FacebookTwitterLinkedIn

Australians Hit by Tech Support Scam

Karolis Liucveikis Written by on

In recent months Tech Support Scams (for example: Microsoft Warning Alert, Do Not Ignore This Windows Alert, YOUR COMPUTER HAS BEEN BLOCKED) have seen a drastic rise in popularity. According to researchers at Microsoft the rise in such scams amounts to a 24% increase. The problem has even resulted in Microsoft teaming up with other industry giants to combat this scourge. While tech support scams, or put differently technical support scams, take on many guises the do have certain common traits that can be defined. Thus, any such scam involves the scammer claiming to offer a legitimate technical support service, often via cold calls to unsuspecting users. Such cold calls are mostly targeted at Microsoft Windows users, with the caller often claiming to represent a Microsoft technical support department but is not always the case.

This is then followed by the scammer attempting to get the victim to allow remote access to the targeted computer. From there the scammer has a variety of options at their disposal, however, one of the more common options involves the scammer making the computer is question appear faulty. They will then ask for a payment for services involving fixing the "issue". The scammer, now having access to the target computer, can also install any number of other types of malware.

Australian Webcams Hacked

The above example is by no means the only method employed. Hackers, scammers, and conmen do not have a strict rulebook which determines how they operate in all instances. Over the weekend, Australian news agency ABC News reported on a scam targeting Australians. In summary, the scam involved the hacking of webcams. The scammers would then film the victims in secret, post the video to YouTube and then blackmail the victim into providing a testimonial as to how great the "companies" service is. The infection chain begins with the victim looking to fix a problem with their computer then landing on the scammer's webpage. The report does not go into the exact details of the infection chain but it can be safely assumed that the victim calls what they believe to be a legitimate tech support company. Either during the call or after the victim grants the scammer remote access to their computer without their knowledge. These scams are sometimes called remote access scams.

australians hit by tech support scam

In the report, while light on technical details, does go into the results of such a scam which are always to the detriment of the victim. One individual, Melinda, not her real name, was forced to provide a testimonial for the scammers as well as paying over significant sums of money to add insult to injury. Another, a professor at Australia's Monash University paid 1,560 Australian dollars, roughly 1190 USD. Luckily he was able to reverse the transaction with the help of his bank. In this instance, Professor Sussman was looking for assistance with downloading Adobe software and was redirected to a fake tech support scam complete with an Australian telephone number.

Scam-baiter vs Macpatcher

In both the examples provided by the ABC News report, it would appear that the scammers are going by the name "Macpatcher". Currently, on their YouTube channel, there are 69 secretly recorded clips which are a complete invasion of their privacy. While it would appear that the scammers are making a lucrative but highly illegal trade, not everyone is content to let them do so. An individual going by the nickname "Scam-baiter", called David in the article, is determined to reveal these scams to the public and hopefully put an end to their illegal revenue stream. In order to do this David will bait the scammers into believing he is a victim then go through the process all to uncover the scam. Since David started baiting scammers he has collected dozens of Australian telephone numbers used by scammers over the past year and reported the numbers to the telecommunications networks that host them. Both David and scam victim support group IDCare said it had also noticed a spike in Australian telephone numbers being linked to scams. An increase in the Australian borders of such scams would appear to confirm recently released statistics by Microsoft.

What to do once the Scammers are caught

There is no doubt that those perpetrating the scams are also committing crimes, however, there is little consensus as to how to prosecute and punish the criminals once caught around the globe. In January of this year British publisher, The Register published an article on the differences between how the US and UK punish those found guilty. From the article, it would appear the differences are stark. In the US, the Federal Trade Commission is responsible for policing this domain. Recently the FTC caught a scamming operation involving six individuals. The scammers used fake notifications which appeared like messages from the operating system warning of a malware infection. The scammers would then charge either a once off cost or sell a long-term contract to the victim for 500 USD. Charges against the six were filled in 2017 but the reached an agreement with the FTC to settle out of court. According to the agreement, they can no longer provide tech support and had to pay a fine of 24,8 million USD. However, as it turns out once all the legal details were ironed out the FTC agreed to suspend all the fines if the scammers paid just 149,337.38 USD.

In the UK, the complete opposite appears to occur. The courts in the UK are content to throw the book at such criminals. An example of this can be seen in the case involving Narendra Harilal Vadgama who was taken to court and admitted four charges of breaking the Consumer Protection from Unfair Trading Regulations law. The judge in his case sentenced Vadgama to a year in prison, although this was reduced to nine months, and suspended in exchange for a guilty plea, meaning that he won't go to jail unless he breaks the law again. Vadgama was also ordered to wear an electronic tag, and be placed under an 8pm-8am curfew for six months, and was banned from being a company director for seven years. The victims in the second UK case may feel that justice has been done, especially when compared to the US case.

▼ Show Discussion

About the author:

Karolis Liucveikis

Karolis Liucveikis - experienced software engineer, passionate about behavioral analysis of malicious apps.

Author and general operator of PCrisk's "Removal Guides" section. Co-researcher working alongside Tomas to discover the latest threats and global trends in the cyber security world. Karolis has experience of over five years working in this branch. He attended KTU University and graduated with a degree in Software Development in 2017. Extremely passionate about technical aspects and behavior of various malicious applications. Contact Karolis Liucveikis.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

New Removal Guides
Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal

Top Removal Guides
Latest News
Blog