SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Microsoft comments on recent tech support scam crackdowns
Fri, 30th Nov 2018
FYI, this story is more than a year old

Finally it seems authorities are making headway in the quest to crack down on tech support scams, but there is still a very long way to go.

In a blog post, Microsoft Digital Crimes Unit assistant general counsel Courtney Gregoire describes reports from the New York Times. The report states that more than 100 India law enforcement officers raided 16 call centre locations.

Those call centre locations were involved in tech support scams and 39 people were arrested. The alleged call centres had scammed thousands of people, most of whom were from the United States or Canada.

But whether that makes a dent in the number of global fraud scams is another question altogether.

Microsoft says it had received upwards of 7000 fraud reports worldwide that were associated with the 16 call centre locations.

There have also been a number of other raids on call centre locations – six weeks ago the Delhi Cyber Crime Cell shut down 10 call centres, arrested 24 people, and seized evidence including voice call recordings and call scripts.

In May 2017 the US Federal Trade Commission led Operation Tech Trap. In June 2017, the City of London Police also arrested four people in relation to computer software services fraud.

Despite the crackdowns, Microsoft warns that these scams persist and target everyone, no matter their age or location.

“Anyone may receive an unwanted phone call or experience a pop-up window on your device with a ‘warning' that your computer has a problem requiring immediate tech support,” writes Gregoire.

“These messages are often very convincing and use scare tactics to entice consumers into contacting a fraudulent “tech support” call centre. Call centre operators typically encourage the victim to provide remote access to their device for “further diagnosis” before charging the victim a fee – typically between $150 – $499 – for unnecessary tech support services. In addition to losing money, victims leave their computer vulnerable to other attacks, such as malware, during a remote access session.

Microsoft says it works with law enforcement agencies primarily through its ‘report a scam' portal, where people can share their experiences directly with Microsoft's Digital Crimes Unit team.

Microsoft says it is also working with products like Windows Defender and learning about cybercriminals' behaviour to build better cyber protection.

“The best thing you can do to help protect yourself from fraud is educate yourself,” Gregoire says.

Microsoft's tips to catch a tech support scam:

•    Be wary of any unsolicited phone call or pop-up message on your device.

•    Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.

•    Do not call the phone number in a pop-up window on your device and be cautious about clicking on notifications asking you to scan your computer or download software. Many scammers try to fool you into thinking their notifications are legitimate.

•    Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.

•    If sceptical, take the person's information down and immediately report it to your local authorities.