Security & Privacy

Social Engineering: Beware of ‘Tech Support’ Scams

Posted on May 4th, 2018 by

Social Engineering Tech Support Scams

It begins with a simple phone call. A scratchy voice, often sounding distant and foreign, introduces the caller as "John," or "Steven," but the accent suggests otherwise. The caller claims to be calling from Microsoft tech support, and says that there's a problem with your computer. If you say that you have a Mac, they either hang up or say, "Yes, sorry, you have a Mac."

And so begins an attempt at social engineering (social hacking), a way of conning people into allowing an unknown person to access their computer, possibly copy files, and eventually getting them to pay for this "tech support." The scammer strings the user along, leads them to supposed "error" messages and malware files on their computer, and gets them to install software allowing the scammer to access their files.

Even though Microsoft recently stated that only 183,000 had reported this type of scam to the company in 2017, that's probably just a fraction of the number of people who get contacted; it's a very common scam. Most tech-savvy people know that this is a scam and just hang up, but as with phishing scams, it only takes a few people to be tricked to make the scam worthwhile.

Social engineering is big business

Tech support scams are a kind of social engineering, a technique that conmen use to persuade people to give them money, or more, for illegitimate reasons. When well executed, scammers can be quite convincing, but these tech support scams tend to be carried out by people in poor countries with limited English skills, making them easy to detect.

Social engineering is used to glean information from users—bank details, credit card numbers, Microsoft logins or Apple IDs. The goal is often to install malware on a user's computer, so they can access it remotely, copy its files, or even lock down a user's documents as part of a ransomware attack.

One security researcher got contacted by a tech support scammer and played along to investigate how the process worked. He did this, he said, because "Many of my family members have received these calls, so I wanted to play the game to see how the scam worked." His video shows how this process happens, and the types of tricks the scammers use.

They start by hooking the victim, and then convincing them that there is an issue. They persuade the user to install remote administration software, so they can take control of the computer. They show the user "threats," which are merely files that users never see. They explain that they can solve the problems for a (not so small) fee. And then they cash in.

Tech Support Scam Process

Tech Support Scam Process (Image credit: Microsoft)

The truth is no one will ever call you out of the blue to tell you that you need tech support on your computer. In some cases, these are just random cold calls hoping to find someone who has a computer; fewer people use desktop computers at home these days, making the targets less common. In other cases, scammers may target people who have shared information about a new computer on Facebook, Twitter, or other social media platforms.

Tech support scams on the Web

These scams don't only occur through phone calls—they also flourish on the Web. You may visit a website and see a dialog suggesting that your computer is infected with malware, and giving you a phone number to contact to get help. Often, these dialogs use the Windows XP interface, but sometimes you see Mac dialogs, like this one:

Apple Security Alert Fraud

It's probably obvious that this is bogus, but the reality is there are plenty of people who fall for these scams. And some of these dialogs look more convincing, but no dialog on a Mac or PC will ever give you a phone number to call to resolve a problem. As with the cold calls, they hope to snag a small percentage of people, because they cast their nets very wide, displaying their messages to millions. If one tenth of one percent of people fall for the scam, that's potentially a lot of money.

If you're reading this, you probably already know about these social engineering scams. What's important is that you tell others—your friends and family, especially older, less tech-savvy people—about this, so they know that when the scammer calls, they should just hang up.

Have you ever been called by a tech support scammer? Ever fallen victim to a social engineering attack? We want to hear you story! Drop us a comment below.

About Kirk McElhearn

Kirk McElhearn writes about Macs, iPods, iTunes, books, music and more on his blog Kirkville. He is co-host of the Intego Mac Podcast, The Next Track, and PhotoActive, and a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications. Kirk has written more than twenty books, including Take Control books about iTunes, LaunchBar, and Scrivener. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →
  • T F

    Yes, I got this scam. I had a problem printing a large pdf file on my HP printer, so I contacted HP online help, which has been an excellent service. Somewhere during my contacting HP, I was redirected to a site called geekworld. They called me and did very much as you describe, getting onto my screen, showing me malware files, etc. It took about 2 hours and cost about $600. After their “work” on my computer I have not had a problem with anything. They also did the same thing to my home computer. Really, both of my Mac Powerbooks work much better now. BUT if they’re seeing my bank account, etc., how do I stop that? I have not noticed anything with my identity being used, etc. If they have my info now, I know it’s too late, but I do want to stop them from doing anything new. Is this documented anywhere officially? Should I contact my state attorney general’s office, or what? Thank you very very much for this information.

    • itasara

      I worry too when I call HP. I have the “real” number and so far I am still under warranty. But I did get an email or call once that sounded like spam. I tried to report it to HP but am not sure they took me seriously. I also worry when I call quicken. There are a lot of issues that come up with quicken and they have to get into my computer to fix it. I can only hope they keep what they see online private. So far in past no of years I have not had any problems with any breeches.

  • itasara

    A few years ago, I was under a bit of stress and my MS word program wasn’t working. I looked up customer support online and got a foreign place that said they would fix it. The accent was of India origin. I had a phone number for them and it did work. I needed this software fixed and this place called Techarex did fix it but charged me a lot of money. I shouldn’t have gone with them. I did bargain with them a little and I had a phone no and when I had further problems I was able to call them. The rep said they were an approved Microsoft customer repair place. I don’t know about that.So It wasn’t exactly a scam, but yes it was in a way and I would never use them again. I most likely would not have had to pay what I did had I called the real Official microsoft number. However, some of these ads on the web are very difficult to decipher and I didn’t know which was really official. This place said they were, but it is very hard to know what it real and what is not.