Story image

Microsoft comments on recent tech support scam crackdowns

30 Nov 18

Finally it seems authorities are making headway in the quest to crack down on tech support scams, but there is still a very long way to go.

In a blog post, Microsoft Digital Crimes Unit assistant general counsel Courtney Gregoire describes reports from the New York Times. The report states that more than 100 India law enforcement officers raided 16 call centre locations.

Those call centre locations were involved in tech support scams and 39 people were arrested. The alleged call centres had scammed thousands of people, most of whom were from the United States or Canada.

But whether that makes a dent in the number of global fraud scams is another question altogether.

Microsoft says it had received upwards of 7000 fraud reports worldwide that were associated with the 16 call centre locations. 

There have also been a number of other raids on call centre locations – six weeks ago the Delhi Cyber Crime Cell shut down 10 call centres, arrested 24 people, and seized evidence including voice call recordings and call scripts.

In May 2017 the US Federal Trade Commission led Operation Tech Trap. In June 2017, the City of London Police also arrested four people in relation to computer software services fraud.

Despite the crackdowns, Microsoft warns that these scams persist and target everyone, no matter their age or location.

“Anyone may receive an unwanted phone call or experience a pop-up window on your device with a ‘warning’ that your computer has a problem requiring immediate tech support,” writes Gregoire.

“These messages are often very convincing and use scare tactics to entice consumers into contacting a fraudulent “tech support” call centre. Call centre operators typically encourage the victim to provide remote access to their device for “further diagnosis” before charging the victim a fee – typically between $150 – $499 – for unnecessary tech support services. In addition to losing money, victims leave their computer vulnerable to other attacks, such as malware, during a remote access session.”

Microsoft says it works with law enforcement agencies primarily through its ‘report a scam’ portal, where people can share their experiences directly with Microsoft’s Digital Crimes Unit team.

Microsoft says it is also working with products like Windows Defender and learning about cybercriminals’ behaviour to build better cyber protection.

“The best thing you can do to help protect yourself from fraud is educate yourself,” Gregoire says.

Microsoft’s tips to catch a tech support scam:

•    Be wary of any unsolicited phone call or pop-up message on your device.

•    Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.

•    Do not call the phone number in a pop-up window on your device and be cautious about clicking on notifications asking you to scan your computer or download software. Many scammers try to fool you into thinking their notifications are legitimate.

•    Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.

•    If sceptical, take the person’s information down and immediately report it to your local authorities.

25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
Using blockchain to ensure regulatory compliance
“Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it."
A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
How to keep network infrastructure secure and available
Two OVH executives have weighed in on how network infrastructure and the challenges in that space will be evolving in the coming year.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.