The Internet Crime Complaint Center (IC3) issued Alert I-111022-PSA, warning about scammers using computer-technical support impersonation scams to target victims and conduct unauthorized wire transfers.
The PSA begins, “As recently as October 2022, the FBI observed several instances nationwide of scammers conducting computer-technical support scams, where criminals pose as service representatives of a company’s technical or computer repair service and contact victims through email or by telephone about a highly priced, soon-to-renew subscription. Scammers request victims contact the scammers at a provided telephone number or email to cancel the renewal and receive a varying refund amount. After the victims contact the scammers, they attempt to obtain personal and banking information that is then used to conduct unauthorized wire transfers of funds held within the targeted victim’s accounts. Targeted victims generally fall within the elderly population.”
Under this scam, scammers target potential victims via email. They send elaborate messages claiming to provide a form of technical service, saying they can aid in securing a refund through remote access to the victim’s computer.
The email subject line hints at a pending renewal of a subscription and indicates the specific service to be renewed. This provokes a sense of urgency to contact the scammer and provide information for a refund.
“Scammers include their contact information within the email, such as a telephone number and email address, and encourage the victim to reach out to cancel the false subscription renewal and receive a full refund. The phone number provided in the email is sometimes made to represent a service number beginning with 1(800) or 1(888), for example. Alternatively, the scammers may provide a specific URL website for the victim to visit that is potentially infected with malware or other phishing vectors,” the PSA states.
After the victim contacts the scammer, the scammer persuades them to download remote desktop protocol software, requests that the victim grant full control access to the computer to provide efficient technical support and begins the process to issue the refund.
“Once access to the victim computer is obtained, scammers will indicate that they are refunding the subscription renewal amount to the victim’s bank account and persuade the victims to verify that the refund was successful by logging into their bank accounts,” the PSA stated. “When the victim accesses the bank account, the scammer can obtain the login credentials. Once the victim accesses the bank account, the scammer can lock the victim out of their computer or place a black screen as they conduct unauthorized wire transfers to external bank accounts. Alternatively, the scammers will deposit money into the victims account as a ‘mistake’ and ask the victim to correct it through a victim-initiated wire transfer or by providing additional banking information, which is then used to empty the victim bank accounts through wire transfers, and usually to foreign bank accounts.”
It provided the following ways to protect yourself:
- Resist the pressure to act quickly. Scammers thrive on instilling panic into their victims.
- Do not send wire transfers, especially to foreign banks, at the instructions of someone you have only spoken to online or via phone.
- Do not respond to unexpected emails about unsolicited services or services you did not purchase.
- Do not download software you are unfamiliar with. Do not download software from unofficial websites. Do not grant remote access to your computer to unknown persons or entities.
- Do not conduct banking activity while providing remote access to your computer.
- Do not use public hotspots or computers to conduct personal or work-related banking activities.Note: Public WiFi networks are normally unsecured and can be monitored to capture information entered on the internet before it reaches the intended institution. This could allow a person to observe passwords, and other login information.
- If you are being charged for a service you did not request, contact your banking institution or credit card provider first for cancellation and refund options.
- Do not provide banking or personally identifiable information (date of birth, Social Security numbers, addresses) over email or telephone. These can be used to open credit or banking accounts without your consent.
- When in doubt, search online for accurate financial institution information and initiate the communication from your end. If you are called by someone claiming to be an official institution, look up the contact information and call back.
- Monitor your credit card and bank account transactions for any unauthorized activity and immediately contact your financial institution if you observe irregular or unauthorized activity.
The PSA urged people to file a complaint with the IC3 as soon as possible. It said if possible, reporters should include the following:
- Identifying information of the scammer including websites, phone numbers, and email addresses or any numbers you have called.
- Account names, phone numbers, and financial institutions receiving any funds (e.g., bank accounts, wire transfers, prepaid card payments, cryptocurrency wallets) even if the funds were not actually lost.
- Description of interaction with the scammer.
- Copy and paste the email into the complaint.
- Keep all original documentation, emails, faxes, and logs of all communications.