How to Spot a Tech Support Scam
Understanding the Danger of Tech Support Scams
IT Support should be something that you and your business rely on to keep your network, and your workstations safe and running smoothly. Working with a good tech support team can be like having a great partner that is watching your back and helping you steer clear of any troubles with great knowledge and preventative measures that ensure you can focus on other aspects of business.
Alongside this, using programs and services from massive companies like Microsoft should come with the peace of mind that they are working to provide the best services possible.
That is what makes the nature of tech scams all the more insidious, as they not only take advantage of a person’s trust in certain systems, but also often lead to the compromise of important, sensitive documents that can leave a company cleaning up an enormous mess.
In some worse cases, funds can be compromised and stolen by these individuals, leading to a financial stress that can have lasting ramifications. Even if there is insurance in place the time it takes to wait to recover can have dire effect on a smaller business.
Because of these bad actors, it is more important than ever to be able to spot the signs of a potential tech support scam. Not only can doing so save you from a potential disaster, but it can also save a lot of time and money that could cripple your company.
Signs of a Tech Support Scam
In order to identify if something is an IT scam or not, you have to first know what the signs are. In many instances, these scammers will use similar tactics to varying effects. Sometimes the scam will be quite obvious, almost even laughable. Other times they may seem quite official with only one tell that what is happening is a scam.
Being able to tell the difference is going to be what allows you to better utilize your network services and reporting them to your IT support will allow them to better secure you from future attempts to hack your information.
In all these cases, never respond to or interact with the email. Ask your IT support what to do and follow their instructions to handle the situation.
Identifying Email Addresses
One of the first ways to identify a scam is to check to see where the message they are sending is coming from. In many cases scammers will try to gain access to your information via email and will send one posing as a legitimate source.
When receiving one of these emails, check to see where it is from. If the email address seems suspect, then do a cross reference. In many cases, organizations will have listed somewhere in the public eye their support email addresses or will have alerts of scammers and how they are trying to coax people into falling victim.
Likewise, if this scam is one that is known, or going around, forums and other public discussion channels may have already spoken about this email address and have deduced the fact that the sender is malicious and trying to attack your computer.
Ensure Logo Consistency
Should the scammer be emailing you posing as a large company, they will often try to include images or logos to appear more legitimate. This is also another opportunity to check for legitimacy.
Major companies and corporations often will change or update their logos to keep up with trends and best practices in marketing. Sometimes these changes are minor updates, other times they are big, sweeping ones that set out to change the entire identity of the company with it.
Luckily, most scammers don’t know that, nor will they have access to the full assets used by companies when sending legitimate messages out.
Like with the email address, cross reference the logos with the ones of the company to see if they are up to date or not. If the logo is an older one, then that is usually a sign that you are dealing with a scammer.
Similarly, if the logo is fuzzy, of a poor quality, or low resolution, there is a good chance that it is not actually made using the official assets on hand.
Check the Text
A key component of any email scam is going to be to try and make the text look as convincing as possible. There are, however, some pretty obvious tells that can give them away, such as:
- Disjointed, poor sentence structure that is hard to read.
- A request for username or login credentials (reputable support emails will never ask for this)
- Suspicious links to outbound websites that are unfamiliar and not requested
- A poorly worded, or confusing subject line
- Vague reasoning for the email
- Trying to push a service that may not be available elsewhere or is normally free
- Asking you for credit or checking information
Usually if an email has one of these it will have multiple, but more savvy scammers will be able to better cover their tracks. It may take a keen eye to notice these details, and if you are unsure, contact your IT staff or managed services to get their input.
A Mysterious Phone Call
While many tech support scams can come in the form of emails, not all do. Others will come in the form of phone calls of bad actors posing as actual tech support agents either from major companies or your IT support company. In many of these instances, they will try to use tactics used in the scam emails to get you to compromise your information or your computer, often by directing you to access a website they claim is for a test.
In these instances, it is always good to question, and keep questioning if something seems off. If something seems off, or they seem fishy, just hang up. Likewise, if you don’t recognize the number, it is best to not engage, and indeed might be better to look up and call the support line for whoever the person is claiming to represent. That way you can get from the source whether something is legitimate.
This is not a perfect solution unfortunately, as oftentimes more crafty scammers will be able to spoof their appearance on caller ID as the person they claim, and some will even go so far as to edit online information.
In most instances though, these companies will never call you, as a massive corporation like Microsoft doesn’t individually monitor computers utilizing their services. And even if they did call, they wold never ask you for your credit card information. Likewise, if the person is claiming to be someone from your IT Support, but can’t transfer you to someone you know, you can always request to have that person call you at a later date.
No matter what though, never follow their instructions, and never give out any information that could give them access to your personal information.
Most of us have probably seen it before. You go to a website, and a popup appears says your computer is infected with a really bad virus and only this link or this button can fix it. In most instances people are aware that this is a piece of malware trying to allow someone to gain access to and steal their information and usually their money as well.
Most of the time it isn’t a huge issue when these pop up. In many instances you can reload or navigate away from the page and that can be the end of it. However, there are some that are more persistent, and may not be so easily gotten rid of.
In every instance, never click on the link, button, or do anything that it tells you to. As with everything else we’ve discussed it is important to make sure you do nothing to compromise or reveal yourself, your information, and your network to malicious attacks.
Scammers are not likely to ever go away. As they make millions every year off of their ill-gotten gains, they will continue to adjust their tactics to take advantage of the unsuspecting. It will take vigilance and a keen eye to make sure that they are not able to take advantage of you, or anyone in your company.
But, it is possible to keep safe, and keep your network from being compromised. Practicing safe web browsing habits, as well as safe email protocols will do much of the heavy lifting, and working alongside your IT to identify and isolate areas where security or knowledge may be weaker to strengthen it will provide great value in the fight against tech support scammers.