Phone scams and what to do if you think you are targeted
Phone scams are unfortunately on the rise with scammers using social engineering to target their victims. At F-Secure, we have also noticed a steady rise in calls from worried customers, who have unfortunately fallen victim to this kind of fraudulent behaviour.
This article is to help you identify these calls, and in the worst case—if you have been targeted—give you some information on what to do next.
What are phone scams?
Phone calls can start either as a cold call or via an advert or link that triggers a pop-up on your computer. These pop-ups then urge you to call the tech support number advertised; the pop-ups may appear suddenly and are not that easy to get rid of.
How can I recognize a phone scam?
These types of calls normally follow a certain pattern: The scammers usually claim that your computer has a problem, say a virus—when it actually doesn't—and then they trick you into paying for a service that doesn't exist either. They catch you off-guard and play on your emotions. Here's the basic scenario:
- Phone scammers claim to be from a well-known company such as Microsoft, your bank, or even your network operator. As they use a reputable name, this puts you more at ease. They also seem knowledgeable and use technical terms, which make them seem legitimate and believable.
- As the risk seems real and you feel worried about possible computer viruses, you give the scammers access to your computer. They convince you to let them install an application that gives them access to your computer using remote access tools.
- Once the scammers have access to your computer, they pretend to fix the virus, and may also ask for your personal credentials. When the scammers have "fixed" the issue, they ask you to log into your online bank or ask you to fill in a form with your credit card details. The scammers charge you for the bogus service, which ends up being much more than you thought. In fact, it's difficult to know how much they really charge you.
What to do if you think you have been scammed
If you think you are being scammed and you recognize the scenario that we described above, do the following:
- Act without delay.
- Immediately contact your credit card company or bank, report the scam and cancel any bank or credit cards. If you act promptly, they even may be able to stop the transaction and reverse the charges.
- Report the scam to the appropriate authority.
- Change all your passwords on every website or service that you think might have been affected.
- Uninstall any unknown, third-party software.
- Run a full scan on your computer: Open your F-Secure security product (F-Secure SAFE or F-Secure Internet Security), then select Tools > Virus scan options > Full computer scan.
Things to remember about unsolicited phone calls
- If you receive this type of a call, think: have I requested this?
Note: At F-Secure, we only call you if you have already contacted us and created a support ticket.
- Remote sessions are commonly used in tech support as a way to assist you in solving issues.
Remember: Only allow remote sessions with people or companies you know and trust. At F-Secure, remote sessions are only ever done if you have contacted F-Secure beforehand and have a valid Support case with us. Also, guard you remote access data as you would guard any other password.
- Never give access to your device to people you don't know. Granting scammers remote access means that, in effect, you hand over the admin rights to your computer. Even if you have antivirus software installed, this can no longer protect you, as the scammers take control of your computer.
- Microsoft has informed its users that they never include phone numbers in their software's error messages or warning messages.
- Never freely hand over any personal credentials or credit card details.
- End the call immediately.
- These types of phone calls are illegal, and when in doubt, turn to the relevant authority that deals with fraud and report it.
How can F-Secure help?
With one of our security products installed, such as F-Secure SAFE or F-Secure Internet Security, your computer is protected from viruses, trojans and ransomware. The Browsing protection and Banking protection features also add another layer of protection and make sure that you can browse and do your online banking safely.
If you have been targeted and you already have an F-Secure security product installed, you can immediately run a full computer scan to help detect any applications that may have been installed by the scammers; these are called Potentially Unwanted Applications (PUAs). Our products are not able to protect you from these types of phone scams, however.
Be vigilant and stay safe.