03/08/2018

Support Scams fifth most common threat in July

Support Scams fifth most common threat in July Warning

Tech support scams are currently an active threat for Windows-users, statistical information gathered by G DATA clearly demonstrates. Users are led to believe that their computers have viruses or other security problems and that a costly clean-up is necessary.

The figures from G DATA show that this scam is currently one of the most common threats. In July, several thousand attempted infections were detected and blocked on any given day by the G DATA protection solutions. This type of attempted fraud is currently at position #5 of the most common types of threat that were blocked by G DATA.

Netstat shows alleged dangers

To illustrate the alleged danger, users are presented with various standard Windows tools - such as the command line tool Netstat. Fraudsters claim there are "remote IP addresses" that could access the computer due to viruses – which is completely bogus. In some cases, random text is displayed in the Windows command line – coloured in red, to attract attention. None of these demonstrations show real security issues with the computer.

The fraudsters usually put the potential victims under emotional pressure in order make them purchase a support contract. Payment should often be made using alternative payment methods such as iTunes debit cards. At this point in time users should be wary - because why would a Microsoft technician accept voucher cards from a competitor? 

In a self-experiment last year, G DATA security evangelist Tim Berghoff called an alleged support hotline and recorded the conversation. The screen content has also been recorded and shows how the scammers proceed.

G DATA advice

Users should never call such a hotline when asked to. Often, the window opened through a browser via drive-by can be closed using the task manager. A protection solution such as G DATA Total Security can completely prevent the delivery of the fraudulent messages. If users receive a call, they should hang up immediately and not hand over any personal data. Legitimate Microsoft technicians do not make such support calls. Under no circumstances should users allow the desired access to the computer via remote maintenance tools such as Teamviewer. So, in a notshell, here is what to do if you are either called by a scammer or are asked to call a "Windows support hotline":

  • Do not let yourself be threatened or intimidated. Fear and confusion make you less focused and more likely to fall for a scam.
  • Do not share any payment information over the phone.
  • Do not let a stranger connect remotely to your computer.
  • If you are called by someone who claims to act on behalf of Microsoft, just hang up immediately. If asked to call, don't do it..