Story image

Microsoft comments on recent tech support scam crackdowns

30 Nov 18

Finally it seems authorities are making headway in the quest to crack down on tech support scams, but there is still a very long way to go.

In a blog post, Microsoft Digital Crimes Unit assistant general counsel Courtney Gregoire describes reports from the New York Times. The report states that more than 100 India law enforcement officers raided 16 call centre locations.

Those call centre locations were involved in tech support scams and 39 people were arrested. The alleged call centres had scammed thousands of people, most of whom were from the United States or Canada.

But whether that makes a dent in the number of global fraud scams is another question altogether.

Microsoft says it had received upwards of 7000 fraud reports worldwide that were associated with the 16 call centre locations. 

There have also been a number of other raids on call centre locations – six weeks ago the Delhi Cyber Crime Cell shut down 10 call centres, arrested 24 people, and seized evidence including voice call recordings and call scripts.

In May 2017 the US Federal Trade Commission led Operation Tech Trap. In June 2017, the City of London Police also arrested four people in relation to computer software services fraud.

Despite the crackdowns, Microsoft warns that these scams persist and target everyone, no matter their age or location.

“Anyone may receive an unwanted phone call or experience a pop-up window on your device with a ‘warning’ that your computer has a problem requiring immediate tech support,” writes Gregoire.

“These messages are often very convincing and use scare tactics to entice consumers into contacting a fraudulent “tech support” call centre. Call centre operators typically encourage the victim to provide remote access to their device for “further diagnosis” before charging the victim a fee – typically between $150 – $499 – for unnecessary tech support services. In addition to losing money, victims leave their computer vulnerable to other attacks, such as malware, during a remote access session.”

Microsoft says it works with law enforcement agencies primarily through its ‘report a scam’ portal, where people can share their experiences directly with Microsoft’s Digital Crimes Unit team.

Microsoft says it is also working with products like Windows Defender and learning about cybercriminals’ behaviour to build better cyber protection.

“The best thing you can do to help protect yourself from fraud is educate yourself,” Gregoire says.

Microsoft’s tips to catch a tech support scam:

•    Be wary of any unsolicited phone call or pop-up message on your device.

•    Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.

•    Do not call the phone number in a pop-up window on your device and be cautious about clicking on notifications asking you to scan your computer or download software. Many scammers try to fool you into thinking their notifications are legitimate.

•    Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.

•    If sceptical, take the person’s information down and immediately report it to your local authorities.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."
Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.