Leet Tech:  Telephone Scams: How They Happen and Where They Come From

by Gary Chapman



Picture this: Grandma Ethel is sitting at home watching reruns of her favorite shows when a person calls. She answers and is told that her computer — which her grandson usually takes care of — has been hacked and that she needs to get their security system. They make her download a piece of remote software, take her to a website that looks like it was made in a few hours, and then make her purchase the “premium security package” for $599. Little does she know, she has just been scammed by people who do the same thing to thousands of people across the US and around the world.

There are two major types of scams that are done by this unscrupulous bunch: the tech support scam and the refund scam. The tech support scam is usually a person cold-calling/leaving a message or making a webpage that freezes the browser with a pop-up that has a phone number saying that they are from Microsoft. The scammer claims the user has gotten a virus or that their computer has been locked due to activity like pornography and the like. They then do some tactics to make it seem like there is a hacker or virus on the computer (usually using the “netstat” command or pulling up event viewer) and say that in order to prevent this activity, you’ll need to buy their special “security package”. 

If the person hasn’t wised up to the fact that it’s a scam, they will pay the organization either through PayPal or by using gift cards, which are easily laundered. YouTuber Jim Browning revealed that, when you pay them, they will uninstall any previous antivirus software and replace it with one that they have a group license for (i.e. McAfee) or download free programs like CCleaner or MalwareBytes, which is a major security risk. Sometimes though, certain places will place malware on the person’s computer, disabling their security programs.

The other type is the refund scam, here’s how it works:

  1. An automated robocall will call the victim and say that the services they have bought have been discontinued, as they are going out of business (they aren’t). This may be a follow-up on the tech support scam, as scammers tend to mark the successful ones in a spreadsheet and sell them to other scammers. The robocaller could also say a purchase has been made on Amazon or another web store.
  2. The victim will call the scammer regarding the robocall. They will then make them download multiple remote access programs (this is important), and ask them to log in to their online banking.
  3. They will then ask the person to mark down their balance as they need to for the refund, and then black out their screen.
  4. The scammer will then use the inspect element tool, and change their balance and make the victim (who still can’t see the screen) type out the amount that they should be refunded. The scammer will then deliberately add an extra digit to make them seem like they accidentally got too much. (i.e. refund was for $200 and the “accidental” amount was $2000.)
  5. The scammer will then make it seem like it’s their fault, using either the threat of calling them a thief, using sympathy by saying they risk losing their jobs, using banter or complimenting them to establish trust or just downright bullying the person. They will then propose that they can fix it.
  6. Either they will go to the bank (they coach them to not mention a phone call or a refund as banks have gotten wise) or make them get $2000 in gift cards (stores have gotten wise too, with the cashiers being told to ask).
  7. They call the number and read off the card numbers, the cards are then laundered, leaving the victim with no way to get their money back.

Tech scam illustrationAccording to the Federal Trade Commission, older adults are five times more likely to fall for tech support scams and are less likely to report them (most likely out of embarrassment). In 2018, the FTC reported 143,000 reports with totals of 55 million dollars being taken from individuals due to scammers.

While most people associate tech support scammers as being from India, this scam is happening from various countries. It’s just that India has a large amount of them targeting the US and the UK.

The BBC interviewed a former employee of one of these scam call centers who said, “I was making more money than an MBA graduate and I don’t have a college degree [and that] I used to drink a lot, party a lot, what are you going to do with all that money when you literally you don’t have any future plans?”

There are people who are actively trying to stop people from being scammed. People like Kitboga waste the scammer’s time by using a voice changer and pretending to comply. Another YouTuber, known by the alias Jim Browning, reverses the scammer’s remote connection to record and confront them, with several places being taken down. Mark Rober and him have collabed to catch money mules (the people who collect the money in the US to send to the headquarters in India).

If you want to report a tech support scam, please contact the FTC at https://www.ftccomplaintassistant.gov/

Leave a Reply

Your email address will not be published.