Anatomy of a Microsoft Support Scam: Fraudsters Tactics and Techniques

Hi there, I am delighted to welcome you back to a new edition of the newsletter, this time focusing on Microsoft Support Scams.

Microsoft support scams are a major problem worldwide. In 2022, US consumers lost over $39 million to tech scams, with Microsoft support scams being a major contributor. These scams target individuals as well as businesses, stealing personal information, installing malware, and extorting money for unnecessary or fraudulent services.

In this edition, we will explore the basics of these scams, including common tactics and techniques employed by fraudsters.

So what are Microsoft Support Scams exactly ?

A Microsoft support scam is a type of cybercrime where scammers pose as Microsoft support representatives and attempt to deceive individuals into granting them access to their computers and/or personal information. Victims typically receive a phone call or a pop-up message, allegedly from Microsoft, warning them about an issue with their computer. The scammer then tries to persuade the victim to allow remote access to their computer, either by downloading software or providing a code to enter into the computer.

Once the scammer gains access to a victim's computer, they may attempt to install malicious software, steal personal information, or convince the victim to pay for counterfeit or unnecessary services. Common tactics used by Microsoft support scammers include:

• Claiming that the victim's computer has a virus or other security problem requiring immediate attention
• Requesting the victim to download software or enter a code to enable the scammer to access their computer remotely
• Persuading the victim to pay for unneeded or fake services or software
• Extracting personal information or login credentials from the victim's computer

Keep in mind that Microsoft never initiates unsolicited phone calls to offer support or notify people of an issue with their computer. If you or your customer receive such a call or message, do not provide any personal information or allow the caller to access your computer. Hang up and contact Microsoft directly to confirm the authenticity of the call.

Which techniques to target victims ?

Scammers employ a range of techniques to target victims, including:

• Scareware: fake security alerts or other alarming messages to convince victims to download malware or pay for unnecessary or counterfeit services.
• Social engineering: build trust with victims by impersonating a trusted source, such as a friend or colleague, and then asking the victim to download malware or grant them access to their computer.
• Cold calling: unsolicited phone calls to individuals, claiming to be from Microsoft or another reputable company and warning them of an issue with their computer.
• Pop-up messages: on websites or in emails to persuade victims to call a fake support number or download malware.
• Email phishing: fake emails appearing to be from Microsoft or another reputable company, containing a link that, when clicked, installs malware on the victim's computer.

Simple Steps to Protect yourself from Microsoft Support Scams:

• Be cautious of unsolicited phone calls or pop-up messages claiming to be from Microsoft or other reputable companies.
• Remember, if you receive a phone call or message claiming to be from Microsoft, hang up immediately. Then, contact Microsoft directly to confirm its authenticity.
• Do not download any software or enter codes from unknown sources. Doing so could give scammers access to your computer and personal information.
• Do not share your login credentials or financial information with anyone you do not know.
• Use strong, unique passwords for all your accounts and enable two-factor authentication whenever possible to help protect them from being hacked.
• Keep your operating system and software up-to-date with the latest patches and security updates, which protects your computer from malicious software as well as other potential threats.
• Use antivirus software and a firewall to help safeguard your computer from malware.

How Can a Bank Protect Its Customers?

While raising customer awareness about fraud and scams (especially social engineering) is essential to reduce the financial impact of fraud for both banks and their customers, banks can also utilize AI Fraud detection systems like NetGuardians. These systems will alert banks to suspicious transactions and provide them with the necessary information to guide their customers and block fraudulent payments before they leave the bank.

Who is NetGuardians and how can they help with Microsoft Support Scams?

NetGuardians is an award-winning Swiss FinTech helping financial institutions in over 30 countries to fight fraud. More than 80 banks worldwide rely on NetGuardians' smarter artificial intelligence solution to prevent fraudulent payments and various scams in real time like MS support Scams. Don't hesitate to reach out to me if you're interested in learning more about how NetGuardians can benefit your organisation. Always happy to help.

More information from the web about Microsoft Support scams.

Do you have more resources on the subject you'd like to share? Make use of the comment section below.

#scams #fraudprevention #fraudfighters