Tech Support Scams: Second Byte at the Cherry

Is there really anything new to be said about tech support scams? Unfortunately, the FTC tells us there is. Not only because people are still falling prey to this type of fraud, but because the scammers are still finding new approaches to harvesting their victims’ credit card details. Some quite interesting, sophisticated technical tricks are used to persuade you that:

  1. you have a problem with your computer
  2. that the scammer knows or could possibly know anything about your computer
  3. that the scammer needs you to give him access to your computer so that he can prove to you that the problem is real and to enable him to ‘fix’ it for you.

But sometimes a more generic social engineering approach also turns up, and one of these has been flagged by the Federal Trade Commission (FTC). In brief, Nicole Vincent Fleming tells us that support scammers are calling back and offering a refund.

As it happens, I’ve seen a couple of reports in the past year or two that have suggested a somewhat similar variation, but too few to determine exactly what form the scam was taking. And in fact, it’s not uncommon for 419 scammers to kick off with an offer to reimburse people who are – wait for it – victims of 419 scams. In that instance, the scammer doesn’t usually admit to being a 419 scammer, but poses as a representative of a government agency (for instance).

The FTC article, however, suggests that at least some of these calls are from scammers revisiting previous victims and offering a refund if they considered the service unsatisfactory, which isn’t something I’ve seen reported previously. Sometimes, though, it seems that the refund is offered on account of the ‘service’ going out of business, and that resembles previous reports I’ve seen, though looking at them in the light of the FTC article, I don’t think that the callers operating this particular variation of the scam are necessarily the same scammers who may have called previously. At least one of our correspondents was puzzled and alerted by the fact that the caller offering a refund didn’t represent the same company with whom he thought he had a contract.

The article gives more information on how the scam works and advice on what to do if you fell for it (complain to the FTC, reverse credit card charges and so on).

I suspect, though, that the real step-change here is that the scammers have once more crossed a line. Earlier in the evolution of the scam, we found that some scammers who admitted that they were not being altogether honest with their victims nevertheless justified their actions by claiming they were providing a useful service. And from time to time, we see comments along the lines of “this isn’t really a scam, more like aggressive marketing”. (I don’t agree, by the way: selling a service by lying to the customer is fraud, in my book.)

Later, we saw scammers who reacted aggressively when they thought they weren’t going to get the payment they anticipated: if they’d already been allowed access to the victim’s machine, they would try to trash the system. While trashing someone’s system for non-payment doesn’t often stand up as a defence in court – remember Dr. Popp and the AIDS Trojan? –motivation in the case where the criminal thinks he’s supplied some kind of service is kind of understandable, if morally, ethically and legally indefensible.

What the FTC is describing, though, seems to me to be a clear case of fraud: asking for credit card details on the grounds that you’re going to give them money and then taking money instead seem unequivocally criminal to me. I don’t see how any scammer can seriously convince himself that this is somehow offering a legitimate service. Of course, this doesn’t mean I think that the scammers weren’t previously aware that what they were doing is wrong: only that it’s harder for scammers to justify their actions to themselves.

If you’re interested in finding out more about this kind of scam, I’ve been maintaining a page on the AVIEN blog for some time with links to resources pertaining to support scams and related issues, papers, articles, and blogs (to which this and the FTC article will shortly be added): PC ‘TECH SUPPORT’ COLD-CALL SCAM RESOURCES. Of course, there are an awful lot of articles on the topic here on WeLiveSecurity. We’ve also posted several papers on the topic:

Details on the book, movie and TV series will follow. :-)

David Harley
ESET Senior Research Fellow

Author David Harley, ESET

  • Zek

    Good articles, but I fail to see how this is related to either security or antivirus? This boils down to lack of common sense by the victim. Don’t accept cold calls! Don’t accept SPAM, call your companies directly. Scams can manifest in any area of life not just computer related.

    • Then I guess you have a narrower view of what constitutes a security issue – and indeed, what I’m here to write about – than I do. I don’t have any problem writing about stuff that isn’t technically interesting but will hopefully enable people who aren’t very knowledgeable about technology to recognize a scam But I agree that even those who aren’t tech-savvy can protect themselves up to a point by thinking twice before taking anything they hear on the phone or read in an email as gospel truth. And that a great deal of computer-related crime is actually more about manipulating people than bits and bytes.

      • On

        Hi David, I appreciate your input. My view is that I think that anyone can be targeted in this way, be it a computer scam, electric scam, double glazing scam and It boils down to a hardening of trust. Let’s hope the next generation has more savvy than the current. And I speak from dealing with the majority of people that are affected by these scams. Thank you.

Follow us

Copyright © 2017 ESET, All Rights Reserved.