How to Avoid Tech Support Phone Scams

How to recognize tech support scams and protect yourself

An illustration of a criminal stealing information through a computer.

 Getty Images

Someone phones you claiming to be from Microsoft, or an antivirus company, or some random tech support facility. A Microsoft tech support number might even show up on the Caller ID. The person on the other end of the line claims their systems have detected that your computer is infected with some kind of virus or malware. And, of course, they are offering to help.

In fact, they're so certain they can eradicate the malicious software that for just a one-time payment of X, they are willing to offer a full "lifetime" of guaranteed support.

Ah, but there's a catch. Actually, 4 catches.

  1. The scammers generally want you to download a remote access service (usually pointing you to an Ammyy.com or LogMeIn service) and grant them access. This effectively gives the scammers full, unfettered control of your PC, and remember, these are criminals.
  2. The scammers want you to install a certain antivirus program. Unfortunately, the antivirus they sell you and install is usually counterfeit or just a trial version. That means it will either expire or the license will be revoked. Which leaves you sitting with non-functioning, useless protection.
  3. The scammers recommend the latest Windows version. Also likely to be counterfeit. Non-genuine versions of Windows cannot be updated with the latest security patches. This means you now have an unsafe version of Windows to accompany that crippled antivirus you also purchased from the scammers. A double dose of risk.
  4. When they're done, the criminals have unfettered access to your PC. Once you allow these scammers to install software on your PC, they can easily install a backdoor trojan which lets them have access to your PC and everything on it, whenever they want.

    So, when the call is over, these criminals have taken your money and left you with a non-functioning antivirus program and an operating system that can't be patched. That means if they did drop a trojan to your system (likely), your antivirus won't detect it and your operating system will be extra vulnerable to any further malware they want to deliver.

    How to Respond to Tech Support Scams

    If you are contacted by one of these scammers, just hang up the phone. That's the best way to avoid a tech support scam. The scammers can't hurt you if you don't allow them access to your computer. Understand that no computer company will ever call you to tell you that you have a virus or other malware. They simply don't have the resources to monitor every PC they've sold. Therefore, the call itself should be your first warning sign.

    Unfortunately, sometimes these scammers can be pretty persuasive. If you've already been victimized by a tech support scam, here's what you should do:

    1. Dispute any charges with your credit card provider. If the credit card companies get enough complaints and chargeback requests, they can (and will) close the merchant account and blacklist the company. This makes it harder, and far more expensive, for the scammers to stay in business. The only way to stop a scammer is to remove their funding source.
    2. If you purchased a new version of Windows from the scammers, contact Microsoft customer service or run the genuine Microsoft validation tool. Do not leave the software installed if it's not valid. You won't be able to get any security updates for it, which means you will be at far greater risk of malware infection or computer intrusion. You should also consider contacting Microsoft customer service for assistance.
    3. Immediately remove any antivirus or other software purchased from the scammers. It's highly likely the software is counterfeit or is loaded with a trojan or other malware that will continue to harm your computer or siphon off your personal information.
    1. Wipe your hard drive, reformat it from scratch, and then install everything from a backup that was made prior to the scam support call. This is essential if the scammer was granted remote access to your machine. Skipping this step could leave you with a system is infected with a trojan or other malware and that can leave you vulnerable to bank account theft, credit card fraud, or other financial or computer crimes.

    The worst thing you can do is to do nothing. At the very least contact your credit card company and dispute the charge. Stopping the revenue stream is the best way to put scammers out of business.