Tech support fraud remains a massive issue in India with 203,295 attacks identified from January through March 2021, according to a new report by global digital security and privacy firm Avast. The Avast Threat Labs report states that users in India are frequently targeted by technical support fraud.
How tech support scams work
Tech support scams happen when fraudsters use scare tactics to trick individuals into purchasing overpriced and unnecessary “support services” to allegedly fix a computer, device, or software problem. They convince victims that their computer has been infected by malware; a window will pop up, alerting the user of a malware or spyware infection on their computer, and that their only recourse is to call a phone hotline for technical support. Once on the phone, scammers try to convince the callers to establish a remote connection to their computer and sometimes download a second remote management software without the user knowing to maintain a constant connection to the user’s PC.
Once granted access, bad actors can also install malware, or other malicious programs that damage the data housed on devices, or even worse, harvest personal information. Criminals with access to this type of sensitive data can leverage it to gain entry into financial accounts, health records, or other essential services. In addition, fraudsters go to great lengths to convince victims of their legitimacy, including creating web pages that imitate antivirus or firewall software warnings or even setting up fake companies to validate their actions.
"Tech support fraud is increasingly common and targets some of the most vulnerable individuals. Criminals exploit victims through money or personal information. Above all, remember that whether it's a phone call or a website, legitimate tech support won't ever proactively seek you out to fix an issue,” said Alexej Savcin, Senior Malware Analyst, Avast.
What you can do to stay safe online
> Question what led you to the support page: If it popped up on its own, that is one major indication that the website is fraudulent.
> Check the webpage: Compare the domain URL to known sites; if it is not intuitive or easy to read, the website may be a scam. Further, if the browser freezes on a tech support page, it's an indication that something is wrong.
> It is important to keep in mind that there is no real threat until a bad actor gains access to your information or devices: Although criminals may try to pressure you, stay vigilant and skeptical when online, if unsure disengage and verify credentials on your own.
> Stay vigilant of common scam methods like malicious advertising (maladvertising)–scammers abuse legitimate online advertising markets with fraudulent ads that lure victims to their infrastructure, often a fake tech support scam page indicating an issue needs mitigation; 401 authentication loop - fraudsters can exploit an authorisation pop-up window, where the window can't be closed and displays contact information for fraudulent tech support; file download jamming - bad actors jam browsers with file downloads until unresponsive; keyboard shortcut lockout-fraudsters will lock commonly used keyboard shortcuts to close windows (i.e., "ALT+F4" or the "Escape" key), so victims experience an infinite loop with no way to escape; print spam– malicious web page continuously sends print commands to the browser to make it seem slow and unresponsive.
> Call someone you can trust who has technical knowledge on computers and software– when in doubt, reach out to a family member or someone you trust.