After the ransomware WannaCry wreaked havoc a few weeks ago, computer owners and users have now become warier of viruses. Unfortunately, scammers have also been busy trying to exploit this opportunity. There have been increasing reports about people receiving notifications that their PC was at risk of a virus infection. They were prompted to contact tech support or purchase and install antivirus software they actually don’t need. Instinctively wanting to protect their computer, they complied and ended up with spyware in their PC and paying usually hundreds of dollars for the extra “protection”. These tech support scams are on the rise all over the world.

One of the many fake ads circulating out there (Image Source: CNN Tech)

Tech Support Scams In the United States

It seems that the elderly and tech newbies are groups frequently being victimized by tech support scams. In Fox Crossing, Wisconsin, a 62-year old woman lost more than $9,000 to scam artist. She reported that a man called her about a refund for her antivirus subscription. He said $14,000 was mistakenly placed in her checking account and she had to pay the money back. She complied and sent a series of transactions amounting to $9,179. She later learned that the caller had manipulated her bank account to make it appear she received a $14,000 refund. After reporting it to her bank, she changed her account numbers, and froze all other points of access. Police said she also planned to have her computer cleaned to remove any spyware.

The Federal Trade Commission (FTC) reported another story. A 90-year old man got a call from a fake Microsoft repairman. The commission played a recording of the call at a press conference. The victim was advised that his computer had an infection and is pressured into paying for “repairs”.

Acting Director of FTC Tom Pahl reported that the commission has received more than 96,000 complaints. The total amount swindled from these people is more than $24.6 million.

Tech Support Scams In the United Kingdom

There are two WannaCry tech support scams targeting Windows users in the UK. According to the British National Fraud & Cyber Crime Reporting Center, the first one is a splash page that warns a computer is at risk of WannaCry. Then, a pop-up window appears with the instructions to call “Tech Support”. Take note that the ad doesn’t close and doesn’t specify which company’s technical support you’re supposed to contact. The pop-up warns that if users don’t do so, their passwords, credit card information, and browser history will be compromised. Once they call, the scammers request for remote access to the PC. Once granted, they install the Windows Malicious Software Removal Tool. The victims are made to pay £320, but this tool is actually free.

It is important to remember that Microsoft doesn’t charge home users for technical support. Only businesses have to pay for that service. Additionally, warning and error messages from Microsoft never include a phone number. Finally, the company also doesn’t contact users about unsolicited PC or security issues – you’re the one who has to initiate any communication with them.

The second scam is a phishing campaign where users receive a BT (formerly known as British Telecom) branded email. It basically says that BT has launched preventive measures to protect your data on an international scale. And in order to confirm your security upgrade, you need to provide personal details.

Android Devices Not Spared

McAfee reported that they found a few apps on Google Play claiming to provide protection against WannaCry for Android devices. This should already raise some suspicion because the ransomware affects only devices running on Windows. The WannaCry Ransomware Protection app was one of the apps spotted. McAfee discovered it has fake features and is loaded with ads. Thankfully, these fake apps have not been spreading any malware. But with cyber criminals pouncing on opportunities like this to exploit, it won’t be surprising to hear news about this actually happening.

Fake Android apps “offering” WannCry protection. (Image Source: McAffee.com)

What to Do to Prevent being Victimized?

  • Stay informed. Read up on recent security threats and expert advice on how to protect yourself. Make sure you verify the information and stick to reliable resources (in this case, legitimate news sites and leading tech resources).
  • Ignore a pop-up warning that instructs you to call technical support. You may sometimes receive legitimate pop-up messages from your security software telling you to update your operating system. However, these will not include instructions to call a number for tech support.
  • Hang up the phone if you receive an unexpected call from anyone claiming to be tech support. Even if a legitimate-looking number appears on your caller ID, this can be a fake call. Scammers can easily create phony caller IDs. The bottom line is that if you are unsure of a caller’s identity, hang up.
  • NEVER share your passwords, pin numbers, and other personal details with anyone who contacts you. Don’t allow them remote access to your computer either.
  • If you have shared your passwords, pin numbers, and other sensitive login details with anyone, change them. Update all of your accounts.
  • Update or download legitimate antivirus software to get rid of malware and other issues on your PC.
  • Remember that Microsoft or someone on their behalf will never call you.
  • Make sure all of your software is up to date.
  • Do not open any suspicious emails.
  • Do not click on any unfamiliar links. Verify any URL before clicking through.
  • Do not open any files you weren’t expecting to receive.
  • Do not download any sketchy apps.

What to Do if You Fell Victim to a Cyber Attack?

  • If you used your credit card to pay for any bogus services, call your credit card company to reverse the charges. Go through your statement, then report and ask to reverse any charges you didn’t make.
  • Contact your bank and make sure to stop any further payments being taken from your account.
  • Have your computer checked for any spyware or other harmful software or programs that might have been installed.
  • Report any scams to the Federal Trade Commission in the United States, to the National Fraud & Cyber Crime Reporting Center in the United Kingdom, or the proper authorities in your region.