What is a tech support scam?

Tech support scams involve fraudsters tricking people into believing that there’s a technical issue on their device or that their account has been hacked.

These scammers pretend to be from trustworthy and well-known companies, like BT, Microsoft or Amazon. They may even pretend to be your bank. They’ll often have fake websites and helplines, so it can be very tricky to spot whether it’s genuine.

The aim for the scammer is to get control over your accounts, either by convincing you to log in to your account or to install software on your computer.

You might be familiar with scammers sending phishing emails or SMS, but they could also cold call you or trigger a pop up warning on your device. We’re going to show you how these kinds of scams could play out and what to do if you’re contacted.

Method 1: Cold calling

This is when a scammer phones you unexpectedly saying that you’ve got a technical issue, and they’re calling to help you fix it.

They’ll often play to your emotions and use fear tactics to get you to act quickly. For example, they may say that your account has been hacked, and that they can help you secure it.

The scammer might then ask to install software or ask for control of your device saying it’ll help fix the problem. But in fact, this could give the attacker access to your computer in order to carry out the fraud.

Even if the scammer asks you to access your online accounts yourself, they might be using this to gain access to your account.

What to do if you are cold called

Most software companies, utility companies and service providers don’t contact you by email or phone if there’s an issue, so it’s usually best to treat these calls as suspicious. The exception is your bank, who may call or email if they suspect that your account has been compromised.

In either case, if someone claiming to be a representative of a company calls you unexpectedly, it’s usually best to call the company directly using contact details from the official website to see if the call is genuine. If it’s not, then you can report it to the company, and to Action Fraud.

It’s not just withheld numbers that you need to watch out for: fraudsters can make any telephone number appear on your phone handset. That means they can appear to call from numbers of genuine organisations and use this to convince you that they are from that company.

Even if you recognise the number or you can find that number on the company’s website, do not assume the caller is genuine.

Method 2: Pop-up warnings

This is when a warning box appears on your device when you’re online. The pop-up may display a message stating that the computer is infected with malware or that you have another technical issue.

Scammers will often take advantage of paid advertising, meaning that pop ups could appear on legitimate websites and search engines. And they may look like they’re from a trustworthy company.

The pop-up is designed to panic you into believing that your computer is now infected. The aim is to trick you into purchasing fraudulent software or to allow the fraudster access to your information or bank accounts.

Fraudulent pop-ups may come in the forms of simple web pages that are designed to panic you into downloading software or to get you speaking to the “tech support” advisor so they can carry out fraud.

What to do if you get a pop-up

Don’t be alarmed into thinking that your computer or device is infected just because you’ve seen a pop-up telling you so.

If you’re worried your device might be infected, disconnect from the internet and run your own anti-virus software to check for infections. Remember to keep your anti-virus software up to date.

How to protect yourself against tech support scams

1. Keep your security software updated. It’s important to keep your anti-virus software updated and know exactly what an alert from that company looks like.
2. Don’t call the phone number on pop-ups. Genuine error messages never have contact details.
3. Don’t accept calls from anyone who wants you to confirm banking details or who asks you to download software onto your device.
4. Don’t download software unless it’s from an official and reputable tech support website or shop. Don’t give access to your computer through downloaded software. This could be a scam.

Remember: Genuine companies (including Triodos Bank) will never ask you for your log-in details, never ask you to download software and never ask to take control of your device.

What to do if you’ve been scammed

• Change your passwords to your computer, any financial companies you use, and to any other password-protected websites that you visit.
• Contact a reputable computer repair or service company to have your device scanned for malware.
• Contact your banks to report that there has been fraud performed on your account.
• Report to Action Fraud or Police Scotland depending on where you live.