The most successful scams prey on your fears and weaknesses. And, unless you’re a total tech guru (and even if you are), you’re probably afraid of having your online account information stolen or your computer not working.
The newest online cons bank on that worry—literally.
Scammers are using sophisticated tech support phishing scams to try and trick you into giving them access to your computer (and thus all of the information on it). These cons must be working, too. Microsoft’s own data reportedly shows three million people every month get exposed to “tech support” scams.
Here’s what to watch out for and what you can do to protect yourself:
- Calls from Apple Support. Your Caller ID says that Apple Inc. is on the phone. The robocall tells you your Apple iCloud account has been hacked, and you should stay on the line to speak with a representative. A “technician” comes on the line offering to help if you give them remote access to your computer.
- Phishing emails and ads that link to fake tech support sites. You get a legitimate-looking Windows 10 support email. That message redirects you to a fake page that looks like the Blue
Screen of Death or infects your computer with adware so you keep seeing security alert pop-ups (ones that might even lock up your browser). The alerts tell you to call for “tech support” and during that conversation you are asked to either pay for help and/or give the person on the phone remote access to your machine.
In both cases, the people you call are not actually from Apple or Microsoft, despite what your Caller ID or email says. Instead, you connect with scammers, who used a lot of social engineering and trickery to fool you into thinking there’s a problem where there isn’t one.
If you do give a scammer access, according to the Better Business Bureau, they not only can steal information while they’re on your machine, they can install malware that records passwords or looks for bank account numbers and other key personal information even after they disconnect.
What you can do
- Don’t ever give a stranger remote access to your machine. If you need tech support, call for help using a number you look up yourself—that way you can be confident you’re not calling scammers by mistake.
- Take your Caller ID with a grain of salt. The name that appears on your phone’s screen can be faked. If the IRS, Microsoft, Apple, or some other compelling company or agency seems to be calling you, stop and think. Odds are good that none of them would call you directly.
- Learn five ways to spot a phishing scam. Look at the sender’s email address, look for spelling and grammar mistakes, don’t fall for threats, and question any request for information.
- Report it. You can report any phishing attempts with both the FCC and the Better Business Bureau. Sharing your experience could help track scam trends and help others avoid falling for the same con.
If you think you did fall for a scam, better to be safe than sorry and take these six steps to minimize any potential damage—but maybe not using your potentially-compromised computer. Use a device that wasn’t accessed by the fake tech support person and make sure your computer is clear of any possible malware or viruses before using it again.