The anatomy of a tech scam

Just another normal day 

Your train of thought is interrupted by the sound of an incoming phone call. It’s the first time you’ve looked up from your screen for several hours as you rush to finalise a presentation required for the upcoming meeting.  

The number doesn’t look familiar. You stare at the phone for several seconds wondering if you can jog your memory to remember whose number that is. You pick up your phone and answer the call.  

“This is Microsoft support, we have detected a virus on your computer”. 

Hopefully you’ve completed your cyber security awareness training, so straight away you know it’s a tech scam phone call. You hang up and continue with your day.  

But it doesn’t always go that way.  

It’s unfortunate that many people who answer a scam call will have led them down a path of bad decisions that ends in them losing money, their sensitive data, or access to their accounts.  

Making contact 

Tech support scams come in many flavours and employ different tactics to achieve their goal. Two popular methods used to grab your attention and initiate the scam include: 

  • Unexpected phone call – Like the example above, a phone call is received stating you have an issue that needs to be resolved. It may be an unknown number, or worse, they employ a method to use a fake caller ID to trick you. 
  • Pop up error message – A pop up error message is displayed on your screen. It includes a phone number, states you have a technical issue, and instructs you to urgently call the phone number on the screen.  
Extracting value 

Making contact is the first step and once they have your attention and trust they will then look to extract something of value from you. There are a few ways they may attempt to do this: 

  • Pay to fix the problem – Gift cards, cryptocurrency, and handing over your bank details are popular methods. 
  • Download and install software – This may provide the criminals access to your computer so they can monitor your actions such as keystrokes when entering passwords to online banking websites. 
  • Passwords – Access to your accounts such as online banking, social media.  
Stay protected 

How do you protect yourself? What are they key points you should consider to not become a victim? 

  • Be sceptical. If it feels off, it is off.  
  • Never trust an unexpected tech support call or error message. Microsoft never make unsolicited phone calls; they never include error messages that include phone numbers. 
  • Support fees. You will never need to make payment in the form of gift cards or cryptocurrency. These are a clear sign it’s a scam.  
  • Beware of having to download software. It should only be downloaded from Microsoft’s official website or their partner websites.  
  • Passwords and sensitive information. Never hand over passwords or sensitive information. Microsoft will not ask for your personal data.  
  • Antivirus. Defender Antivirus should be enabled. It will help detect and eliminate malicious software and applications a scammer may attempt to use. 
Oh no! I was scammed, what should I do? 

But what if you have been scammed? You answered the call, following the scammer’s instructions and now you realise something isn’t right. Microsoft suggest you should: 

  • Uninstall any applications scammers have asked you to install. 
  • Run a full scan with Windows Security to remove any malware. 
  • If you have given scammers access to your computer, reset your device. 
  • Change your passwords. 
  • If you have already paid, call your credit card provider as soon as possible. 
  • Report the scam at www.microsoft.com/reportascam. 
  • Report unsafe websites in Microsoft Edge by going to Settings and More > Help and Feedback > Report unsafe site. 

Read more recent blogs

Get started on the right path to cloud success today. Our Crew are standing by to answer your questions and get you up and running.