Tech support scams used to involve cold-calling computer users to convince them to buy dubious software that did little to help victims or their computer systems.
Over the past few years, however, the scams have become far more insidious, according to a report by security firm Malwarebytes. From fake antivirus alerts to notices that seem to come from a victim’s internet service provider, tech support scammers are diversifying their approach to convince consumers to fall for their cons.
In the first quarter of 2016, more than 3,600 people complained to the Federal Bureau of Investigation’s online hotline—the Internet Criminal Complaint Center (IC3) —that they had lost more than $2.2 million to tech support fraudsters.
The scams have moved on from cold-calls to more sophisticated targeting through malware and scareware pop-ups advertising, according to a malware intelligence analyst at Malwarebytes, who asked to remain anonymous.
“We have seen more and more scams, primarily because malicious advertising—malvertising—makes it much easier to fool people,” the researcher said. “The random cold calls are still happening, but they have been supplanted by targeted attacks.”
The evolving nature of the attacks means that the scams are targeting not only the less tech-savvy older generation, but also a broader swath of the population, the researcher said.
Historically, tech support scammers have flourished in India, because many workers already have experience in call-center support and costs for support staff are low.
Yet, Florida has also become a hub for such scams. In June, the Federal Trade Commission and the State of Florida settled a complaint against two companies and their chief operating officer, alleging that they used software to trick consumers into paying fees for dubious tech support products and services. The government agencies had originally shut down the operations of the companies in 2014, claiming that had conned consumers out of more than $120 million.
“Each scam starts with computer software that purports to enhance the security or performance of consumers’ computers,” the Federal Trade Commission stated in 2014. “Typically, consumers download a free trial version of software that runs a computer system scan. The defendants’ software scan always identifies numerous errors on consumers’ computers, regardless of whether the computer has any performance problems.”
Even though the companies are in the United States, prosecuting the scammers is not always easy because they make their software and services convincing enough to arguably be of a benefit, according to the Malwarebytes researcher.
“In India, they will take your money and run,” the researcher said. “But in the U.S., when they scam you, they try to offer a good service, because they want to make it legit.”
Since then, the scams have become more sophisticated and more subtle, Malwarebytes’ the researcher said.
In software-activation scams, consumers convince victims to purchase a program and then make the license key difficult to find. When the consumers call support, the scammers try to upsell the individuals on additional support to solve issues with the system.
Tech support scams also have adopted ransomware tactics, infecting a victim’s computer with software that locks their systems to force them to call the scammers to regain access.
Why not skip the tech support scam and do straight-up ransomware? Because talking to the victim can make them more likely to pay and less likely to report the crime, the researcher said.
“It is a more customized way to manipulate people and scare them,” said the researcher. “Once you make the mistake of calling them, they essentially know who you are and where you live.”