Story image

Microsoft comments on recent tech support scam crackdowns

30 Nov 2018

Finally it seems authorities are making headway in the quest to crack down on tech support scams, but there is still a very long way to go.

In a blog post, Microsoft Digital Crimes Unit assistant general counsel Courtney Gregoire describes reports from the New York Times. The report states that more than 100 India law enforcement officers raided 16 call centre locations.

Those call centre locations were involved in tech support scams and 39 people were arrested. The alleged call centres had scammed thousands of people, most of whom were from the United States or Canada.

But whether that makes a dent in the number of global fraud scams is another question altogether.

Microsoft says it had received upwards of 7000 fraud reports worldwide that were associated with the 16 call centre locations. 

There have also been a number of other raids on call centre locations – six weeks ago the Delhi Cyber Crime Cell shut down 10 call centres, arrested 24 people, and seized evidence including voice call recordings and call scripts.

In May 2017 the US Federal Trade Commission led Operation Tech Trap. In June 2017, the City of London Police also arrested four people in relation to computer software services fraud.

Despite the crackdowns, Microsoft warns that these scams persist and target everyone, no matter their age or location.

“Anyone may receive an unwanted phone call or experience a pop-up window on your device with a ‘warning’ that your computer has a problem requiring immediate tech support,” writes Gregoire.

“These messages are often very convincing and use scare tactics to entice consumers into contacting a fraudulent “tech support” call centre. Call centre operators typically encourage the victim to provide remote access to their device for “further diagnosis” before charging the victim a fee – typically between $150 – $499 – for unnecessary tech support services. In addition to losing money, victims leave their computer vulnerable to other attacks, such as malware, during a remote access session.”

Microsoft says it works with law enforcement agencies primarily through its ‘report a scam’ portal, where people can share their experiences directly with Microsoft’s Digital Crimes Unit team.

Microsoft says it is also working with products like Windows Defender and learning about cybercriminals’ behaviour to build better cyber protection.

“The best thing you can do to help protect yourself from fraud is educate yourself,” Gregoire says.

Microsoft’s tips to catch a tech support scam:

•    Be wary of any unsolicited phone call or pop-up message on your device.

•    Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.

•    Do not call the phone number in a pop-up window on your device and be cautious about clicking on notifications asking you to scan your computer or download software. Many scammers try to fool you into thinking their notifications are legitimate.

•    Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.

•    If sceptical, take the person’s information down and immediately report it to your local authorities.

Mozilla launches Firefox Send, an encrypted file transfer service
Mozille Firefox has launched a free encrypted file transfer service that allows people to securely share files from any web browser – not just Firefox.
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.