It sounds urgent, even believable. But what you’ve just encountered is the start of a tech support scam. These scammers prey on fear and urgency, tricking people into handing over money, personal data, and access to their devices.

Here’s how they do it—and how you can protect yourself.

Inside the Tech Support Scam Playbook

Scammers are crafty, and their methods are designed to make you act fast. Here are their six common tactics:

1. Gaining Remote Access

The scammer may convince you to grant them remote access to your computer. They might say they need it to diagnose the issue, but once inside, they can view your files, steal sensitive data, and install harmful software.

2. Selling Worthless Maintenance Programs

You’re offered enrollment in a computer maintenance or warranty program, but these programs do little—or nothing—to protect your device. The goal is to make you pay for a service that’s completely unnecessary.

3. Installing Malware

Sometimes, scammers install malware during the session. This malware gives them long-term access to your computer, enabling them to monitor activity, steal passwords, and cause further damage.

4. Asking for Credit Card Information

Scammers might request your credit card details to bill you for fake services. Worse, they may use your card to make unauthorized purchases or sell your information on the dark web.

5. Selling Worthless Software

You may be persuaded to buy software that’s either useless or available for free elsewhere. It’s a quick and easy way for scammers to make a profit while leaving you with nothing of value.

6. Redirecting to Phony Websites

You might be directed to a fake website and asked to enter personal or financial information. These sites often look legitimate, making it easier to fall into the trap.

Shielding Your Business from Tech Support Trickery

Defending your business against tech support scams is crucial. Here’s how you can counter each tactic scammers use:

1. Protect Against Remote Access Scams

• Train your team to recognize fake support calls or pop-ups.
• Implement strict policies against granting remote access unless it’s from verified IT personnel.
• Use software that tracks and logs all remote access sessions for accountability.

2. Avoid Fake Maintenance Programs

• Regularly audit your device maintenance needs with a trusted IT provider.
• Educate employees on how to identify unnecessary or fake service offers.
• Establish a vendor vetting process for legitimate warranties and programs.

3. Prevent Malware Installation

• Use robust endpoint protection tools to detect and block malware.
• Keep all software, operating systems, and antivirus tools up to date.
• Restrict download permissions to prevent unauthorized software installations.

4. Protect Payment Information

• Limit who has access to company credit card details.
• Use virtual credit cards with spending limits for online transactions.
• Monitor financial accounts regularly for unauthorized charges.

5. Avoid Worthless Software

• Provide employees with approved software lists for all work-related needs.
• Regularly review and update software to ensure everything is licensed and necessary.
• Block access to unverified software download sites.

6. Verify Websites Before Inputting Data

• Use browser extensions that identify and block malicious websites.
• Train employees to check for secure HTTPS connections and verify URLs.
• Monitor network traffic to identify and block access to phishing sites.

Turning the Tables on Scammers

If you’ve fallen victim to a tech support scam, quick action can minimize the damage. Here’s what you should do:

1. Report It

Contact your IT team or cybersecurity provider immediately. They can assess the situation and take steps to secure your systems. Report the scam to local cybersecurity authorities or organizations like the FTC.

2. Notify Customers and Employees

If customer or employee data may have been compromised, notify them promptly. Provide clear instructions on steps they can take to protect themselves, like monitoring accounts or changing passwords.

3. Revoke Remote Access

If scammers gained remote access to your computer, disconnect from the internet and disable remote access settings. Run a full system scan to identify and remove any malware.

4. Dispute Unauthorized Transactions

If credit card details were shared, contact your bank immediately to dispute any unauthorized charges. Cancel the compromised card and request a new one.

5. Strengthen Your Security

After addressing the immediate threat, take steps to fortify your defenses. Update passwords, review system permissions, and conduct a thorough security audit.

The Final Word: Outsmarting the Scammers

Tech support scams rely on fear, urgency, and trust. By staying informed, training your team, and implementing strong security measures, you can protect your business from falling victim.

Remember, legitimate tech support won’t call you out of the blue, demand immediate action, or ask for payment upfront. A moment of caution can save you months of recovery.

Start strengthening your defenses today—because when it comes to scammers, prevention is your best strategy.

‍