How to Spot a Tech Support Scam

"Hello, I am from Windows. Your computer is sending us errors"

Man surfing on a laptop computer in a pedestrian tunnel, symbolic image for computer hacking, computer crime, cybercrime, data theft
Jochen Tack / Getty Images

Did you just get a call from a pleasant sounding person with a foreign dialect letting you know that they have detected errors on your computer? They'll even offer to show you what is wrong and 'fix' it for you.

You've just become a target and potential victim of a PC Support Scam. This scam is known by many names, It's been called the Fake Tech Support Call Scam, The Event Viewer Scam, The Ammyy Scam, and The TeamViewer Scam (the last two names denote the name of the legitimate remote connection tool used by the scammers to connect to and take control over your computer).

This scam is global and has likely bilked millions of dollars out of victims worldwide. The scam has been around for several years and doesn't appear to be losing any steam. If anything it seems to be becoming more prevalent, with new variants cropping up every day,

How Can You Spot a PC Support Scam Attempt? Here Are Some Clues to Help You:

Clue #1: THEY called YOU

This is the biggest tip-off of the scam. Microsoft, Dell, or any other major company's tech support organization is not likely going to waste their resources to call you. If you have tech support problems, they know that you will call them. They are not going to go looking for trouble. The scammers will tell you that they are doing this is a "public service". Don't buy into this, it's complete BS.

Clue #2: The Caller ID Says MICROSOFT, TECH SUPPORT, or Something Similar and Appears to Originate From a Legitimate Number

This is another key part of the scam. What's the first thing you check when the phone rings? The caller ID information, of course. This information is what helps the scammer establish legitimacy. Your brain tells you that the caller ID info validates the claims of the caller so they must be for real, right? WRONG. The scammers are trying to build a pretext for their scam.

If someone was trying to scam you in person, they would wear a tech support badge. Spoofed caller ID information is just like putting on a fake badge, it looks legit, so many people believe it. Spoofing Caller ID info is extremely easy via Voice Over IP technology, Check out our article on Caller ID Spoofing for full details on how the process works.

Clue #3: They Have a Thick Foreign Accent But Use a Name That is Usually of Western Origin

This is one of the funniest parts of the scam for me. The scammer will usually have an extremely thick foreign accent, but will claim that their name is something decidedly western such as "Brad". If I tell them that they don't sound like a "Brad" then they will usually counter with something like "my name is so hard to pronounce that I use Brad instead to make things easier for people". Yeah, I'm sure that's the reason.

Clue #4: They Claim That Your Computer is "Sending Off Errors", "Sending Out SPAM", "Infected with a New Virus that is Undetectable by Current Scanners", or something else similar

Nobody wants to cause problems for others or get in trouble for having a computer that is doing bad things, and no one wants a virus. This part of the scam scares the user into wanting to have the scammer take action. Their purpose is to create fear in your mind that your computer is infected and is trying to do bad things to other computers.

Clue #5: They Ask You to Open The Windows Event Log Viewer to "Show You The Problem"

The scammers want you to think that they are knowledgeable and that there is a problem by 'showing you' that your system has 'Errors'. They do this by having you open the Windows Event Log Viewer so that they can attempt to prove their case,

News flash: there is almost always going to be some kind of minor error or warning in the event log viewer, This doesn't mean that your system is having any real problems or is infected by anything. They may ask you to perform some other steps as detailed in this article from Malwarebytes Unpacked.

Clue #6: They Ask You to go to a Website and Install a Tool so That They Can Remotely Connect to Your Computer to 'Fix' The problem.

This is the part where the scam gets dangerous. The scammers want to take control of your computer, but not for the purpose of fixing it as they claim. The scammers want to infect your computer with malware, rootkits, keyloggers, etc. In order for them to do so, they need a way in.

There are several free remote connection software packages that are completely legitimate tools designed for remote tech support. Some of the more popular ones used by the scammers include Ammyy, TeamViewer, LogMeIn Rescue, and GoToMyPC, The scammers will ask you to install one of these tools and provide them with an ID number, or some other credential generated by the remote connection tool, They will then use this information to gain access to your computer., At this point your computer has been compromised. Check out the following articles if you're computer has already been compromised

The quickest way to get these idiots off the phone is to tell them that you don't have a computer at all.

As with any scam, there will be new variants as the scam is refined, so be on the lookout for new tactics, but the basic clues above will probably remain unchanged.