Avast Press

Avast Threat Labs finds U.S. most vulnerable to tech support fraud

Written by Avast PR | Jun 29, 2021 12:00:00 PM

Redwood City, California, United States, June 29, 2021 – Today Avast (LSE:AVST), a global leader in digital security and privacy, reports tech support fraud remains a massive issue in the U.S. According to Avast Threat Labs, users in the United States are most frequently attacked by technical support fraud.

The COVID pandemic accelerated this concerning global trend, particularly in the United States and Canada. According to the FBI, tech support fraud was one of the top three crime trends in 2020. As more people began relying on the internet for everyday pursuits, this illicit activity increased by over 171 percent from 2019. These scams are particularly insidious as they disproportionately prey on susceptible populations, including those over 60 years of age. Worse still, although seniors make up 66 percent of the victims of tech support fraud, they shoulder a disproportionate amount of the losses at 84 percent in the U.S., which translated to $116 million in 2020. 

How Tech Support Scams Work

Tech support scams happen when fraudsters use scare tactics to trick innocent individuals into purchasing overpriced and unnecessary “support services” to fix an alleged computer, device, or software problem. They convince victims that their computer has been infected by malware; a window will pop up, alerting the user of a malware or spyware infection on their computer, and that their only recourse is to call a phone hotline for technical support. Once on the phone, scammers try to convince the callers to establish a remote connection to their computer and sometimes download a second remote management software without the user knowing to keep up a constant connection to the user’s PC. 

Once granted access, bad actors can also install malware, or other malicious programs that damage the data housed on devices, or even worse, harvest personal information. Criminals with access to this type of sensitive data can leverage it to gain entry into financial accounts, health records, or other essential services. In addition, fraudsters go to great lengths to convince victims of their legitimacy, including creating web pages that imitate antivirus or firewall software warnings or even setting up fake companies to validate their con. 

"Tech support fraud is increasingly common and targets some of the most vulnerable individuals. Criminals exploit victims through money or personal information," said Alexej Savcin, Senior Malware Analyst, Avast. "Above all, remember that whether it's a phone call or a website, legitimate tech support won't ever proactively seek you out to fix an issue. If in doubt, don't engage, give access to your devices, or share any personal information. At Avast, we are passionate about supporting vulnerable populations online, like the elderly, and are available to troubleshoot any issues." 

Protecting yourself and loved ones from tech support scams

Spotting tech support fraud is essential in stopping it in its tracks. Use these tactics to keep yourself safe online:

  • Question what led you to the support page: if it popped up on its own, that is one major indication that the website is fraudulent. 
  • Check the webpage: compare the domain URL to known sites; if it is not intuitive or easy to read, the website may be a scam. Further, if the browser freezes on a tech support page, it's an indication that something is wrong; if a tool actually detected malicious activity, the site would get blocked. 
  • Remember, there is no real threat until a bad actor gains access to your information or devices: although criminals may try to pressure you, stay vigilant and skeptical when online, if unsure disengage and verify credentials on your own.
  • Call someone you can trust - when in doubt, reach out to a family member or someone you trust. 

Finally, being aware of common scam methods can help to ensure you aren’t a victim. Stay vigilant of the following techniques: 

  • Malicious Advertising (Malvertising): Scammers abuse legitimate online advertising markets with fraudulent ads that lure victims to their infrastructure, often a fake tech support scam page indicating an issue needs mitigation.
  • Evil Cursor: This technique alters cursor size and shape, making it difficult to navigate, which prevents users from closing a tab or browser, convincing them that tech support is necessary. 
  • 401 Authentication Loop: Fraudsters can exploit an authorization pop-up window which in some cases even imitates a legitimate operating system design. The window can't be closed and displays contact information for fraudulent tech support. 
  • File Downloading Jamming: Bad actors jam browsers with file downloads until unresponsive. This also consumes a large amount of RAM, which compounds and further slows a victim's computer. 
  • Keyboard Shortcut Lockout: Fraudsters will lock commonly used keyboard shortcuts to close windows (i.e., "ALT+F4" or the "Escape" key), so victims experience an infinite loop with no way to escape.
  • Browser History Manipulation: Scammers can disable or remove the "back" button online or may even manipulate it to recall the current page, so victims have no way to exit the website 
  • Print Spam: Malicious web page continuously sends print commands to the browser to make it seem slow and unresponsive.

“We urgently need to bring tech support fraud into the public awareness; they should be part of educational conversations about the internet in families and among friends. People need to talk about tech support fraud to their grandparents, parents, friends and children. Users, if in doubt of whether they are being scammed, should always talk to family members and friends about the situation they are in, as an external person may realize a scam more easily than the affected person in the heat of the moment,” said Savcin.

Antivirus software like Avast Free Antivirus blocks tech support fraud popups to protect users online.

To learn more about the common techniques leveraged by fraudsters and additional safety tactics consumers can leverage online, visit decoded.avast.io.