Social Engineering techniques, Support Scams
The following article is the third of a series of articles on cyber attacks and the second of a series of three articles on social engineering techniques, and focuses on support scams.
How many times have we heard of hacks resulting from social engineering techniques?
Social engineering practices are used mostly because it’s easier to exploit someone than gaining access to their device, passwords and other information by other means which is why it is so important to be able to recognise social engineering attempts, in order to protect both ourselves and the organisations we work for.
In a previous article we have talked about various phishing techniques; below you will find another “popular” social engineering technique, ever heard of support scams?
Support scams are a type of telephone fraud in which the scammer claims to be from a technical support company and to have spotted an issue with your device. The aim of this scam is to make you pay for an unnecessary “fix” and to gain access to your device.
Victims are persuaded that a critical fault will inhibit performance and that granting the scammer access to the device will resolve the issue. In reality there is no fault and once the scammer has received a card payment they will more than likely download malware onto the device that can be exploited over the next few days or weeks. This may lead to loss of funds or confidential data.
Support scams were mostly aimed at individuals or home users but increasingly these types of scams are being attempted on companies.
How can you protect yourself?
It is highly unlikely that an external support company will be able to tell that a device is malfunctioning. If you receive such a call hang up and seek help from a trusted local expert.
Never make a card payment or give access to a device as a result of an unsolicited telephone call. Unfortunately the elderly computer owner is a favourite target of support scams so make sure your friends and relatives are aware of this type of scam and what to do if they receive such a call.