It’s happened to almost all of us. Whether it’s an email that doesn’t look quite right, a website you somehow got redirected to that pops-up a scary warning message or a phone call from an unknown number, security scammers are using fear tactics to make users believe their devices are at risk. Those who are manipulated into clicking a link, handing over a password or calling a provided phone number will often be subject to several possible scams, including the installation of malicious software, duped into paying for unnecessary technical support services and tricked into providing confidential personal information.
For years, fraudsters have been calling consumers directly on the phone and pretending to be representatives of tech companies like Microsoft, Dell and Apple. Some might even spoof the caller ID so that it displays a seemingly authentic support number from a legitimate company. They are very adept at manipulating consumers into downloading an application that enables remote control access to their computer.
Scam artists continue to exploit technology trends finding more sophisticated tactics to target users via phishing emails, fraudulent ads in search results, phony websites, and pop-up windows to scare users into taking a desired action.
An example of a fraudulent pop-up with fake support number cybercriminals used to defraud consumers.
In a follow-up to our 2016 report on the prevalence of tech support scams, Microsoft recently released a new study examining the types of tech scams fraudsters are deploying and their impact on consumers across 16 countries, including Canada.
The survey revealed that the percentage of respondents who have been exposed to a tech support scam has decreased slightly – down to 63% from 68% globally – and overall people are losing less money, down to 6% of those who experienced a scam from 9% in 2016.
The results in Canada mirrored global trends. The number of Canadians who have been exposed to a tech scam dropped slightly from 75% in 2016 to 67% in 2018 and 3% reported losing money, down 1 point from 2016.
The study found that Gen Z, Millennials and Males were the most vulnerable to tech support scams. This will surprise some who think aging boomers are the most likely to fall prey to scammers, but younger users engaged in riskier online behavior such as visiting torrent and free movie streaming sites. They also have greater familiarity with technology than older generations and are potentially hurt by overconfidence in their device and Web expertise.
While these number demonstrate incremental improvements, loss of money and time are still prevalent, resulting in significant stress for consumers. Among those Canadians who experienced a scam, 40% ended up spending time checking and repairing their PC. More than three-in-four (77%) of Canadians who continued with a scam – that is, consumers who encountered a scam and at least initially started doing what was asked (did not just ignore it) – reported suffering from moderate to severe stress post event due to the fraudulent interaction.
Here in Canada, we work closely with the RCMP to track and take action against tech support scammers.
“This scam, along with other similar scams, are causing significant harm globally and in Canada. The most effective way to combat these frauds is through education, prevention and pursuit of those responsible for the crimes,” said Chief Superintendent Mark Flynn, Director General of the RCMP Federal Policing Criminal Operations – Financial Crime and Cybercrime. “We have to deal with this as a community. Partnerships and collaboration between private sector, government and police is an absolute requirement. The RCMP encourages all individuals or businesses to report instances of fraud or attempted fraud to their local police as well as to the Canadian Anti-Fraud Centre.”
How Microsoft supports Canadians to combat Tech Support Scams
To help protect its customers from scammers, Microsoft continues to enhance endpoint protection, email protection, URL blocking, and browser security solutions, however education is key. Consumers can take the following steps to help keep their data – and identities – safe from cyber criminals:
- Run a modern operating system with endpoint protection and keep it up to date. Windows 10 provides the most secure Windows desktop computing experience today. The built in Windows Defender endpoint protection works great for most users, no need to install a third party AV.
- Avoid opening suspicious emails and do not visit websites you don’t trust. Compromised websites can contaminate computers with malicious software or destructive attacks, especially if your computer does not have the latest updates.
- If you receive a spontaneous email or phone call from Microsoft or any another company requesting you to share personal information or download applications, simply ignore the email, or hang up the phone. Do not share personal information, click links, or install applications when requested. Microsoft does not send unsolicited email messages or make spontaneous phone calls to request for personal or financial information or to fix your device.
- Download software only from the Microsoft Store or official vendor websites. Be cautious of downloading any software from third-party sites, as some of them might have been altered without the author’s knowledge to support scam malware and other threats.
- Try using Microsoft Edge when surfing the Internet. Microsoft Edge has capability to block known support scam sites using Windows Defender SmartScreen (which is also used by Internet Explorer). Furthermore, it can also halt pop-up dialogue loops used by these sites.
- Don’t call the number in the warning pop-ups. Note:, Microsoft’s error and warning messages never include a phone number.
- Microsoft encourages every user to report such attacks. Our Digital Crimes Unit (DCU) works with law enforcement and other agencies to crack down on scammers. If you suspect that you may be a target of fraud, or if you have already sent funds, contact The Canadian Anti- Fraud Centre : The Canadian Anti-Fraud Centre (CAFC) is the central agency in Canada that collects information and criminal intelligence on such matters as mass marketing fraud such as telemarketing, advance fee fraud, Internet fraud and identification theft complaints.
Remember, Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.
For more information about how these scams work and resources to protect yourself, please go through our published blogs, websites, videos, and social media campaigns on the latest tech support scam trends and tactics. Or visit here if you are a victim.