I have been reporting to you about tech support scams for years, however as with many scams, this one is evolving into new forms although the ultimate goal is still the same. At its essence the scam involves being contacted purportedly by Microsoft, Apple or in a more recent incarnation by your Internet Service Provider and being informed that problems have been detected on your computer that need to be remedied immediately. They then either ask for remote access so that they can fix the problem at no cost to you or they ask for personal information. In both situations the caller is up to no good. If you provide remote access to your computer you will have effectively turned over all of the information in your computer to the caller who can and will then use that information to make you a victim of identity theft or install ransomware on your computer and extort a payment from you in order to unlock your computer. If you provide personal information by phone or in an email or text message, that information too will be used to make you a victim of identity theft.
Now in a new variation of the scam, cybercriminals are setting up websites that appear to be those of legitimate cybersecurity companies such as Malwarebytes, McAfee, Symantec and Kaspersky, but if you attempt to download the free software security programs from the website, a popup will come up informing you that there is a problem with your computer that needs to be dealt with before you can download the free security software. The popup also provides a toll-free number for you to call to fix the problem. Of course, when you call and provide access to your computer to the person at “tech support” the scammer charges you a huge fee to fix a non-existent problem. In other variations of this scam, the scammers steal your credit card information or even use the access to your computer that you provide to make you a victim of identity theft. This new variation on the tech support scam appears to have originated in India.
As the late president Ronald Reagan used to say, “trust, but verify.” It is extremely easy to make a website look legitimate and to even manipulate its position in a Google search so it comes up high. Therefore before you purchase any service from a website or provide any information to a website, you should first confirm that indeed you are dealing with the real company. In addition, no legitimate cybersecurity company will require you to give them remote access to your computer when you are downloading software.