It is well known in tech circles that human error is one of the main culprits in data breaches. As such, hackers are always working on inventive ways to trick your employees into giving out sensitive information. One of the latest trends to watch for in this vein, commonly known as social engineering attacks, are scams involving tech support.
WHAT ARE TECH SUPPORT SCAMS?
In a tech support scam, the main goal of the scammer is to convince someone on your team that they need immediate assistance for a computer problem, like a virus infection, and then use this panic as a means to acquire remote access to your systems or demand immediate payment to resolve the issue.
Many scammers are adept at spoofing error messages, support e-mails, and web addresses and will also attempt to pose as employees of tech giants such as Microsoft, Apple, or Google. They may also impersonate IT professionals, from well-known security companies like Norton or McAfee.
Tech support scams come in various forms and can range from simple, easy to spot scams to highly sophisticated fraud.
TYPES OF TECH SUPPORT SCAMS
Phone Call Scams
Attackers will call your business posing as a computer technician from a reputable company you know or work with. They warn you of a significant issue they’ve detected, then ask for remote access to run some diagnostic testing. Using this access, they can then initiate a real attack or ask you to pay them to fix a problem that isn’t real.
Hackers routinely add pop-up windows to dodgy websites that they control. Many of these are simply misspelled versions of commonly visited sites (e.g., www.googgle.com). If you land on one of these sites, you may see a pop-up made to look like an error message from your browser, operating system, or antivirus software. The message will try to get you to act quickly to correct an issue by clicking on links or calling specified phone numbers.
Online Ad Scams
Cybercriminals create fake companies and try to get their websites ranked on search engine results for common tech support issues. They then pose as a real company when you contact them, promise to fix your problem, and use the resulting relationship to scam or hack you.
HOW TO AVOID
By and large, you can avoid most of these scams by remembering the following tips:
- Legitimate companies never make unsolicited tech support calls. If someone calls you claiming you need technical support, hang up immediately. Don’t be fooled by caller ID either, as cybercriminals are adept at spoofing numbers and names that appear on these systems.
- Pay special attention to the URLs you visit to ensure you are on legitimate webpages and not spoofed, fake sites.
- Ignore any pop-up messages you see that involve tech support issues.
- Never give someone your password info or remote access to your system if they’ve contacted you unexpectedly.
Additionally, if you ever think you have an issue with your computer, update your antivirus software, run a scan, and contact your designated tech support team.
IF YOU FALL VICTIM TO A SCAM
If you need further assistance identifying whether or not you have been a victim of a tech support scam or are simply looking to add some experienced, high profile cybersecurity professionals to your team, e-mail us to find out more about how Haselkorn Inc. can help.