There’s a devious new scam out to watch out for.
It starts with a pop-up appearing on your computer screen that appears to be a legitimate tech support alert from your internet, software or computer provider.
But the support is bogus.
A new take on the cold-call scam
It’s a new twist on an existing scam, where cold-callers contact you pretending to be from a major tech company, such as Microsoft.
They tell you they’ve detected a problem with your computer and direct your to a website where they are then able to harvest details about you to use for identity theft.
The new scam is the same except instead of calling you the scammers create a pop-up window on your computer instead.
Check your credit report for suspicious activity
Tech support scammers impersonate victims' ISP - https://t.co/bWTABlZW0U - @Malwarebytes pic.twitter.com/91k0aXYaQ9
— Help Net Security (@helpnetsecurity) June 22, 2016
Rising in prominence
The scam has already proved widespread in the US – the image above shows a fake message generated to trick Verizon users.
However, the scam is definitely on the rise in the UK, with security firm Malwarebytes reporting that it’s already seen fake pop-ups for TalkTalk and BT ISPs.
These pop-ups will warn you they have “detected malware” on your computer and ask you to call a number to get assistance from a “certified technician”.
The scam is so good it almost caught out an expert. Jerome Segura is a consultant at Malwarebytes.
“It caught me by surprise and I almost thought it was real. It was a page from my ISP telling me my computer was infected. It was only when I looked in closer detail that I saw it was a scam,” he told the BBC.
“Cold-calls are very wasteful and after years of being told, people are starting to realise it is a scam so the scammers have to find new ways to make it personalised and legitimate.
“It is more cost-effective and efficient than cold-calling.”
How does it work?
Criminals are using internet adverts – many of which appear completely legitimate – to infect victims computers.
This virus then discovers your IP address, which tells the criminal who your ISP is.
You then get a pop-up personally tailored for you to try and con you.
There are then two ways con artists will try and part you from your money.
Once you’ve called the fake tech support number you will either be directed to download software that contains malware that then trawls your computer for your financial information.
Alternatively, the people at the other end of the phone will try to persuade you to sign up for fake tech support services.
You then pay a couple of hundred pounds – meaning a nice profit for the criminals.
#Tech support scams target victims via their ISP https://t.co/Eq1c1ex8SD #IT #scam #security pic.twitter.com/3kfOqpeePz
— Exsel Group (@ExselGroup) June 22, 2016
How to spot tech support scams
If you are called out of the blue by someone claiming to be from Microsoft or your internet service provider, put the phone down.
If you think there is a chance they were genuine then look up the telephone number for your ISP yourself and call to check.
If a pop-up appears on your screen saying it has detected malware on your computer, close it. Find the number for your ISP (ideally on a separate device) and check if you think it might have been genuine.
Make sure you keep your anti-virus and security software up-to-date and switched on so it can protect your computer.
Be aware of the latest cons:
How to spot HMRC tax refund scams