that could capture or jeopardize the security of your personal information, such as online user names or passwords.
• Request you to provide confidential information such as user IDs, passwords, customer support case numbers, or account history.
• Become aggressive and demand that you follow their instructions.
• Tech support scammers want you to believe you have a serious problem with your computer, like a virus. They want you to pay for tech support services you don't need, to fix a problem that doesn’t exist. They often ask you to pay by wiring money, putting money on a gift card, prepaid card, or cash reload card, or using cryptocurrency or a money transfer app because they know those types of payments can be hard to reverse.

Remote access scams occur when scammers pose as tech support agents or use other phishing attacks to dupe you into giving them remote access to your computer. Often, they’ll start by impersonating a legitimate support agent from a tech company or retailer — such as Microsoft, HP, Dell, Apple, Amazon, or the Best Buy Geek Squad. 

Then, they’ll either reach out to you via phone call, text, or email — or create fake websites and pop-ups that fool you into thinking your computer is infected with malware and only they can help you.

 Technical support scams can also attract victims by purchasing keyword advertising on major search engines for phrases such as "Microsoft support". Victims who click on these adverts are taken to web pages containing the scammer's phone numbers.

Scammers may call you directly on the phone and pretend to be representatives of a tech company. They might even spoof the caller ID so that it displays a legitimate support phone number from a trusted company. They'll probably ask you to install applications that give them remote access to your device. Using remote access, these experienced scammers can misrepresent normal system messages as signs of problems.

Scammers might also initiate contact by displaying fake error messages on websites you visit, displaying support numbers and enticing you to call. 

They may also put your browser in full screen mode and display pop-up messages that won't go away, apparently locking your browser. These fake error messages aim to scare you into calling their "technical support hotline".

When you engage with the scammers, they can offer fake solutions for your “problems” and ask for payment in the form of a one-time fee or subscription to a purported support service.

If a scammer gets into your computer remotely using apps like such as TeamViewer, AnyDesk, LogMeIn or GoToAssist., they could do the following things-

• Crawl your hard drive for sensitive data, passwords, and photos. Scammers will quickly collect anything they can use to withdraw money from bank accounts, steal your identity, or extort you for money.
• Install invasive malware or spyware. Scammers can establish ongoing access to your computer without you even knowing it. They do this by installing add-ons or programs onto your computer that continually steal sensitive information or mask what they’re doing behind the scenes. As a result, what you see on the screen isn’t what’s actually happening.
•  Commit identity theft. With all the personal information that they find on your computer, scammers will have everything they need to steal your identity.
• Hold your information hostage. Hackers can download what’s called “ransomware” onto your computer. It locks all of your files unless you pay a ransom. 
• Sell your information on the Dark Web. People who commit fraud and theft on the Internet often make use of the Dark Web. This hidden illegal marketplace is a hotspot for scammers and hackers who buy and sell ready-made packages of people’s personal information to fellow Internet criminals.

Always remember that we never allow any stranger to enter our homes. Similarly, we should never allow any stranger to sneak into our computers sing remote access applications.

Popular scam types

There are several forms of tech support scams, all of which aim to trick you into believing that your computer needs to be fixed and you need to pay for technical support services.

PHONE SCAMS -The Classic cold-call scam.

The scammers call you and claim to be from the tech support team of Microsoft or another company. They offer to help solve your computer "problems". Scammers often use publicly available phone directories, so they might know your name and other personal information when they call you. 

They might even guess what operating system you're using.

Once they've gained your trust, they might ask for your username and password or direct you to a legitimate website to install software that will let them access your computer to "fix it". 

If you install the software and provide credentials, your computer and your personal information are vulnerable. Although law enforcement can trace phone numbers, cybercriminals often use disposable mobile phones, spoofed caller ID, or stolen mobile phone numbers. Treat all unsolicited phone calls with skepticism. Don't provide any personal information. If you receive an unsolicited call from someone claiming to be from Microsoft Support, hang up. They do not make these kinds of calls.

Web Scams

Tech support scam websites make you believe that you have a problem with your PC. You may be redirected to these websites automatically by malicious ads found in dubious sites, such as download locations for pirated software, videos, or music.

These websites may use a fake blue-screen or other system error, or a fake Windows activation dialog box to convince you that there's a problem with your PC that needs fixing.

They can also use the following techniques to make their claim more believable:

-Put the image or your browser on full screen, making the error appear as though it’s coming from Windows instead of the webpage

-Disable Task Manager

-Continuously display pop-up windows

-Play audio messages

All these techniques are meant to persuade you to call the specified tech support number. In contrast, the real error messages in Windows never ask you to call a tech support number.

Other forms of support scams

Some tech support scams may also come in the form of malware. When run, this malware may display fake error notifications about your computer or software, similar to tech support scam websites. However, because they are installed on your computer, criminals will likely use them to perform other malicious actions, such as to steal data or install other malware. 

Scammers may also use other ways to reach you, such as email, text messages, or chat. These messages may resemble phishing emails; however, instead of pointing to phishing sites designed to steal credentials, the links lead to tech support scam websites.

Scammers may also try to convince you to give them remote access by telling you they have money to give you that they can only deliver by connecting to your computer, as seen in the recent FTC refund scam that’s been making the rounds. 

Another very recent refund scam includes asking you to display your online bank account, and putting a fake deposit on your account statement. The scammers then lead you to believe that they made a typo on the fake refund issued and ask for a gift card as a refund to them. 

Once the scammer convinces you to give them remote access, they’ll ask you to install a program such as LogMeIn, TeamViewer or GoToAssist, which allows someone from another computer to operate your computer as if they were sitting right in front of it. 

Normally, these programs are used for legitimate tech support and worker collaboration purposes, but they can also be used by fraudsters for criminal purposes. While the scammer is connected to your computer, they will basically try to pull a high-tech confidence trick on you. 

As part of this trick, the scammer will make it seem like your computer has a problem and that they’re fixing it, but really, they’re just running harmless programs that look strange to most people. 

Some examples include using the Command Prompt tool to generate ominous messages, or opening Temp files in Notepad and claiming that the random characters that show up are a sign of corruption.

 They will then offer to fix the problem for a fee of a few hundred dollars, pretend to repair your computer and take your money, possibly using any credit card or bank details you give them to make additional fraudulent charges in the future. While a scammer has remote access to your computer, it’s highly likely that they will install malware on your device, as well. 

This can be even worse than just conning you out of money, as undetected malware can allow hackers to steal your identity, including your passwords and financial information, over and over again, even if you get new passwords and account numbers.

Pop-up warnings

Tech support scammers may try to trick you with a pop-up window that appears on your computer screen. It might look like an error message from your operating system or antivirus software, and it might use logos from trusted companies or websites. The message in the window warns you about a security issue on your computer and tells you to call a phone number to get help.

If you get this kind of pop-up window on your computer, don’t call the number. Real security warnings and messages will never ask you to call a phone number.

Online ads and listings in search results pages

Tech support scammers try to get their websites to show up in online search results for tech support. Or they might run their own ads online. The scammers are hoping you’ll call the phone number to get help.

If you’re looking for tech support, go to a company you know and trust.

Even if your caller ID says the call is coming from a source you recognize, it’s easy for scammers to spoof their calls to falsify their location. 

Second, legitimate computer companies don’t put their phone numbers on security warnings and advise people to call them, preferring instead to use diagnostic and repair programs as a first line of defense. If you see a pop-up or virus warning on your computer advising you to call a number, it’s a scam. Some of these pop-ups have code that make them hard to close, so if a pop-up is staying stubbornly open, you can force your Internet browser to close by hitting Ctrl + Alt + Delete and opening the Task Manager if you’re using Windows, or Command + Option + Escape if you’re on a Mac. Finally, and most importantly, never give remote access to anyone you don’t know, as doing so lets them bypass a great deal of your cybersecurity.

Four Signs That It’s a Scam

1. Scammers PRETEND to be from an organization you know.

Scammers often pretend to be contacting you on behalf of the government. They might use a real name, like the Social Security Administration, the IRS, or Medicare, or make up a name that sounds official. Some pretend to be from a business you know, like a utility company, a tech company, or even a charity asking for donations.

They use technology to change the phone number that appears on your caller ID. So, the name and number you see might not be real.

2. Scammers say there’s a PROBLEM or a PRIZE.

They might say you’re in trouble with the government. Or you owe money. Or someone in your family had an emergency. Or that there’s a virus on your computer.

Some scammers say there’s a problem with one of your accounts and that you need to verify some information.

Others will lie and say you won money in a lottery or sweepstakes but have to pay a fee to get it.

3. Scammers PRESSURE you to act immediately.

Scammers want you to act before you have time to think. If you’re on the phone, they might tell you not to hang up so you can’t check out their story.

They might threaten to arrest you, sue you, take away your driver’s or business license, or deport you. They might say your computer is about to be corrupted. Resist the pressure to act immediately. Honest businesses will give you time to make a decision. Anyone who pressures you to pay or give them your personal information is a scammer

4. Scammers tell you to PAY in a specific way.

They often insist that you pay by using cryptocurrency, by wiring money through a company like MoneyGram or Western Union, or by putting money on a gift card and then giving them the number on the back.

Some will send you a cheque (that will later turn out to be fake), then tell you to deposit it and send them money.

Know how scammers tell you to pay. Never pay someone who insists you pay with cryptocurrency, a wire transfer service like Western Union or MoneyGram, or a gift card. And never deposit a cheque and send money back to someone.

Avoid Tech Support Refund Scams

"Refund" scams make people believe they've been overcompensated with some bogus refund and trick them into sending cash in the mail to the scammers. Scammers call up unsuspecting victims and pretend to be officials from the tax departments and threaten them with imprisonment for tax fraud and evasion. If someone calls to offer you a refund for tech support services you paid for, it’s likely a fake refund scam. How does the scam work? The caller will ask if you were happy with the services you got. If you say, “No,” they’ll offer you a refund. In another variation, the caller says the company is giving out refunds because it’s going out of business. No matter their story, they’re not giving refunds. They’re trying to steal more of your money. Don’t give them your bank account, credit card, or other payment information.

How to protect against tech support scams:

• Protect your computer by using a firewall. Windows has a firewall already built in and automatically turned on.
• Keep all software up to date. Make sure to turn on automatic updates in Windows Update to keep Windows, Microsoft Office, and other Microsoft applications up to date. Turn on automatic updates for non-Microsoft software as well, especially browsers, Adobe Acrobat Reader, and other apps you regularly use.
• Make sure your passwords are well-chosen and protected.
• Use an authenticated antivirus software and keep it current by downloading latest updates.
• Don’t open suspicious attachments or click unusual links in messages. They can appear in email, tweets, posts, online ads, messages, or attachments, and sometimes disguise themselves as known and trusted sources.
• Browse the web safely. Avoid visiting sites that offer potentially illicit content. Many of these sites install malware on the fly or offer downloads that contain malware. Use a modern browser like Microsoft Edge, which can help block malicious websites and prevent malicious code from running on your computer. Microsoft Edge blocks known support scam sites using Microsoft Defender SmartScreen. Also, Microsoft Edge can stop pop-up dialog loops used by these attackers.
• Stay away from pirated material. Avoid streaming or downloading movies, music, books, or applications that do not come from trusted sources. They may contain malware.
• Don't use USBs or other external devices unless you own them. To avoid infection by malware and viruses, ensure that all external devices either belong to you or come from a reliable source.

It is also important to keep the following in mind:

• Microsoft or HP does not send unsolicited email messages or make unsolicited phone calls to request personal or financial information, or to provide technical support to fix your computer. If you didn't ask Microsoft or HP etc., they won't call you to offer support. If a pop-up or error message appears with a phone number, don’t call the number. Error and warning messages from Microsoft or HP never include a phone number.
• Microsoft or HP will never ask that you pay for support in the form of cryptocurrency like Bitcoin, or gift cards.

Download software only from official Microsoft partner websites or the Microsoft Store. Be wary of downloading software from third-party sites, as some of them might have been modified without the author’s knowledge to bundle malware and other threats.

• Be wary of any unsolicited phone calls or messages warning you they’ve spotted a critical problem with your computer or account that they need to fix. It’s a red flag.
• DO Delete the suspicious messages. If it’s a call, ask for their full name and hang up. If you’re going to call back, use the phone number on their official website, on the back of your membership card, or on a recent statement.
• DON’T Click any links or call any numbers in the message. DON’T Give the caller remote access to your computer or any personal information like passwords or account numbers.
• Be wary of any urgent pop-ups warning you that your computer has a serious problem, telling you not to turn it off, and giving a phone number to call. Real Microsoft error messages do not include phone numbers to call for support.
• DO Restart your device immediately. DON’T Call the number or click any links.
• Never pay for a service using gift cards — anyone who requests payment this way is a scammer.
• HP or Microsoft never contacts customers to provide unsolicited technical support. If you receive an unexpected call claiming to be from HP, you should hang up. Block unwanted calls and text messages. Take steps to block unwanted calls and to filter unwanted text messages.

• Do not rely on caller ID alone to authenticate the caller, as criminals can change the caller ID display to make it appear as though the call is coming from a legitimate HP or Microsoft number. Do not provide any confidential information such as user IDs, passwords, social security numbers, credit/debit card numbers, PINs, or account information. Don’t give your personal or financial information in response to a request that you didn’t expect. Honest organizations won’t call, email, or text to ask for your personal information, like your Social Security, bank account, or credit card numbers.

• Do not transfer funds or agree to make payment in the form of online gift cards.
• Do not give callers remote access to your computer or device.
• Do not install any software suggested by the caller. If you need help fixing a problem, go to someone you know and trust. Many software companies offer support online or by phone. Stores that sell computer equipment also offer technical support in person.

Two Things To Know To Avoid a Tech Support Scam

1. Legitimate tech companies won’t contact you by phone, email, or text message to tell you there’s a problem with your computer.

2. Security pop-up warnings from real tech companies will never ask you to call a phone number or click on a link.

Tech support companies that make outbound unsolicited calls tend to do so because they bought your personal information from a data broker who classified you as a vulnerable target. How would they know you have a problem with your computer? How would they even know you own a computer? Generally speaking, if someone calls you out of the blue claiming your computer has a problem, hang up.

What to do if a tech support scammer already has your info

• Uninstall any applications that scammers have asked you to install. 
• If you have given scammers access to your device, consider resetting it.
• Run a full scan with Windows Security to remove any malware. Run a security scan or contact your security software provider to determine whether malware has been installed on your device.
• Apply all security updates as soon as they are available. To see available updates, select the Start button, then select Settings > Update & Security > Windows Update. 
• Change your passwords immediately. Change the password for your device and all accounts containing personal information, such as email and financial accounts.
• Call your credit card provider to contest the charges if you've already paid. Let them know what happened; they'll probably want to cancel and replace your affected cards to prevent the scammers from using them again.
• Help Microsoft stop scammers, whether they claim to be from Microsoft or not, by reporting tech support scams at: www.microsoft.com/reportascam
• You can also report unsafe websites in Microsoft Edge by selecting Settings and More > Help and Feedback > Report unsafe site when you encounter something suspicious.

Also, notify your local law enforcement agency and get the matter investigated. Write down all details related to the scam call and report the information in America to the FTC at ReportFraud.ftc.gov. Also, report the matter to the FBI’s Internet Crime Complaint Center (IC3). When you report a scam, the FTC uses the information to build cases against scammers, analyses the trends in scamming and pursues the cases in a lawful manner to prosecute the scammers. It also helps to generate the much-needed awareness about such scams and prevents people from falling victim to the tricks of scamsters.

If you are living in Canada, report the scam to Canadian Anti-Fraud Centre. Similarly, in India, the matter can be reported to the Central Bureau of Investigation for taking up with the Interpol. The United States Federal Trade Commission (FTC), along with federal, state, and international law enforcement partners, has initiated “Operation Tech Trap”, an international crackdown on tech support scams. Recently, the CBI launched ‘Operation Chakra’ to hunt down these scammers across India. One of the biggest limitations being faced by the Indian law enforcement agencies with respect to raiding the premises of Tech-Support scams and investigating or prosecuting the scammers is that there are no formal complaints against these scammers as the victims are generally located in America, UK, Canada or Australia. Also, the courts are not tech-savvy enough to understand the latest scam tactics, making it very easy for scammers to get away with certain technical intricacies. Therefore, the loopholes in the law needs to be plugged out to nail down the tech support scammers. Recently, many cyber vigilante groups and tech-savvy individuals like Mark Rober, Jim Browning and Trilogy Media have joined forces to expose these tech-support scammers on their YouTube Channels which is also proving helpful for the general public to understand their tricks and devious mind-games to con the gullible victims. These public-spirited individuals who lure the scammers hiding behind the veil of anonymity afforded by the internet and expose them before the public on social media to increase the costs and risks of scamsters are referred to as scam baiters and their work is also proving beneficial to the law enforcement agencies worldwide.

It is also the responsibility of reputed companies like Microsoft and HP etc., to give full attention to the security of their customers’ devices and personal information as a top priority. They should also continue to investigate tech support scams and implement proactive and preventive measures to combat cybercriminals. These companies also need to be appreciated for regularly reporting such fraudulent cases to the local law enforcement authorities when appropriate and extending cooperation in any related investigations.

The safest approach is to wipe your hard drive and do a clean install of your operating system, but this is a drastic and time-consuming measure. If you have a Windows computer, an easier but still effective option is to use the System Restore feature to roll back your computer to a point before the scam, which can undo malware that the scammer installed. If that isn’t an option for you, at the very least you can install and run a legitimate malware cleaning program on your computer, such as Malwarebytes, and hope it can get rid of the malware. While whichever solution you chose is working, you may also want to disconnect your computer from the Internet in case the scammer left a remote access trojan to let them reconnect to your system. After your computer is clean, you should reset all of your passwords, and possibly install some kind of ad blocking software to keep from getting any more scam pop-ups.

What To Do if You Were Scammed

• If you paid a tech support scammer with a credit or debit card, you may be able to stop the transaction. Contact your credit card company or bank right away. Tell them what happened and ask if they can reverse the charges. Tell them it was a fraudulent charge. Ask them to reverse the transaction and give you your money back.
• If you paid a tech support scammer with a gift card, contact the company that issued the card right away. Tell them you paid a scammer with the gift card and ask if they can refund your money. Cryptocurrency payments typically are not reversible. Once you pay with cryptocurrency, you can only get your money back if the person you paid sends it back. But contact the company you used to send the money and tell them it was a fraudulent transaction. Ask them to reverse the transaction, if possible.
• If you gave a scammer remote access to your computer, update your computer’s security software. Then run a scan and delete anything it identifies as a problem.
• If you gave your username and password to a tech support scammer, change your password right away. If you use the same password for other accounts or sites, change it there, too. Create a new password that is strong. If you have given the scammer your Social Security Number, immediately go to IdentityTheft.gov to see what steps to take, including how to monitor your credit.

Above all, whenever in doubt, stay out.

If you think something is wrong, immediately stop and talk to someone you trust. Before you do anything else, tell someone — a friend, a family member, a neighbor — what happened. Talking about it could help you realize it’s a scam. Prevention is always better than cure.