Beware of tech support scams

I got the following email from a relative of mine this week and it immediately sounded an alarm in my head.

This post first appeared in the San Jose Mercury News

“Was on phone for hours with Yahoo tech in Texas. Apparently, my Yahoo account was hacked from outside the state several times and their own security system blocked my send. I consented to Team Viewer and he says he fixed it. They wanted $100 for a forever security account for whole computer, including all mobile devices so had to give credit card through Amazon — then he arranged for a $100 Amazon gift certificate so that paid Yahoo and won’t be on my credit card,” she said.

She also provided me with the “name” of the tech support person and the 800 number she called.

I was suspicious for several reasons. The first is that Yahoo doesn’t offer phone support, as I confirmed from one of their help pages: “If you see a Yahoo customer service number posted online, it isn’t Yahoo support.”

The second clue was the Amazon gift card. If Yahoo were to offer paid support (which it doesn’t), it would have customers give them the credit card number directly and not ask for a gift card. As Amazon says on its common gift card scams web page. “Fraudsters use many methods to conduct scams, including requesting gift cards from well-known brands. … It’s important for you to know that Amazon Gift Cards can ONLY be used for purchases online at Amazon.com.”

I knew she had been scammed out of $100, but I also know that she may be able to get that back from her credit card company or Amazon (we’re waiting to see if that happens). I also suggested that she cancel that credit card and check her credit report over the next few months as an extra precaution. But what really bothered me about her email was the line that “I consented to Team Viewer and he says he fixed it.”

Team Viewer is an application that allows a remote person to take control over your computer or mobile device. It’s used by legitimate tech support departments to remotely diagnose or fix technology problems. The company has a FAQ about Team Viewer and scamming, where it warns people “to be careful with unsolicited phone calls and to not grant access to your PC to anyone you do not know or trust.”  When you authorize someone to remotely access your machine, it’s possible for that person to install malware and steal your data.

In my relative’s case, this was not an unsolicited call. She called what she thought was Yahoo’s support department and therein lies yet another warning. Just because you find a support number through a web search doesn’t mean that it’s the actual company. A search for Yahoo Tech Support yielded several websites offering support that were not based at Yahoo.com.

I Googled the 800 number she called and, sure enough, there were numerous posts about it being a scam or, as one person put it, “some boiler room in India which is attempting to gain access to your computer so they can ‘FIX’ it.”

I then called the number myself and pretended that I had the same problem, using a made-up Yahoo email address, and, sure enough, they “verified” that there were numerous attempts to log into my account and that they needed remote access to my computer to verify the IP addresses of the intruders and fix the problem. I asked her why she couldn’t just fix the problem from the Yahoo side or have me change my password and she kept repeating the need to fix the problem on my computer. Eventually she must have figured out that I was on to the scam and she hung up the phone.

This is, of course, one of many scams aimed at unsuspecting PC users. I’ve received several unsolicited calls claiming to be from Microsoft or Symantec, informing me that my PC was infected and that they could fix it for me.

Knowing that neither Microsoft nor Symantec ever make such calls, I’ve played along a couple of times and once was led through a series of steps on my PC that ultimately lead to my seeing the message “critical error,” which the person on the phone told me was proof that my system had been compromised. It was in-fact a relatively meaningless message that will be seen by nearly every PC user who follows those steps. As an expert Windows user, I was extremely careful to make sure that none of these steps was giving them remote access, but if you get such a call I recommend you hang up and not follow any instructions from the caller.

You may also get a call from the IRS saying you owe money. The IRS doesn’t call delinquent taxpayers – they write letters and ultimately have other ways to get your attention.

And be careful at work too. In an interview, Ted Kobus, a data privacy expert for the law firm BakerHostetler, warned that employees in H&R or payroll or accounting departments are receiving emails from criminals pretending to be the CEO or another senior executive, asking the employee to urgently turn over W2s and other sensitive payroll information, which are used by the scammers to file fraudulent tax returns, which often results in the criminals getting the person’s tax refund.

Bottom line: Be extremely cautious about any unsolicited requests for information and, when you’re reaching out for help, be very careful to make sure you’re reached the legitimate help desk and not a scammer.