You’ve probably heard horror stories about people with malicious intentions posing as cab drivers, cops, and debt collectors. Though you may not know about it yet, there’s another kind of impostor preying on unsuspecting souls who care about their data: money-hungry scammers disguising themselves as “tech support.”
I recently learned about tech support scams when Kurt, a friend of mine, called me up with a security-related question after his father-in-law got duped.
According to Kurt, the tech support scam went down like this...
Someone identifying himself as a technician with “Global-Soft,” a subsidiary of “Windows” (not Microsoft), called my father-in-law and told him that “Windows” had identified him as a customer whose system had become “infected.” They asked him for some information and to take control of his computer. They showed him “evidence” that his computer was infected, and they then downloaded two applications, both, I suspect, free and pretty old versions of antivirus software. They said that for $220, they would monitor his computer weekly for spyware/malware/viruses for three years. He did the transaction over the phone with his credit card number. The guy left him an icon on his desktop that, when opened, shows the tech's name, ("John Caesar”), gives a toll-free number, and has an eight or nine digit security code that he was “NOT TO SHARE WITH ANYONE, EVER” (the “technician’s” emphasis). A few days later, my father-in-law went to boot up his system to find it already up and running—he thought—some sort of scan. After discussing the situation with family (and having them freak out), he canceled his credit card and asked for his bank to stop payment on the fraudulent charge.
After this whole fiasco, Kurt’s biggest concern was the breach to his father-in-law’s computer security—how could he recover his files but block someone from regaining access? I talked it over with Jeff Taff, our Director of Operations: In theory, any bona fide, up-to-date anti-virus program should be able to find and remove any infected files from his computer.
However, if it's a virus in the system bootloader, the manual steps involved can be very involved for a layperson. It may be simpler to do a complete wipe and reinstall of the computer’s operating system, applications, and data. So, our recommendation for Kurt’s father-in-law was this:
- Copy your photos and other data files from the infected computer to another "clean" computer
- Run an antivirus scan on the data files on the clean computer
- Perform a complete erasure and reinstall of the infected computer
This will clearly be very time-consuming, but is the most foolproof, relatively straightforward way to address the security breach.
And as it turns out...
After researching "Global-Soft" further, I learned that these tech support scams have actually been going on for years. In 2012, CNET reported that regulators shut down a global PC tech support scam. Then just yesterday, a court shut down another alleged $120M Tech Support Scam. It just goes to show you that computer and Internet security is like a game of Whack-a-Mole: You always have to keep a cautious eye open for many of the same scams that keep popping up.
Does this cautionary tale leave you feeling vulnerable and concerned that you don’t have the right measures in place should your business one day be susceptible to a scam like this one? Reach out to us to learn about how our services can protect your systems from the worst.