Too Much Robot Spam | Guide to Common Tech Support Scams and How They Work
Published 2 months ago | Last update 2 months ago
TL; DR: Don't pay the IRS with iTunes gift cards
100 views, 1 RAM, and 0 comments
- Scammers Pretend to be From Established Companies
- What to do when “Microsoft” calls you
- Gaining Control of Your Computer
- Remote Access
- Confidence Tricks
- Examples of Confidence Tricks
- The Ol’ Refund Trick
- Using Chrome’s Inspect Element Feature...for Evil
- Google Play Cards: The Universal Currency
- Procuring the Gift Cards
- Why Gift Cards?
- Stay Safe Out There
- Relevant 256KB Articles
- Related 256KB Affiliate Deals
The year is 2019, and if you’re like me you probably receive roughly 0 to 8 calls per day from robots trying to take your money. While most people visiting this site are probably competent enough with computers and technology to avoid falling for obvious scams, your relatives may not be.
So called tech-support scammers most often prey on older generations who are not fully comfortable working with computers, and exploit their fear and lack of experience to take advantage of them. To an old lady who has just been told that her computer was hacked, a random “tech support specialist” might seem like a savior.
If you’re concerned, consider broaching this subject or sharing this guide with your elderly loved ones.
Scammers Pretend to be From Established Companies
This may seem like an obvious one, but it’s important. Scammers will often pretend to be representatives of Microsoft, the IRS, or well-known banks. These are companies and organizations that everyone knows and trust as legitimate. These representatives usually leave robotic messages in your voicemail and ask you to call them back. The messages are scary and meant to induce panic, saying things like “you owe the IRS thousands of dollars,” “someone has stolen loads of dosh out of your bank account,” or “the hacker known as 4chan has hacked your computer.”
The trick here is that if anyone (especially a suspicious robot voice) says they are legit and that you should call them back, don’t do it.
What to do when “Microsoft” calls you
Let’s pretend that “Microsoft” calls you and says that your computer has been hacked. This is probably bullshit. If you’re concerned it could be true, always find the company’s real website and call the customer support line listed there. You’ll be put in touch with a real customer service rep from the company, and they can confirm whether or not there is any real danger.
The reason this is step #1 is because it is very easy. If you do this then you will never be on the line with a scammer to begin with and they won’t be able to take advantage of you.
Similarly, if a real person calls you claiming to be from a legitimate company, it is a good idea to hang up and call back on the listed customer support line for the same reasons. Other scammers may initiate with pop-ups indicating your computer is in dangerous.
It’s also worth noting that the majority of telephone-based tech support scams originate from India, so if your “support specialist” has an Indian accent it may be extra reason to be careful. Then again, a lot of legitimate customer support is outsourced to India, so that should not be taken as a sole indicator.
Rule of thumb: Don’t click on pop-ups and don’t trust people who you didn’t contact yourself.
Gaining Control of Your Computer
After initiating a phone call with you, the scammer will almost always try to gain access to your computer. Most often this entails gaining remote access to the computer, and in some cases locking you out entirely.
The scammer will usually instruct you to install a remote access program such as TeamViewer and whatever details needed to control your computer with it. Remote access allows them access to your desktop and files and the freedom to poke around wherever they wish.
Scammers also sometimes run a utility called Syskey, which allows them to create a startup password for your machine that only they know. This means that you will be locked out of your own computer the next time it is rebooted, whereas they are still able to access it indefinitely.
This allows them to either search for personal information at their leisure or ransom control of your computer back to you (or both). Once a new password has been set on your computer using Syskey, it is essentially impossible to regain access unless you already have software such as Rollback Rx Pro, which is unlikely considering the demographic that these scams usually target.
Technical support scammers rely on confidence tricks to take advantage of their victims. In this case, confidence tricks entail exploiting the victim’s lack of familiarity with computers and specific programs to gain their confidence, and then exploit them.
Again, these scammers typically prey on older generations due to their general lack of familiarity or confidence when it comes to operating computers. This, combined with a sense of urgency or peril is enough to convince many victims that the person on the phone is being honest when they offer to help.
Examples of Confidence Tricks
One example of this is that the fake support specialist may point out unfamiliar activity and notifications in applications such as Windows’ Event Viewer, and indicate that it is evidence of malware and fraudulent activity.
By convincing you that these elements are evidence of malware that needs to be fixed, the scammer ensures you are thinking more frantically (and less logically) and that you will listen to anything they tell you to do.
The Ol’ Refund Trick
One classic scammer trick, which may seem counterintuitive at first, is to claim that they owe the victim a refund for some product or service supposedly purchased at some point in time. But how does giving you a refund benefit the scammer, you may ask? Read on, intrepid adventurer.
Using Chrome’s Inspect Element Feature...for Evil
After gaining remote access to your computer, the scammer convinces you to log into your bank account (oh god oh fuck) so that they can give you your refund. Obviously, that’s not how refunds are actually given, but at this point the scammer has gained your confidence and they are your savior and whatever they say sounds reasonable.
After gaining access to your bank account, the scammer will typically ask that you avert your eyes from the screen, during which they will use Chrome’s inspect element tool to revise the amount that is supposedly in your bank account. If you’re wondering, then yes, scammers will instruct victims to download Google Chrome so that this trick will work. I have no idea what shit they say to make this seem legitimate.
And yes, their plan necessitates that you look away from your screen so they can use inspect element.
Here’s the twist: the scammer will revise the indicated amount to show that they accidentally put in thousands more dollars than you were supposedly owed by this refund.
Suddenly, you owe them money, and they’re going to do their best to make sure you pay.
Google Play Cards: The Universal Currency
Now that you supposedly owe the scammer money, whether it’s because they’re “from the IRS” or “mistakenly gave you $3,000,” they will instruct you how to pay them back.
Their favorite method is to demand payment via gift cards, such as Google Play, iTunes, or Amazon. This should seem decidedly odd--since when has the IRS been paid through gift cards? However it often works because of the confidence tricks played on the victim and the invested time spent on the phone so far. By this point, the scammer is your best friend.
Procuring the Gift Cards
IRS scams can be especially belligerent, as the scammer often claims that you are in serious trouble and will be imprisoned if you don’t pay them immediately. With the use of these kinds of scare tactics, victims simply aren’t thinking straight.
The scammer typically asks that you drive to the nearest store to purchase the necessary gift cards for the full amount you “owe” or at least as much as you can afford or the store will let you buy. They always tell you to avoid mentioning what the gift cards are for at all costs, under the facade that the random Wal-Mart employee will call the police if they know you are wanted for tax fraud. Again, none of this makes sense.
Once you have procured the gift cards, the scammer will ask for the codes off the back to either be redeemed or sold to a third-party online (for example, they’ll sell a $100 gift card for $90 to give someone a deal, while still making a large profit).
Why Gift Cards?
Gift cards have become the favorite means of payment by scammers because the codes are basically untraceable, especially if they unload the card on a third-party. Because no legitimate company has EVER requested that services be paid for with gift cards, this request should always be taken as the largest imaginable red flag.
Stay Safe Out There
Always remember to stay safe when dealing with anonymous people online or over the phone, especially if they are the one who contacted you. Additionally, this article should give you a good idea of what red flags to watch out for.
The prevalence of scammers out there have given rise to a counter-movement of vigilante scam-baiters, who pretend to be hapless victims in order to waste the scammers time or pull scams of their own.
One famous scam-baiter is the Twitch streamer and YouTuber known as Kitboga, who uses a combination of VPNs, virtual machines, a specially coded Notepad, his "Grandma Edna" voice-changer, and more to trick scammers and stay safe himself.
If you want to learn more about such scams, and be entertained at the same time, I would highly recommend his videos. This one in particular discusses his specialized version of Notepad and the ol’ inspect element trick.
Relevant 256KB Articles
- 5 Tasks You Didn't Know Could be Done from the Developer Console
- Virtual Machines | What are they good for?
- What is Rollback Rx Pro? | An Instant Time Machine For Your Computer
- The UK's War on Porn and Why VPNs Ensure It Will Fail
- Whatever Happened to Twitch Plays Pokémon? | The Rise (and Fall?) of the Church of Helix
- Twitch Installs Arch Linux | The Scariest Text-Based Adventure Game Ever
- The Top 5 Internet Marketing and SEO Scams: Are You Falling for these Tricks?
- Is there easier money to be made in SEO than this? SEO Penalty Removal
Related 256KB Affiliate Deals
Louis Cicalese is a person who has written about the hacker known as 4chan, the hacker known as
2channel 5channel, lesser-known search engines, CSS color names, Leeroy Jenkins, hiring Kermit the Frog impersonators and various other topics.
Account created 7 months ago.
55 posts, 57 comments, and 53 RAMs.
1 month ago:
Posted thread Remember Oregon Trail? | A Brief History of the Most Popular Educational Video Game of All Time
Post a New Comment
Do you like having a good time?
Read Quality Articles
Read some quality articles. If you can manage to not get banned for like five minutes, you can even post your own articles.
Argue with People on the Internet
Use your account to explain why people are wrong on the Internet forum.
Vandalize the Wiki
Or don't. I'm not your dad.
Ask and/or Answer Questions
If someone asks a terrible question, post a LMGTFY link.
Make Some Money
Hire freelancers and/or advertise your goods and/or services. Hire people directly. We're not a middleman or your dad. Manage your own business transactions.