Avast, a global leader in digital security and privacy, has reported that tech support fraud remains a massive issue in India with 203,295 attacks identified from January through March 2021.
According to Avast Threat Labs, users in India are frequently attacked by technical support fraud.
Tech support scams happen when fraudsters use scare tactics to trick innocent individuals into purchasing overpriced and unnecessary “support services” to fix an alleged computer, device, or software problem.
They convince victims that their computer has been infected by malware; a window will pop up, alerting the user of a malware or spyware infection on their computer, and that their only recourse is to call a phone hotline for technical support.
Once on the phone, scammers try to convince the callers to establish a remote connection to their computer and sometimes download a second remote management software without the user knowing to keep up a constant connection to the user’s PC.
Once granted access, bad actors can also install malware, or other malicious programs that damage the data housed on devices, or even worse, harvest personal information. Criminals with access to this type of sensitive data can leverage it to gain entry into financial accounts, health records, or other essential services.
In addition, fraudsters go to great lengths to convince victims of their legitimacy, including creating web pages that imitate antivirus or firewall software warnings or even setting up fake companies to validate their con.
“Tech support fraud is increasingly common and targets some of the most vulnerable individuals. Criminals exploit victims through money or personal information,” said Alexej Savcin, Senior Malware Analyst, Avast.
“Above all, remember that whether it’s a phone call or a website, legitimate tech support won’t ever proactively seek you out to fix an issue. If in doubt, don’t engage, give access to your devices, or share any personal information,” he added.
Protecting yourself and loved ones from tech support scams
Spotting tech support fraud is essential in stopping it in its tracks. Use these tactics to keep yourself safe online:
- Question what led you to the support page: if it popped up on its own, that is one major indication that the website is fraudulent.
- Check the webpage: compare the domain URL to known sites; if it is not intuitive or easy to read, the website may be a scam. Further, if the browser freezes on a tech support page, it’s an indication that something is wrong; if a tool actually detected malicious activity, the site would get blocked.
- Remember, there is no real threat until a bad actor gains access to your information or devices: although criminals may try to pressure you, stay vigilant and skeptical when online, if unsure disengage and verify credentials on your own.
- Call someone you can trust – when in doubt, reach out to a family member or someone you trust.
Finally, being aware of common scam methods can help to ensure you aren’t a victim. Stay vigilant of the following techniques:
- Malicious Advertising (Malvertising): Scammers abuse legitimate online advertising markets with fraudulent ads that lure victims to their infrastructure, often a fake tech support scam page indicating an issue needs mitigation.
- Evil Cursor: This technique alters cursor size and shape, making it difficult to navigate, which prevents users from closing a tab or browser, convincing them that tech support is necessary.
- 401 Authentication Loop: Fraudsters can exploit an authorization pop-up window which in some cases even imitates a legitimate operating system design. The window can’t be closed and displays contact information for fraudulent tech support.
- File Downloading Jamming: Bad actors jam browsers with file downloads until unresponsive. This also consumes a large amount of RAM, which compounds and further slows a victim’s computer.
- Keyboard Shortcut Lockout: Fraudsters will lock commonly used keyboard shortcuts to close windows (i.e., “ALT+F4” or the “Escape” key), so victims experience an infinite loop with no way to escape.
- Browser History Manipulation: Scammers can disable or remove the “back” button online or may even manipulate it to recall the current page, so victims have no way to exit the website
- Print Spam: Malicious web page continuously sends print commands to the browser to make it seem slow and unresponsive.
“We urgently need to bring tech support fraud into the public awareness; they should be part of educational conversations about the internet in families and among friends. People need to talk about tech support fraud to their grandparents, parents, friends and children,” said Savcin.
Antivirus software like Avast Free Antivirus blocks tech support fraud popups to protect users online.