Archive 2008 - 2019

Technical Support Scams

by Matthew Payton

    Technical Support Scams are nothing new, unfortunately Bit Bull Computer Services has encountered two such instances recently where citizens of Holliston were being victimized by these fraudulent calls, and alerts on their personal computers.  So we wanted to take a moment to help educate the layman on how to identify, prevent, and recover from these types of assaults.

Here’s how it happens: Scammers contact the user either through a call, or alerts on the machine in question, and claim to be associated with a well-known tech support company relevant to a device owned by the targeted user such as Amazon or Microsoft. Users are then informed that their device is infected, and they must take action immediately.

Once the scammer has convinced you remote assistance is needed, a fee is of course required before the issue in question can be resolved, and here is where circumstances quickly go sour. Any financial information provided is recorded, and sold to a third party, and the device in question is commonly infected with a rootkit so it can be accessed in the future without your permission.

  To protect yourself ensure you do not purchase any software or services, or grant remote access unless you can confirm the authenticity of the session. Moreover ensure you’re recording the information of the company and representative with whom you are speaking, so it can be reported to the authorities in the event circumstances dictate it appropriate. Supporting local businesses is also a phenomenal way of ensuring you’re communicating with a trust worthy source, who is both qualified and dedicated to resolving your problem, and can prevent many of these hassles from ever occurring.

Comments (2)

Mr. Samtora, while operating on a general consensus where sensitive data provided to callers is limited is generally a good policy, in today's day and age that quite simply isn't good enough. Many companies such as Apple, Amazon, Microsoft, and Heward Packett offer extensive remote assistance services, which allow individuals and small to medium sized businesses to operate on a "hands off basis", enabling easier access and smoother functionality for the user. Unfortunately vulnerabilities both on the web, and client side on the users systems, commonly enable hackers to exploit a tactic known as a session hijack to locate and use data normally reserved to authenticate a session either over the phone, or through machine in question, thus victimizing the user. Therefore it is always a good idea to ensure any circumstances of this nature are thoroughly documented regardless of their origins, and that system security is maintained only through verifiable sources.

Matthew Payton | 2015-12-30 10:56:41

Or better yet - never give your financial account information over to anyone who randomly calls you on the phone or emails you. Duh.

John Samtora | 2015-12-30 05:41:06