What Is Help Desk Fraud and How to Identify Such Scams

Man working on the computer while talking on the phone with magnifier showing a fraud that he is
Click here for a quick guide to help desk fraud
What Is Help Desk Fraud (Tech Support Scams) And How to Prevent It? - Summary

Help desk fraud, more commonly known as tech support scamming, is a form of cybercrime usually targeting people who are more vulnerable (such as senior citizens) and are not that tech-savvy.

  • Criminals will pretend to work for the tech support department of large and reputable companies.
  • They will convince the victim something’s wrong with their PC or some software on it and this needs to be resolved immediately. The cybercriminals offer a solution, but this does require them to connect to the victim’s PC.
  • Once connected, they can obtain sensitive information. They might urge the victim to log in to their online banking portal to pay for the assistance provided.
  • When the victim gives in, they will register their login details through keylogging and can easily steal their money.

Want to know how to recognize and prevent tech support scams? Read the article down below to find out more.

There are tons of ways for cybercriminals to trick you and rob you of your hard-earned cash these days. One of the more popular ones is help desk fraud, also commonly known as tech support fraud. In this article, we’ll go over what help desk fraud is, how it works, popular tech support scams, how to prevent them, and what to do if you’re a victim.

What Is Help Desk Fraud?

Help desk fraud, or tech support fraud, is a type of cybercrime where scammers pose as tech support for banks, important organizations, and well-established organizations such as Microsoft, Apple, and Amazon. Generally, they’ll contact victims by phone and pretend to work for one of these companies’ help desks or anti-fraud departments.

Money being phishedEssentially, tech support scams are a type of phishing. They rely on deception to get victims to give the perpetrator access to their computer, or to hand over personal information and even passwords. As such, the criminals will obtain access to the victim’s online banking portal, or even be able to pose as the victim online. The latter means they could order expensive products in your name, or even worse, request huge loans.

How Do Tech Support Scams Work?

Which questions and actions on behalf of “tech support agents” should make you feel wary? To be able to recognize help desk scams, it’s crucial to know how these criminals operate. That’s why we’ll walk you through a common method tech support scammers use. We’ll focus on a common Microsoft scam, where the scammer claims to work for Microsoft technical support.

Infographic showing how do Tech support scams work with white background

Initial contact

The very first step consists of the perpetrator getting in touch with their victim. This usually happens in one of the following three ways:

  • The scammer simply calls the victim, without notifying them prior to the call (cold calling).
  • When the victim is looking for support himself he is redirected to a malicious, fake tech support site (often due to a typo) and calls the phone number on this website.
  • The victim’s computer is infected with malware. As a result, a pop-up appears and claims there is an issue that needs to be resolved immediately by calling the phone number in the pop-up.

When the scammer is finally talking to the victim, he will introduce himself as a tech support employee or help desk member, or another role that is supposed to invoke trust in the victim. Also, they generally use an American or Western-sounding name, such as “John Smith”.

The tech support fraudster will come across as very serious and concerned and explain the victim’s computer is experiencing a serious problem. He might come up with a crafty story about a fake virus, for instance. In order to “resolve the problem”, the scammer claims he needs access to the victim’s device.

Access to your PC

In order to “help you”, the criminal will prompt the victim to install otherwise legitimate remote PC control software, such as Teamviewer or Anydesk. This type of software is also used by IT departments of big companies in order to resolve a problem an employee is experiencing remotely. The scammer will walk the victim through the process of granting them remote access. Of course, they will be dishonest about the associated risks of what they’re doing and what they’re actually doing.

“Solving the problem”

Now the scammer has access to the victim’s computer. The victim will likely see his mouse moving all over the screen, seemingly by itself. They might get a little nervous, and rightfully so. “John Smith” will assure the victim he’s only doing what’s necessary to resolve the issue. However, in reality, he is likely turning off any security features your device has and changing important settings. They might even install actual malware on your computer. That way they will have access to your PC, even when the screen-sharing has ended. In some cases, they also hide the screen so you can’t see exactly what they are doing on your computer.

Generally, the criminals work together in pairs of two. One of them will take over the victim’s PC, while the other one keeps them distracted on the phone, so the victim is not paying enough attention to what’s happening.

Now, the perpetrators have accomplished their goal: complete control over the victim’s device and the ability to access all of his data, including what he is typing on his keyboard (keylogging). Now it’s all about getting access to the victim’s bank account.

Using a crafty story, the perpetrator might ask the victim what bank they use and prompt them to log in to their online banking portal to pay for the help they received. If the victim gives in, the criminals will easily obtain the victim’s login credentials, thanks to keylogging. Now the tech support scammers can easily access the victim’s bank account and transfer funds as they please.

Many of these scammers also prey on the elderly or those who don’t know how to use computers properly. They primarily look for the less tech-savvy crowd to run their scams effectively.

Social engineering

In essence, tech support scams are simply a form of social engineering. The example above, for instance, relies on a combination of distraction and deception, to get the victim to actually cooperate in creating his own demise.

Another important aspect of this social engineering is that the perpetrators usually pretend to work for a large and trustworthy company or organization. This will create trust and make it easier to deceive victims.

If the criminals are shrewd enough, there will always be a few (likely more vulnerable individuals, such as senior citizens) people they manage to trick. That’s all the tech support fraudsters need to make a considerable amount of money.

Common Tech Support Scams

As stated above, it’s important to recognize tech support scams, which is why below we’ll list three common scams.

Infographic showing examples of most common Tech support scams with white background

Generally, these scams have the same end goal: getting access to the victim’s device and obtaining as much cash as possible from them (usually by obtaining their banking login credentials).

  • The Microsoft scam: As mentioned above, the Microsoft scam is a very common one. This scam is all about claiming the victim’s device or a certain piece of software on this device is experiencing a serious problem. The scammers will offer to fix it, but instead, they’ll take over the device and do what they can to steal funds from the victim. There are many different variations of this scam, for instance, variations where scammers claim to be part of Amazon, Apple, Norton, or other large and well-known companies. For instance, these days McAfee scams and Windows Defender scams are getting more and more common as well. Because Windows is the most popular operating system out there, such scams are easy to execute.
  • The banking scam: Scammers will pretend to work for the bank that the victim uses. They will convince them they’re trying to stop a fraudulent transfer or are dealing with another emergency pertaining to the victim’s bank account. The criminal will convince the victim he needs to share his banking details or even his PIN code to resolve the problem.
  • Refund scams: Victims receive a call or a voicemail about some expensive purchase that’s been done in their name at a webshop. The criminals will tell the victim they can correct this mistake, by paying the victim back using gift cards. Through deception and distraction, the scammers actually get the victim to buy gift cards for them. This scam is often supplemented by convincing the victim too much money has been paid back by the scammers, and the difference needs to be paid using, once again, gift cards. This way the scammers can make even more money.

How To Recognize and Prevent Tech Support Scams

Tech support fraud can be very deceptive and hard to deal with. Fortunately, there are often still some warning signs and tips you can follow to prevent becoming a victim. As such, we’ll list a few tips below to help you recognize and prevent help desk fraud.

  • Lots of tech support scammers are from third-world countries with large urban centers, such as India. As such, perpetrators might have quite a thick, easily recognizable accent. On top of that, they often use Western names that don’t necessarily match their accented voice.
  • It’s very unlikely large and trustworthy companies will call their customers unannounced in case of a problem. Generally, they will reach customers through more official channels, such as by post. Alternatively, since many organizations such as banks have their own online portals, they might reach you that way. If there is a very pressing matter, such as suspected bank fraud, they might send a text message, but generally with the instruction to call the office phone number of your bank (which you can check online).
  • Banks will never ask you for your login credentials or PIN code. Even if you lose or forget your credentials, there will be a secure process to reset your login information. You will not just be asked to give your sensitive information to someone on the phone. If someone asks you to do this, this is likely just a phishing scam to get access to your online banking portal!
  • If something seems fishy about a call or message from a so-called tech support employee, trust your instincts. Hang up the phone and contact the organization that the caller (or messenger) claims to be a part of directly, through their official channels. You can generally find these on their official website.
  • Remember that these types of scams don’t just happen by phone. Remember that tech support fraudsters can just as easily send you a scam email or a text message. Or, they might even send you a letter by post. Whatever form of communication, they’ll most likely prompt you to call some phone number. Needless to say, your call will be answered by a help desk scammer. In this case, follow the same advice as above: if you don’t trust it, always contact the company using their official phone number or other channels, to verify the email or letter actually comes from them.

What Should I Do if Tech Support Scammers Keep Calling Me?

If help desk fraudsters have obtained your phone number somehow and keep calling you, this can be extremely frustrating and even stressful. That’s why we’ll give you some tips and what to do in this situation.

  • Don’t pick up the phone if you’re called by a number you don’t know. Especially if you notice it’s a foreign number. (If a foreign number is calling you, not only could it be a scam, but you might also incur costs for receiving a call from abroad).
  • If in doubt whether to call back after a missed call, do a quick Google search to see if the number pops up on pages discussing spam and (help desk) scams. Look for the official helpline number of the service the person claims to be calling from.
  • Hang up as soon as you feel you’re dealing with a scam.
  • Block the scammers’ phone numbers on your phone.
  • Contact your phone provider about any unwanted calls.

How Do Scammers Obtain My Phone Number?

There are two main ways in which help desk fraudsters obtain phone numbers to call. Firstly, they often buy large databases of phone numbers and personal details which have been obtained during data leaks or hacks. It’s easy to obtain these long lists of leaked info on the dark web, for instance.

Another way to contact potential victims is to simply use a type of software that automatically generates random phone numbers. This technique is often used by many “professional” scam call centers (more on this later). Needless, to say, this technique doesn’t create as much trust with the victim as the first one. After all, obtaining databases with not just phone numbers, but also names and other personal details, allows the criminals to address their victims in a more personalized way.

What To Do If You’re a Help Desk Fraud Victim?

Help desk fraudsters operate in a very shrewd way. Therefore, theoretically, anyone can become their next victim. If you’re a victim of tech support scammers, follow these steps:

Infographic showing what to do if you are a Help Desk fraud victim with white background

  1. Contact your bank immediately. Ask them if they can block or reverse the transactions between your account and the scammers’ account. If at all, this will only work if you act very, very swiftly after finding out you’ve been scammed.
  2. Contact a professional IT security specialist and have them make sure your computer is free of malware. If not, they should obviously help you remove it.
  3. Change all passwords you use for important services and accounts, such as your email, social media, online banking portal, etc. Only do this after step 2 is completed. If you do it earlier, the criminals will likely just get a hold of your changed passwords, thanks to the malware that’s still installed on your device.
  4. Inform the organization the cybercriminals claimed to be a part of. That way, they are aware of what’s going on and can inform other customers or clients.
  5. Press charges.

The Scale of the Problem: Tech Support Scam Call Centres

You might ask yourself why, if help desk fraud has been a serious problem for years, we haven’t eradicated it yet. Unfortunately, it’s not that easy.

In certain regions of the world, there are actual call centers that specialize in this form of cybercrime. They have large numbers of people working for them and are quite numerous themselves. Many of these call centers are located in countries with large urban centers, incredibly competitive job markets, and low wages. A common example is India.

In other words, it’s not just a question of catching “a few cyber criminals”. To make the problem go away, large systemic changes are likely needed. But until then, we hope the tips in this article will help you stay safe from tech support fraud.

Conclusion

Help desk fraud is a serious form of cybercrime involving criminals pretending to work for the tech support departments of big companies such as Microsoft, Apple, Amazon, large banks and others. By claiming they want to help victims, they get access to their computers. This allows them to steal sensitive information and large amounts of money.

Remember, large companies don’t just go around calling their customers and asking them for sensitive information. After all, they have secure processes in place to prevent fraud. So if someone calls you asking you to do this, this should always be a red flag.

When in doubt, always hang up and contact the company directly and ask them what’s going on. Furthermore, be sure to observe the other tips in this article to stay safe.

Help desk fraud - Frequently Asked Questions

Do you have a specific question about Help desk fraud you need answered swiftly? Check out our FAQ down below. Simply click on a question to see the answer. Is your question not there? Drop us a comment down below and we’ll get back to you as soon as possible.

Help desk fraud is a form of cybercrime where tech support scammers will pretend to be part of the tech support team of a large company, bank or organisation. They’ll convince you there is an issue with your computer, your bank account or some software on your PC and will offer to fix it. Instead, they will, if you allow them to, connect to your PC and steal sensitive information and as much cash from your bank account as they can. Read more in this article.

Absolutely not. Banks and large companies don’t just call customers asking for sensitive data, because of how dangerous this is from a fraud-prevention perspective. If you call them for help, they’ll likely ask you for some details to verify you are who you say you are, but these are personal details which they already have anyway. If someone calls you, claims to work for your bank and asks for your login details or pin code, hang up the phone! You are likely dealing with either help desk fraud or phishing.

The consequences of help desk fraud can be enormous. Victims often lose large amounts of money, because tech support scammers often get direct access to the victim’s bank account by connecting to their PC and registering everything they type, including the login details to their online banking portal. Read more in this article.

Tech journalist
Nathan is an internationally trained journalist and has a special interest in the prevention of cybercrime, especially where vulnerable groups are concerned. For VPNoverview.com he conducts research in the field of cybersecurity, internet censorship, and online privacy. He also contributed to developing our rigorous VPN testing and reviewing procedures using evidence-based best practices.