Kirby's Computers

Home   Software   Learning center   Virus news

Terms   Windows   Hardware   Tasks   Internet   Scams

Support scam   Phone call   Email   Legal action   General phone   General signs


Tech support scams are currently one of the most common computer scams and there are 3 ways you may fall victim to this type of scam.

The first is when someone calls you saying they have detected a problem with your computer.  This is ALWAYS a scam.  It is logistically impossible.  There is one company in the entire world which can both detect a problem with your computer and know who you are and that is your Internet Service Provider or ISP.  You ISP is the only company anywhere you can trace Internet activity back to you as an individual.  Everyone else can trace it ONLY back to your ISP and then they have to get your personal information from your ISP.  This is not information ISPs give out without a court order.  A court order to get that information can only be obtained for legal issues.  So while it is possible someone could detect a virus being served from your address on the Internet there is no way for them to determine who you are.  That means they cannot call YOU about it, they can only call your ISP about it.

Your ISP will NEVER call you about problems with your computer.  There's a much easier and cheaper way for them to take care of problems they detect.  They simply shut off your Internet.  When you go to get on the Internet instead of the web page you were expecting to see you will see a message that says your ISP has detected a virus on your network, that they have shut off your Internet and to call them when YOU fix it and they'll turn your service back on.  Doing it this way essentially costs them nothing.  They simply change a setting in their computer and you get the warning page instead of the Internet.  They change the setting back and you're back in business.

Your ISP will NEVER offer to help you fix it.  They are not in the computer repair business.  They are not in the security business.  They are not in the antivirus business.  They are in the communications business.  They will offer to fix a computer issue any more than they would offer to fix your car.  It's not what they do.  It would cost them money to hire employees with skillset not needed for their own industry.  If it doesn't make money you can bet a corporation isn't going to do it.  In fact, they are legally mandated by law to make as much money for their investors as possible, so even if the people running the corporation did really want to help people your phone company legally can't hire computer experts and automotive mechanics to just help you out when you're in a fix from the goodness of their hearts.

The next type of scam is when you are on the Internet and a message pops up telling you that a virus or other problem has been detected and you need to call a support number immediately.  This warning will often be accompanied by a message telling you not to close the window and a siren or voice impressing on you the seriousness of the problem.  It will almost always use the name of some legitimate company, usually Microsoft, to suggest that you can trust them.  This, too, is ALWAYS a scam.  First, your computer doesn't "know" any phone numbers.  If there's a phone number on your screen, someone person put it there (through programming of the web page).  Second, ANYONE who "detects a problem with your computer" is lying if it is not Windows itself or your antivirus program.  Yes, Microsoft software, particularly Windows, can detect problems with your computer, but they NEVER give you a phone number to call, nor do they EVER give you a link to download something.  You either get a blue screen of death or, in VERY rare cases, a button to try to fix the problem.  Clicking this button will NEVER ask you to call a number, ask you to install anything or ask for money.

In this case what you are actually looking at is nothing more than a web page.  They page is usually designed to remove the borders, toolbars and buttons which allow you to control your browser, but it's still just a web page.  These web pages often resist attempts to close them, usually warning you that closing the page will have dire consequenced.  The reason for this is simple.  If you simply close the page and go about your business they can't scam you, so they don't want you doing that.  The result is that getting rid of this page is usually very difficult, but there are a few steps you can take to get rid of it.

First, you have to disconnect your Internet.  This step is important because the page will often reload itself when closed.  Locate your modem and turn it off or unplug the power cord from it.

Second, you have to restart your computer.  Even with no Internet access if you close the web page it will reload itself from the browser's cache and the website may have disabled your ability to close the page.  Restarting the computer forces the browser to close and makes the cache "stale".

Third, with the Internet still off, open your browser.  Often times when a browser isn't closed properly, such as happens when the browser is force-closed by restarting, it will try to open the last page(s) it was on when it "crashed".  If it does then it will not be able to load the page because you don't have an Internet connection.  And it can no longer use the cached page because that information is out of date.  So you will get the standard warning your browser gives when you're not on the Internet such as "Page cannot be displayed" or "Unable to connect to server".  Once you see this message, close your browser.  This will cause the browser to exit cleanly instead of crashing so that the next time it is opened it will go to your homepage.

Finally, reconnect your Internet by turning your modem back on or plugging it back in.  You have to wait a few minutes for the modem to boot and connect.  Once the modem is connected to the Internet again you're back in business.  The warning will be gone and you are free to surf the Internet again.

On rare occasions this warning is actually caused by something on your computer.  In this case it will come back up even after you performed these steps.  In this case your computer will need serviced to remove the infection.

The third type of support scam is more difficult to spot because YOU initiated the scam call.  This type of scam happens when you try to get support for free by searching for terms like "Microsoft support" or "HP support".  Large corporations don't really offer much for support to end customers.  In fact, if you bought a computer with Windows already installed the manufacturer of that computer has agreed to be the Microsoft support for that copy of Windows.  Chances are the number you found on the Internet was really for a third party support company and third party support companies ALWAYS charge for their service.  It is the very nature of their business.

If you need suppot from Microsoft there is a very good chance you're not going to get it.  If you need support for a product you bought such as a PC or printer you are highly unlikely to get that for free and almost certainly not going to get it for free if the warranty is expired.  HP will not take your support phone call free of charge for your 3 year old printer.  In fact, they may only take your call free of charge if it is a warranty issue.  For support you're often on your own.

Even if you do get connected to the legitimate support of a legitimate company you STILL might get scmmed.  I have personally seen support techs for big companies either personally try to scam customers or give the customer the phone number of a scam third party support company.  These companies often hire support teams in other countries whose legal protections for consumers may not be so robust as they are in the US, not to mention any investigation is complicated by international boarders and legal action may be impossible due to lack of international agreements with those countries.

All of these support scams usually have the same ultimate goal, to connect you with a scam "tech support" person who will give you instructions to follow.  Those instructions almost always lead to the scammer logging on to your computer remotely.  Once logged on they usually do something which you don't understand, but which looks "techical".  They may show you several "problems" that they've found.  But remember, they are controlling everything and, since you don't understand what they are doing, you are relying on their explanation for what it all means.  You can bring up perfectly normal messages on your computer which look like they might be something serious even though they're not.  This is especially true if the person your talking to gives you a seemingly rational explanation for what the message is telling you and tells you that it's serious.

Then comes the hook.  They tell you about all the "problems" they found and what it's going to cost to "fix" them.  If you won't pay it they will usually reduce the price several times in an attempt to get something from you.  If you hang up on them they will usually call you back one time to try again.

If you do not pay that is usually the end of it, but not always.  When a scammer is logged into your computer they can do and access literaly EVERYTHING on your computer.  If you have a file on your Desktop called "Passwords.txt" you can bet the scammer took a copy of that file as soon as he saw it.  If it has your bank login then you had better call your bank right away because it's very likely the scammer is just about to log in and see what he can take.

Very rarely I have seen one of these scammers install spyware and malware on the computer.  I'm sure the scammer got a few cents for each one he installed or something.

More commonly, however, I have seen the scammer take revenge on the customer who would not pay or asked for a refund.  If you let someone log into your computer and you paid them, NEVER call them back asking for a refund.  In one case I saw the scammer convinced the person to let him log into the computer AGAIN "to undo the things he had done".  What he was really doing was making sure that Windows wouldn't boot again.  On top of that, the customer never got the refund (well, not until he contacted his card company and explained the scam).

Usually, however, these people won't do anything if you don't pay them, they'll just move on to the next victim.  The more people they scam in a day the more money they make.  But they could do anything when logged into your computer and they have access to any information on your computer, expecially if that information is stored in plain text format.