Jump to content

Technical support scam: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m Reverting possible vandalism by 103.198.173.217 to version by Yobot. Report False Positive? Thanks, ClueBot NG. (2640736) (Bot)
Tag: Possible vandalism
Line 15: Line 15:
The scammers then perform questionable tasks to "repair" the system, such as installing trials of other legitimate [[security software]], installing [[malware]] (including [[rogue security software]]) designed to collect the user's personal information, and deleting the aforementioned files that were previously claimed to be malware.<ref name=ars-definitelynotcalling/><ref>{{cite web|title=Microsoft Phone Scams|url=http://www.which.co.uk/consumer-rights/problem/microsoft-phone-scam|website=www.which.co.uk/|publisher=Which?}}</ref> They then coax the victim into paying for their services or the software designed to "repair" their computer, and in turn, gain access to the victim's [[credit card]] information, which can be used to make additional fraudulent charges. Afterwards, the scammer may also claim that the victim is eligible for a refund, and request the user's bank account information—which is instead used to steal more money from the victim, rather than providing the promised refund.<ref name=mbam /><ref name=troyhunt/><ref name=ars-definitelynotcalling>{{cite web|title=Hello, I‘m definitely not calling from India. Can I take control of your PC?|url=http://arstechnica.com/tech-policy/2012/10/hello-im-definitely-not-calling-from-india-can-i-take-control-of-your-pc/|website=Ars Technica|accessdate=16 November 2014}}</ref><ref name=wired /><ref name=ftc-scams>{{cite web|title=Tech Support Scams|url=http://www.consumer.ftc.gov/articles/0346-tech-support-scams|publisher=Federal Trade Commission|accessdate=16 November 2014}}</ref><ref name=itnews>{{cite news|last=Winterford|first=Brett|title=How the Microsoft/LogMeIn support scam works|url=http://www.itnews.com.au/News/257822,how-the-microsoftlogmein-support-scam-works.aspx|accessdate=1 April 2014|newspaper=ITnews.com.au|date=May 18, 2011}}</ref>
The scammers then perform questionable tasks to "repair" the system, such as installing trials of other legitimate [[security software]], installing [[malware]] (including [[rogue security software]]) designed to collect the user's personal information, and deleting the aforementioned files that were previously claimed to be malware.<ref name=ars-definitelynotcalling/><ref>{{cite web|title=Microsoft Phone Scams|url=http://www.which.co.uk/consumer-rights/problem/microsoft-phone-scam|website=www.which.co.uk/|publisher=Which?}}</ref> They then coax the victim into paying for their services or the software designed to "repair" their computer, and in turn, gain access to the victim's [[credit card]] information, which can be used to make additional fraudulent charges. Afterwards, the scammer may also claim that the victim is eligible for a refund, and request the user's bank account information—which is instead used to steal more money from the victim, rather than providing the promised refund.<ref name=mbam /><ref name=troyhunt/><ref name=ars-definitelynotcalling>{{cite web|title=Hello, I‘m definitely not calling from India. Can I take control of your PC?|url=http://arstechnica.com/tech-policy/2012/10/hello-im-definitely-not-calling-from-india-can-i-take-control-of-your-pc/|website=Ars Technica|accessdate=16 November 2014}}</ref><ref name=wired /><ref name=ftc-scams>{{cite web|title=Tech Support Scams|url=http://www.consumer.ftc.gov/articles/0346-tech-support-scams|publisher=Federal Trade Commission|accessdate=16 November 2014}}</ref><ref name=itnews>{{cite news|last=Winterford|first=Brett|title=How the Microsoft/LogMeIn support scam works|url=http://www.itnews.com.au/News/257822,how-the-microsoftlogmein-support-scam-works.aspx|accessdate=1 April 2014|newspaper=ITnews.com.au|date=May 18, 2011}}</ref>


==Unethical and fake "support" companies==
==Unethical and fake "support" companies(TECHNICION PVT. LTD)==
The great majority of the complaints and discussion about "companies" that cold-call and offer "technical support"<ref name=company>{{cite web|last=Hunt|first=Troy|title=Interview with the man behind Comantra, the "cold call virus scammers"|url=http://www.troyhunt.com/2012/05/interview-with-man-behind-comantra-cold.html|accessdate=18 April 2014}}</ref> report them as being not merely incompetent or ineffective, but actively dishonest, doggedly trying to convince the victim of non-existent problems by trickery, and when possible damaging a computer they gain access to.<ref name="mbam" /><ref name="review1">{{cite web|title=YooCare Davy Fake service, destroyed computer, would not refund Colorado Springs Colorado|url=http://www.ripoffreport.com/r/YooCare/Colorado-Springs-Colorado-80903/YooCare-Davy-Fake-service-destroyed-computer-would-not-refund-Colorado-Springs-Colorado-963308|publisher=Ripoff Report}}</ref><ref name=review2>{{cite web|title=Reputation of guruaid.com|url=https://www.mywot.com/en/scorecard/guruaid.com|publisher=WOT}}</ref> Computer support companies advertise on search engines like [[Google Search|Google]] and [[Bing (search engine)|Bing]],<ref name=company/><ref name=adwords>{{cite web|title=How iYogi & Guruaid running tech support campaigns?|url=https://www.en.adwords-community.com/t5/Ad-Approval-Policy/How-iYogi-amp-Guruaid-running-tech-support-campaigns/td-p/256765|publisher=AdWords Community|accessdate=2 May 2014}}</ref> but some are heavily criticised, sometimes for practices similar to the cold callers. One example is the India-based company [[iYogi]], which has been reported by [[InfoWorld]] to use scare tactics and install undesirable software.<ref name=infoworld-iyogi1>
The great majority of the complaints and discussion about "companies" that cold-call and offer "technical support"<ref name=company>{{cite web|last=Hunt|first=Troy|title=Interview with the man behind Comantra, the "cold call virus scammers(TECHNICION PVT. LTD)"|url=http://www.troyhunt.com/2012/05/interview-with-man-behind-comantra-cold.html|accessdate=18 April 2014}}</ref> report them as being not merely incompetent or ineffective, but actively dishonest, doggedly trying to convince the victim of non-existent problems by trickery, and when possible damaging a computer they gain access to.<ref name="mbam" /><ref name="review1">{{cite web|title=YooCare Davy Fake service, destroyed computer, would not refund Colorado Springs Colorado|url=http://www.ripoffreport.com/r/YooCare/Colorado-Springs-Colorado-80903/YooCare-Davy-Fake-service-destroyed-computer-would-not-refund-Colorado-Springs-Colorado-963308|publisher=Ripoff Report}}</ref><ref name=review2>{{cite web|title=Reputation of guruaid.com|url=https://www.mywot.com/en/scorecard/guruaid.com|publisher=WOT}}</ref> Computer support companies advertise on search engines like [[Google Search|Google]] and [[Bing (search engine)|Bing]],<ref name=company/><ref name=adwords>{{cite web|title=How Technicion & Guruaid running tech support campaigns?|url=https://www.en.adwords-community.com/t5/Ad-Approval-Policy/How-Technicion-amp-Guruaid-running-tech-support-campaigns/td-p/256765|publisher=AdWords Community|accessdate=2 May 2014}}</ref> but some are heavily criticised, sometimes for practices similar to the cold callers. One example is the India-based company [[Technicion]], which has been reported by [[InfoWorld]] to use scare tactics and install undesirable software.<ref name=infoworld-iyogi1>
{{cite web|last=Cringley|first=Robert|title=The downward (dog) spiral: iYogi exposed|url=http://www.infoworld.com/t/cringely/the-downward-dog-spiral-iyogi-exposed-189712|publisher=InfoWorld|accessdate=3 April 2014|date=28 March 2012}}
{{cite web|last=Cringley|first=Robert|title=The downward (dog) spiral: TECHNICION PVT. LTD. exposed|url=http://www.infoworld.com/t/cringely/the-downward-dog-spiral-Technicion-exposed-189712|publisher=InfoWorld|accessdate=3 April 2014|date=28 March 2012}}
</ref><ref name=infoworld-iyogi>
</ref><ref name=infoworld-TECHNICION PVT. LTD.>
{{cite web|last=Cringley|first=Robert|title=Tech support or extortion? You be the judge|url=http://www.infoworld.com/article/2619722/cringely/tech-support-or-extortion--you-be-the-judge.html |publisher=InfoWorld |accessdate=9 June 2015|date=21 March 2012}}</ref> In December, 2015, [[Washington (state)|Washington state]] sued iYogi's US operations for scamming consumers and making false claims in order to scare the users into buying their diagnostic software.<ref>[http://www.bigstory.ap.org/article/463933ef849e4521b9bee539b2d521c5/washington-state-sues-iyogi-alleges-tech-support-scam Washington state sues firm, alleges tech support scam], ''[[Associated Press]]'', 16 December 2015</ref>
{{cite web|last=Cringley|first=Robert|title=Tech support or extortion? You be the judge|url=http://www.infoworld.com/article/2619722/cringely/tech-support-or-extortion--you-be-the-judge.html |publisher=InfoWorld |accessdate=9 June 2015|date=21 March 2012}}</ref> In December, 2015, [[Washington (state)|Washington state]] sued TECHNICION'S US operations for scamming consumers and making false claims in order to scare the users into buying their diagnostic software.<ref>[http://www.bigstory.ap.org/article/463933ef849e4521b9bee539b2d521c5/washington-state-sues-TECHNICION-alleges-tech-support-scam Washington state sues firm, alleges tech support scam], ''[[Associated Press]]'', 16 December 2015</ref>
iYogi, which was required to respond formally by the end of March 2016,<ref>{{cite web |url=https://www.channele2e.com/2016/03/03/iyogi-it-services-lawsuit-state-of-washington-awaits-response/ |title=iYogi IT Services Lawsuit: State of Washington Awaits Response - ChannelE2E |website=ChannelE2E |date=18 March 2016 |author=Joe Panettieri |accessdate= 24 March 2016}}</ref> said before its response that the lawsuit filed was without merit.<ref>[https://www.channele2e.com/2016/01/11/lawsuits-cloud-iyogi-remote-tech-support-reputation/ Lawsuits Cloud iYogi Remote Tech Support Reputation],11 Jan 2016</ref> In September 2011, Microsoft dropped Comantra, a Gold Partner, from their Microsoft Partner Network because of accusations of being involved in cold-call technical support scams.<ref>[http://www.theguardian.com/technology/2011/sep/22/microsoft-drops-partner-accused-scam/ Microsoft Drops partner accused of Cold-Call Scams], 22 February 2016</ref> In December 2014 Microsoft filed a lawsuit on a [[California]]-based company operating such scams for "misusing Microsoft's name and trademarks" and "creating security issues for victims by gaining access to their computers and installing malicious software, including a password grabber that could provide access to personal and financial information." <ref>{{cite news|last1=Whitney|first1=Lance|title=Microsoft combats tech support scammers with lawsuit|url=http://www.cnet.com/news/microsoft-combats-tech-support-scammers-with-lawsuit/|accessdate=21 December 2014|publisher=CNET|date=19 December 2014}}</ref>
TECHNICION, which was required to respond formally by the end of March 2016,<ref>{{cite web |url=https://www.channele2e.com/2016/03/03/technicion-it-services-lawsuit-state-of-washington-awaits-response/ |title=technicion IT Services Lawsuit: State of Washington Awaits Response - ChannelE2E |website=ChannelE2E |date=18 March 2016 |author=Joe Panettieri |accessdate= 24 March 2016}}</ref> said before its response that the lawsuit filed was without merit.<ref>[https://www.channele2e.com/2016/01/11/lawsuits-cloud-technicion-remote-tech-support-reputation/ Lawsuits Cloud technicion Remote Tech Support Reputation],11 Jan 2016</ref> In September 2011, Microsoft dropped Comantra, a Gold Partner, from their Microsoft Partner Network because of accusations of being involved in cold-call technical support scams.<ref>[http://www.theguardian.com/technology/2011/sep/22/microsoft-drops-partner-accused-scam/ Microsoft Drops partner accused of Cold-Call Scams], 22 February 2016</ref> In December 2014 Microsoft filed a lawsuit on a [[California]]-based company operating such scams for "misusing Microsoft's name and trademarks" and "creating security issues for victims by gaining access to their computers and installing malicious software, including a password grabber that could provide access to personal and financial information." <ref>{{cite news|last1=Whitney|first1=Lance|title=Microsoft combats tech support scammers with lawsuit|url=http://www.cnet.com/news/microsoft-combats-tech-support-scammers-with-lawsuit/|accessdate=21 December 2014|publisher=CNET|date=19 December 2014}}</ref>


==See also==
==See also==

Revision as of 18:52, 30 April 2016

A technical support scam (often abbreviated tech support scam) refers to telephone fraud that claims to be a legitimate technical support service. It can either begin by a cold call, usually claiming to be associated with a legitimate-sounding third-party, with a name like "Microsoft" or "Windows Technical Support" or it could begin with an unsuspecting user searching for commercial technical support via a popular search engine such as Bing or Google.[1] Recently, such a scam can be initiated by pop-up windows on websites instructing the potential victim to call a number to fix fictitious 'infections'.[2] Remote desktop software is used to connect to the victim's computer, and the scammer then uses a variety of confidence tricks that employ various Windows components and utilities (such as the Event Viewer), third-party utilities (such as rogue security software),[3] and reference sites like Wikipedia or summaries written by security companies[4] to make the victim believe that the computer has issues that need to be fixed, before proceeding for the victim to pay for "support". These scams usually target users, such as senior citizens, who are unfamiliar with the tools used in the process, especially when initiated by cold calls.[3]

In English-speaking countries such as the United States, United Kingdom and Australia, such cold call scams have occurred as early as 2008 and primarily originate from call centres in India.

Operation

Technical support scams typically rely on social engineering and confidence tricks.[4][5] The scammer instructs the victim to download and install a remote access program, such as TeamViewer, and provide them with the details required to log into their computer using the software. After gaining access, the scammer attempts to convince the victim that their computer is suffering from problems that must be repaired. A number of common methods are used during many tech support scams—most of which involve misrepresenting the content and output of various Windows tools and system directories as evidence of malicious activity, such as viruses and other malware:[6]

  • The scammer may direct users to Windows' Event Viewer, which displays a log of various events for use by system administrators and expert users to troubleshoot problems. Although many of the log entries are relatively harmless notifications, the scammer may fraudulently claim that log entries labelled as warnings and errors are evidence of malware activity or that the computer is becoming corrupted, and that the errors must be "fixed".[4][5][7]
  • The scammer may present system folders that contain unusually named files, such as Windows' Prefetch and Temporary files folders, and claim that the files are evidence of malware on the system.[7]
  • The scammer may misuse Command Prompt tools to generate suspicious-looking output, such as for instance, the TREE command, which displays a listing of files and directories. The scammer may claim the innocuous program to be a malware scanner, and manually enter text purporting to be an error message (such as "security breach ... trojans found") after the conclusion of the output.[8]
  • The scammer may misrepresent values and keys stored in the Windows Registry as being malicious, such as innocuous keys whose values are listed as not being set.[4]
  • The "Send To" function on Windows is associated with a globally unique identifier. The output of the command prompt command assoc, which lists all file associations on the system, displays this association with the line ZFSendToTarget=CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}. The scammer may claim that this is a unique ID used to identify the user's computer, although this ID is identical on all Windows systems. Alternatively, the scammer may claim that the "CLSID" listed is actually a "Computer Licence Security ID" that must be renewed.[9][10]
  • The scammer may also claim that the system's "problems" are a result of "expired" warranties on its hardware or software, and coax the victim into paying for a "renewal".[5][7]

The scammers then perform questionable tasks to "repair" the system, such as installing trials of other legitimate security software, installing malware (including rogue security software) designed to collect the user's personal information, and deleting the aforementioned files that were previously claimed to be malware.[6][11] They then coax the victim into paying for their services or the software designed to "repair" their computer, and in turn, gain access to the victim's credit card information, which can be used to make additional fraudulent charges. Afterwards, the scammer may also claim that the victim is eligible for a refund, and request the user's bank account information—which is instead used to steal more money from the victim, rather than providing the promised refund.[4][5][6][7][12][13]

Unethical and fake "support" companies(TECHNICION PVT. LTD)

The great majority of the complaints and discussion about "companies" that cold-call and offer "technical support"[14] report them as being not merely incompetent or ineffective, but actively dishonest, doggedly trying to convince the victim of non-existent problems by trickery, and when possible damaging a computer they gain access to.[4][15][16] Computer support companies advertise on search engines like Google and Bing,[14][17] but some are heavily criticised, sometimes for practices similar to the cold callers. One example is the India-based company Technicion, which has been reported by InfoWorld to use scare tactics and install undesirable software.[18]Cite error: The <ref> tag has too many names (see the help page). In December, 2015, Washington state sued TECHNICION'S US operations for scamming consumers and making false claims in order to scare the users into buying their diagnostic software.[19] TECHNICION, which was required to respond formally by the end of March 2016,[20] said before its response that the lawsuit filed was without merit.[21] In September 2011, Microsoft dropped Comantra, a Gold Partner, from their Microsoft Partner Network because of accusations of being involved in cold-call technical support scams.[22] In December 2014 Microsoft filed a lawsuit on a California-based company operating such scams for "misusing Microsoft's name and trademarks" and "creating security issues for victims by gaining access to their computers and installing malicious software, including a password grabber that could provide access to personal and financial information." [23]

See also

References

  1. ^ "Despite Crackdowns, Tech Support Ads In Search Are Still Cause For Consumer Confusion". Search Engine Land, Ginny Marvin on August 5, 2014
  2. ^ "Do not respond to scam pop-up messages in your web browser". www.communications.gov.au. Department of Communications and the Arts. Retrieved 2016-04-19.
  3. ^ a b Arthur, Charles (18 July 2012). "Virus phone scam being run from call centres in India". Guardian. Retrieved 31 March 2014.
  4. ^ a b c d e f Segura, Jérôme. "Tech Support Scams - Help & Resource Page | Malwarebytes Unpacked". Malwarebytes Corporation. Retrieved 28 March 2014.
  5. ^ a b c d Hunt, Troy (February 21, 2012). "Scamming the scammers – catching the virus call centre scammers red-handed". Retrieved 1 April 2014.
  6. ^ a b c "Hello, I'm definitely not calling from India. Can I take control of your PC?". Ars Technica. Retrieved 16 November 2014.
  7. ^ a b c d Solon, Olivia (11 April 2013). "What happens if you play along with a Microsoft 'tech support' scam?". Wired.co.uk. Retrieved 10 November 2014.
  8. ^ Lodhi, Nauman. "Beware of Microsoft Tech Support Scammers". Business 2 Community. Retrieved 18 April 2014.
  9. ^ "Support desk scams: CLSID not unique". We Live Security. ESET. Retrieved 15 November 2014.
  10. ^ "Support-Scammer Tricks". We Live Security. ESET. Retrieved 15 November 2014.
  11. ^ "Microsoft Phone Scams". www.which.co.uk/. Which?.
  12. ^ "Tech Support Scams". Federal Trade Commission. Retrieved 16 November 2014.
  13. ^ Winterford, Brett (May 18, 2011). "How the Microsoft/LogMeIn support scam works". ITnews.com.au. Retrieved 1 April 2014.
  14. ^ a b Hunt, Troy. "Interview with the man behind Comantra, the "cold call virus scammers(TECHNICION PVT. LTD)"". Retrieved 18 April 2014.
  15. ^ "YooCare Davy Fake service, destroyed computer, would not refund Colorado Springs Colorado". Ripoff Report.
  16. ^ "Reputation of guruaid.com". WOT.
  17. ^ "How Technicion & Guruaid running tech support campaigns?". AdWords Community. Retrieved 2 May 2014.
  18. ^ Cringley, Robert (28 March 2012). "The downward (dog) spiral: TECHNICION PVT. LTD. exposed". InfoWorld. Retrieved 3 April 2014.
  19. ^ Washington state sues firm, alleges tech support scam, Associated Press, 16 December 2015
  20. ^ Joe Panettieri (18 March 2016). "technicion IT Services Lawsuit: State of Washington Awaits Response - ChannelE2E". ChannelE2E. Retrieved 24 March 2016.
  21. ^ Lawsuits Cloud technicion Remote Tech Support Reputation,11 Jan 2016
  22. ^ Microsoft Drops partner accused of Cold-Call Scams, 22 February 2016
  23. ^ Whitney, Lance (19 December 2014). "Microsoft combats tech support scammers with lawsuit". CNET. Retrieved 21 December 2014.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Technical_support_scam&oldid=717960559"