On October 19th of this year, India’s federal enforcement agency, the Central Bureau of Investigation (CBI), announced it had conducted multiple criminal raids against fraudulent call centers in various cities across India. This operation was supported by a joint referral from Microsoft and Amazon, which enabled the exchange of actionable intelligence between CBI and other international law enforcement agencies to help them take action against tech support fraud at scale.
Tech support scams are an industry-wide issue in which adversaries use scare tactics to trick victims into unnecessary technical support services. Their motives vary, ranging from asking targets to pay to fix a nonexistent device or software problems to trying to steal sensitive information.
Even worse, if the victim enables remote access to their device, the scammer will often install malware, ransomware, or other unwanted programs to steal information or damage their data or device. To date, tech/customer support and government impersonation are responsible for over $1 billion in losses to victims.
Keep reading to learn more about this trend and what steps Microsoft is taking to combat tech support fraud.
How do tech support scams work?
Tech support scams deploy a range of tactics. Sometimes, scammers may call their victims directly on the phone and pretend to be representatives of a tech company. In the case of CBI’s raid on October 19th, the illegal call centers were set up to impersonate Microsoft and Amazon customer support. They targeted over 2,000 Amazon and Microsoft customers primarily based in the U.S., but also in Canada, Germany, Australia, Spain, and the UK.
Scammers can make these attacks appear hyper-realistic by spoofing the caller ID to display a legitimate support phone number from a trusted company. They’ll often instruct their targets to install applications that provide the scammer with remote access to the target’s device. Experienced scammers can then leverage this remote access to misrepresent normal system messages as signs of problems.
These threat groups will also target new victims by displaying fake error messages on websites people visit, sharing supposed “support” numbers, and enticing the victim to call. They can escalate further the situation by putting their victim’s browser in full-screen mode and displaying pop-up messages that won’t go away, appearing to lock the browser. These messages are intended to scare victims into calling their “technical support hotline.”
General cybersecurity education is one way to combat this type of attack. Users should know what flags to look for, such as unusual forms of payment like Bitcoin or gift cards, as well as unsolicited offers from support. However, scammers are also getting savvier and learning new social engineering tactics to defraud their targets. That’s why Microsoft and other companies track the latest threat activity and intelligence to keep security tools up to date.
How is Microsoft’s Digital Crimes Unit disrupting tech support scams moving forward?
Microsoft’s Digital Crimes Unit (DCU) works to combat tech support scams by investigating tech support fraud networks and referring cases to law enforcement as appropriate. We also use this intelligence to strengthen our products and services, better protect consumers from various fraudulent tactics, and provide guidance and resources on how to identify, avoid, and report suspicious activity.
CBI’s October 19th raid marks the first time Microsoft and Amazon joined forces to combat tech support fraud. These wide-reaching industry partnerships are pivotal in creating a safer online ecosystem and protecting a wider pool of individuals. Cybercriminals target victims regardless of the security products they use, so joining forces allows companies to more effectively protect individuals globally and prevent criminals from impersonating companies to target unsuspecting victims.
As cybercriminals evolve their tactics, Microsoft continues to expand our ways to combat them. That includes partnering with other companies to share information and resources. We are proud of our long-standing collaboration with law enforcement in the fight against tech support fraud. To date, we’ve been able to contribute to 30-plus call center raids and 100-plus arrests of known or suspected tech support scammers.
Visit Microsoft Security Insider for more information on our efforts against tech support fraud and other emergent cyberthreats.