Tech support scams are becoming more common and the criminals perpetrating them are becoming more sophisticated, according to a new report by security firm Malwarebytes.
Tech support scams began to rise in prominence in 2008 with cold calls to random numbers. Scammers pretending to be Microsoft technicians would try to convince targets that their computers were infected and faulty and that the technicians needed to take control of the machines to fix them. Since then their techniques have become much more nuanced.
Malwarebytes details tactics like software activation scams, where victims download a program that looks legit but are then required to make further payment to use the software, and malicious advertising that claims you’re infected with malware and should call a specified number for help. The tricks cast a wide net but typically the perpetrators are hoping to catch users who are not so tech savvy.
In some cases, scammers re-sell legitimate software at a huge mark-up and offer phony support services. Culprits have even used Malwarebytes’ software to extort money, said its CEO Marcin Kleczynski.
“As a result of the abuse of our brand and products, we often have people come to us when the scammers fall short of providing services,” said Kleczynski. “That’s when we have to tell victims that they were defrauded and that there’s little chance of them recovering their lost money.”
According to the researchers, these scams have grown into their own clandestine industry with companies in the U.S., U.K., and India that front as legitimate businesses but carry out support scams.
One of the researchers for Malwarebytes, who declined to be named, said India has long been a hotbed for support scams targeting victims globally. Just this past weekend, Indian authorities arrested a man dubbed the “guru” of call center scams. But there’s also a glut of such companies in the U.S. of late, operating out of Florida in particular.
Malwarebytes has been investigating several companies and works directly with the FTC to report and shut down scamming operations. It contributed to an investigation into Florida’s OMG Tech Help in 2014, and during the summer, the phony tech support company settled its case with the FTC by surrendering its assets and paying a fine.
In this latest report, Malwarebytes accuses more companies of scamming people. One such company is the U.K.’s Emobilize, which describes itself a web development services company. Malwarebytes claims otherwise and the firm has been accused by average users as well.
The company ardently denies the allegations. “As a growing business we have multiple competitors who try to jeopardize our business, these reviews are nothing but some cheap unethical comments by some of the fake users,” an Emobilize spokesperson told Digital Trends.
Another company, this time from India, called Delwyn (but also operating under the name Gowyn) has allegedly placed false ads on websites to lure people into calling the firm for help. Delwyn didn’t respond to requests for comment.
According to Malwarebytes researchers, you can piece together when a company is involved in scams by examining their social media posts, descriptions on their websites, complaints made about them on consumer forums, and even Craigslist job posts. “Some of them are really open. They don’t seem to care,” said the researcher.
There have also been cases of scammers using third-party software like LogMeIn to carry out their correspondence with victims. LogMeIn explained that it polices its software for tactics like this and reports abuse to the authorities.
“Use of this software or any of our products for nefarious or illegal purposes violates our terms and is immediate grounds for account termination,” said a spokesperson.
Kleczynski added that companies need to take an active role in clamping down on tech support scammers. We’ve already seen Microsoft decide that it’s had enough by filing a lawsuit against alleged culprits.
“We definitely see a larger involvement from the different parties that are affected by tech support scams. Having said that, in the past year we have seen some notable takedowns both in the U.S. and overseas, so things are going in the right direction,” said Kleczynski, who nevertheless conceded that scammers are wily and always evolving to the next trick.