FRAUD RESOURCE CENTER
En español | Computer viruses and malware are scary. Tech support scammers aim to exploit that fear, claiming your computer or mobile device is dangerously ill and needs an immediate, costly cure. Don’t buy it: These faux technicians are out to steal your money or your identity, not save your machine.
Tech support cons typically start in one of two ways: an unsolicited phone call or a pop-up warning on your computer or device.
Tech Support Phone Scams
As the Federal Trade Commission (FTC) notes, some scam callers pretend to be connected with Microsoft, Apple or a familiar security software company such as Norton or McAfee and claim to have detected an imminent threat to the mark’s computer. They will ask for remote access to your computer in order to run phony diagnostic tests, then pretend to have found malware or a virus that’s set to freeze the machine or eat your data.
Once they have you running scared, the crooks will pressure you to pay hundreds of dollars for repairs, new software, and other products and services you don't need. They'll ask for a credit card number so they can charge the transaction, or request payment by gift card or money transfer (methods favored by many scammers because they are difficult to trace).
Worse yet, they might utilize their access to your computer to transmit actual malware that harvests personal and financial information from the device, which they can use for identity theft.
Fake Virus Alerts
Scam pop-ups can invade your computer when you land on a dodgy website — by mistyping a URL, for example, or following a link from a spam email. They might be served to you via “adware” or “scareware,” malicious code you can unwittingly acquire if you download free software. (If you’re a PC user, you might see a scam version of the “blue screen of death” you get when Windows crashes, except the message will be about a virus or other threat.)
They‘re also a mobile scourge, with scammers attacking Apple and Android devices with phony alerts.
The fake warning might be from a rogue cybersecurity company with an unfamiliar but plausible-sounding name like Spy Wiper or System Defender, but, as with tech support calls, scam pop-ups often mimic well-known tech brands.
To ramp up the fear factor, the alert might be accompanied by blaring audio, or a long list of supposedly threatening files on your computer, and it won’t go away when you try to close your web browser. You’re urged to call a toll-free phone number to speak to a technician or click a link to buy or download (bogus) antivirus software.
If you call the number, the scheme proceeds as outlined above: "diagnostic test," scary threat, sales pitch. If the pop-up came with a download link, clicking it will likely infect your machine with malware for real.
Too often, these ploys work. Microsoft has estimated that tech support scams bilk 3.3 million people a year, at an annual cost of $1.5 billion — an average loss of more than $450 per victim. And those numbers are probably on the low side, since many victims never realize they’ve been conned. To avoid becoming one of them, follow some basic precautions.
- You get an unsolicited phone call or email from someone claiming to work for a brand-name tech company such as Microsoft or Apple. Those companies say they do not contact customers unless the customer initiates communication.
- A pop-up or blue screen appears on your computer, phone or tablet with a warning that a virus or other malicious program has infected your device.
- The messsage urges you to immediately call a toll-free number or click a link to get technical help or security software.
- The message contains bad grammar or misspelled words
- You are asked to pay for tech support or other services with a gift card, cash-reload card or wire transfer. The FTC says no legitimate company will ask for payment that way.
- Do hang up if you get an unsolicited call from someone who claims to be a tech support provider for your computer or software.
- Do get rid of a fake virus alert message by shutting down your browser. You can do this on a Windows PC by pressing Control-Alt-Delete and bringing up the Task Manager. On a Mac, press the Option, Command and Esc (Escape) keys, or use the Force Quit command from the Apple menu.
- Do use antivirus software to regularly scan your computer for malware, and run a scan immediately after getting a scam pop-up.
- Do keep your security software, browser and operating system up to date, and consider using your browser’s pop-up blocker.
- Do contact a computer technician you trust if you think there might be a genuine problem with your machine.
- Do contact your credit card company and request a reversal of the payment if you've been victimized. You’ll also want to look for other unauthorized charges and ask for those to be reversed as well.
- Don’t give remote access to your computer or payment information to someone who calls you out of the blue.
- Don’t rely on caller ID to determine if a caller is on the level. Scammers use "spoofing" techniques to make it look like they’re calling from a legitimate number.
- Don’t call the number in a pop-up virus alert. Real warnings from your operating system or antivirus program will not ask you to call anyone for support.
- Don’t click any links in the pop-up, even to close the window. This could redirect you to a scam site or launch a “dialogue loop,” continually serving pop-up messages.
- Don’t buy security software from a company you don’t know. If the name is unfamiliar, do an internet search to see if it has been linked to adware or scams.
- Don’t open previously closed sites if prompted to do so when you restart the browser after getting a scam pop-up.
- Don’t give financial information to someone who calls a few days, weeks or months after you've made a tech support purchase and asks if you were satisfied — it's probably a “refund scam.” If you say “No,” the caller will ask for bank or credit card information, ostensibly to deposit a refund in your account but actually to steal from you.
Updated March 11, 2020
More From the Fraud Resource Center