The fight against tech support scams

Throughout this month, I will join AARP, the Federal Trade Commission (FTC), Washington State Attorney General Bob Ferguson and BECU at a series of “Unmasking the Imposters“ events to help educate Washington consumers about how to spot and avoid tech support scams.

Senior citizens are not the only ones who are being targeted by these fraudsters. If you haven’t experienced a tech support scam yet, chances are you know someone who has. According to a 2016 global survey, two out of three people have experienced a tech support scam in the previous 12 months.

World map shows clusters of red circles that are especially concentrated in the United States, Europe and southeast Asia

Microsoft receives an average of 10,000 customer complaints per month about tech support scams from all across the globe.

Cybercriminals use a variety of tactics to defraud consumers from cold-calling and web advertising to persistent and annoying pop-up windows. The global network behind these fraudsters vastly leverages marketing specialists who trade and sell consumer information and generate leads, payment processors who hide the money trail from investigators, small and large call center operations across the world that are trained to convince consumers they have a non-existent technical problem, and software developers who create fake tools that are installed on consumers’ computers to falsely claim the existence of a problem or falsely “clean” a non-existent problem.

Photo shows a pop-up window that fraudulently claims the existence of a technical problem

An example of a recent fraudulent pop-up ad cybercriminals used to defraud consumers.

Microsoft’s approach

Microsoft’s Digital Crimes Unit (DCU) is combatting this scourge of cybercrime by (1) using a data-driven approach to investigate tech support fraud networks and refer cases to law enforcement as appropriate, (2) strengthening our technology to better protect consumers from various fraudulent tactics, and (3) educating consumers about how to stay safe online.

Microsoft encourages customers to directly report their experiences with tech support fraud scams at www.microsoft.com/reportascam. Too often these reports include phrases like “I’m filing this for my 90-year-old grandmother” or “While my grandmother was playing Solitaire on Facebook, a pop-up said the computer had a virus and to call.” Although these individual reports are important, taken alone they are unlikely to be actionable by law enforcement. Our data analytics team uses smart tools to sort and group information to build a more comprehensive view of the scope of the fraud. DCU partners with others, including Microsoft Artificial Intelligence & Research (AI&R), to enrich this data. Together, we have developed a process to capture images of pop-ups being served around the globe at scale and use machine learning to collect critical information to support our cases.

The scale and scope of tech support fraud requires an all-hands-on-deck approach, which is why we regularly convene an industry-wide investigator working group with representatives from Apple, Dell, Yahoo, HP and others. Microsoft participates in the Robocall Strike Force to address the persistent problem of robocalls and telemarketing fraud. And we will continue to engage telecommunications companies, payment processors and web hosting companies in the fight against tech support fraud.

Global efforts to combat tech support scams

On Friday, May 12, we were pleased to see law enforcement take action against a number of tech support fraudsters targeted by Microsoft’s DCU. As part of this coordinated effort, the FTC and its partners announced 16 new actions, including complaints, settlements, indictments and guilty pleas involving deceptive tech support operations. Seven individuals received criminal indictments for their role in the Florida-based Client Care Experts fraudulent operation. From approximately November 2013 through 2016, Client Care Experts victimized over 40,000 people and defrauded these individuals out of more than $25,000,000.

We know cybercriminals don’t stop at geopolitical borders. The DCU leverages our global team to investigate fraud and combat cybercrime from Germany to Singapore and from Canada to India. In November 2016, I joined a delegation to India with representatives from the U.S. Department of Justice and the FTC to meet directly with law enforcement about the critical need to address call center fraud and with members of the business processing industry to discuss the reputation harm they are facing due to persistent call center fraud. In addition to directly referring cases, Microsoft India supported cybercrime training for more than 385 law enforcement officers and over 400 prosecutors in the past year.

Photo of a man and woman on stage instructing a crowd of people

Cybercrime training for prosecutors and judicial officials at Maharashtra Judicial Academy in Mumbai, India, on January 22, 2017.

These efforts are starting to bear fruit. This past fall, Indian law enforcement raided over 12 call centers involved in fraud impacting primarily U.S. consumers, including the infamous IRS and tech support scams. Microsoft will continue to leverage our global team to investigate cybercriminals targeting consumers and refer cases as appropriate to law enforcement. At the same time, international law enforcement must dedicate critical resources to tackle these borderless and evolving crimes.

Building a safer platform

We are building what we learn about the behavior of cybercriminals into improved products for Microsoft consumers. Microsoft has built-in protection in Windows 10, which includes more security features, safer authentication and ongoing updates delivered for the supported lifetime of a device. Windows Defender delivers comprehensive, real-time protection against software threats across email, cloud and web. The SmartScreen filter, built into Windows, Microsoft Edge and Internet Explorer, helps protect against malicious websites and downloads, including many of those frustrating pop-up windows. And, in 2016, Bing blocked more than 17 million fraudulent technical support advertisements.

The best thing you can do to help protect yourself from fraud is to educate yourself. If you receive a notification or call from someone claiming to be from a reputable software company, here are a few key tips to keep in mind:

  • Be wary of any unsolicited phone call or pop-up message on your device.
  • Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.
  • Do not call the number in a pop-up window on your device. Microsoft’s error and warning messages never include a phone number.
  • Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.
  • If skeptical, take the person’s information down and immediately report it to your local authorities.

For more information on how to help protect yourself from tech support scams, please see the following:

 

 

 

 

 

 

 

 

About the Author

Assistant General Counsel, Microsoft Digital Crimes Unit