Tech Support Scams and How to Avoid Them — CIOReview

Jack Mathew
4 min readJan 14, 2020


Tech Scams

Cyber scammers are learning that you simply can trap more flies with honey than with vinegar. during a widely spreading tech support scam, the scammers shift from the standard scare tactics and instead graciously offer to “help” potential victims. This scam involves convincing victims that their computer has been compromised, before conveniently offering their services to affect the difficulty.

Victims of this recent scam find their screens locked, with a billboard for a corporation called “SupportBuddy” on the monitor. The browser is frozen, the keypad is locked, and therefore the victims are pressured into calling the amount on the screen. When the victim places a call, SupportBuddy kindly offers to repair the matter for a selected sum. The hackers pose as legitimate tech support from major companies and plan to get Mastercard and private information from the victims.

This form of social engineering is comparatively new. The more traditional tech support scams typically use intimidating alerts, with alarming language and an urgent call-to-action. An example would be: “Windows health is critical. don’t restart. Contact us immediately!” This usually goes alongside threats of knowledge loss and malware infection, to scare the victim into using their service.

Trend Micro has been monitoring tech support scams since June thanks to an explosion in cases. Most of the URLs encountered display similar blue screen instruction alerts, which may only be terminated via task manager. They also provide a hotline number that puts victims in touch with the scammers. These malicious sites have common URL keyword patterns, and a few of the infected domains are hosted on IP addresses which are already being monitored.

A sample of a fake alert message from an infected site

The same site blocked by web protection software

What avenues are wont to attack victims?

Despite increasing awareness about internet scams, people still click on unfamiliar sites or ads that expose them to risks. Links cause malicious sites that employ malware to regulate a user’s computer. Once they gain control, they freeze the screen to display their message and hotline number. For these most up-to-date tech support scams.

Scammers also trick users into downloading the malware directly, often naming files after something popular in order that they have a broader target base. A recent scam uses Hallmark e-cards as bait. card brand’s icon gives a glance of legitimacy to the file, but once users download it, their computers are disabled as a window pops up warning users of “critical failure”. A support number is additionally provided, which users are urged to call to urge a “response code” to unlock their computer. This particular Trojan is detected as TROJ_TECSAM.A. Its only purpose is to trick the user into calling the amount for technical support, where they will be manipulated into giving personal information or extorted for money.

The simple pop-up window from the Trojan TASCAM

Another way tech support scams reach users is via Internet Service Providers (ISP). Hackers can employ malicious advertisements to get a user’s IP addresses, and from there they will determine their ISP. They pose because of the victim’s specific ISP tech support and check out to urge financial information out of them.

Tech support scammers are known to use a spread of tactics to control would-be victims. Here are tips for avoiding them

The best thanks to avoiding tech scams are to remember common attack methods.

Remember that legitimate tech support won’t call you. you’ve got to request help from them. Be suspicious of unsolicited calls. If you would like to succeed in bent tech support, confirm you’ve got the right number. Go straight to the official website of your provider to urge the contact details for his or her support line.

If your screen freezes with a malicious ad, don’t panic. you’ll easily terminate the URL by ending the browser process from your Task Manager. Definitely don’t call the hotline that you simply see on ads or alerts. Contact your IT department if you’re within the office.

If the support agent you’re lecture asks for remote access directly, take care. Remote access is typically done by a better level of the support team, and not the decision technician.

Act fast if you’ve encountered this scam. If you gave away Mastercard information, contact your bank immediately. Change the passwords on your computer, especially if you gave them remote access.

Get effective and bonafide anti-virus software to stop your system from accessing malicious sites. If you have already got one, confirm you’ve got the newest version installed. the newest updates of the software will include the foremost comprehensive protection against recent malicious URLs.

Trend Micro already provides solutions to this problem. Endpoint products like Trend Micro™ Security, Smart Protection Suites, and Worry-Free Business Security have features that proactively prevents you from clicking on malicious URLs.