If you buy something using links in our stories, we may earn a commission. This helps support our journalism. Learn more. Please also consider subscribing to WIRED
The City of London Police has confirmed four people have been arrested on suspicion of fraud linked to the Microsoft technical support scam.
A 29-year-old man and 31-year-old woman have been released on bail in Woking, while in South Shields, a 37-year-old man and 35-year-old woman were arrested before being released pending further enquiries. Read more: What happens if you play along with a Microsoft 'tech support' scam?
The arrests are said to be a result of two years' worth of forensic and investigative research by the City of London Police with support from Microsoft. This involved analysing thousands of Action Fraud reports to track down the source of the scam.
The technical support scam (which has been doing the rounds since 2008) involves people in call centres phoning randomly selected numbers, claiming to be representatives from Microsoft's (or other companies') technical support teams. These scammers tell the victim that their computer is running slowly because of viruses or because they need an additional piece of software – at a cost, of course.
No fix actually occurs. Once the scammer is given access to the victim’s computer they install software which could potentially be malicious. In recent years, the scam has evolved from cold callers to a mix of cold calling and pop-ups on a victim's computer. After the initial scam, the victim may be contacted again and told they are due a refund, at which point they are asked for access to their account, which lets the hacker steal more money.
Despite the rise in more sophisticated malware (namely the Petya ransomware currently spreading globally), the scam is still popular and typically preys on the less tech-savvy computer users. Microsoft has no affiliation to the scam, but its name was used initially because the scam targeted Windows users, and given the vast number of Windows installations.
By working with Microsoft, Action Fraud and other affected organisations, including BT, the investigation proved that many of the calls originate in India and that the worldwide losses from victims are thought to be in the hundreds of millions of pounds. Last year there were 34,504 computer software service fraud reports made to Action Fraud with attributed losses of £20,698,859. This accounts for 12 per cent of all reports to Action Fraud, making it the third most reported fraud type. The average loss suffered by victims is £600 and the average age of victims is 62. Despite these losses, the number of victims is thought to be much higher as analysis shows many fail to report.
“Realising that you’ve fallen victim to a scam is a horrible experience for anyone. Not just the loss of money but also the feeling that you’ve been tricked and that your personal information has been stolen," said Hugh Milward, director, corporate, external and legal affairs at Microsoft UK. "Unfortunately, the names of reputable companies, like Microsoft, are often used by criminals to lull victims into a false sense of security. That’s why we partnered with the National Fraud Intelligence Bureau to track these people down and bring them to justice. It’s a collaboration which can cohesively combat and investigate computer service fraud. Today’s arrests are just the start."
He continued that Microsoft software will never cold call you or use tech support pop-ups on websites. If you think you've been targeted by this scam, Microsoft has created a support guide with contact details. You should also report the scam to Action Fraud here.
“These scams are unfortunately becoming increasingly frequent and are very upsetting for those that are targeted," Milward told WIRED. "We advise people not to trust any caller or pop up claiming to be from Microsoft saying there is a problem with your computer.
"If you are contacted like this, it’s a scam. The most common is the ‘helpdesk’ scam, where someone pretending to be from Microsoft will call you to say there is something wrong with your computer and then either ask for money to fix the problem, or access to your machine. They will often show you things that everyone has on their computer to convince you they are genuine. We want you to know that they do not work for Microsoft."
This type of fraud continues to evolve as people become aware of the tactics used and Microsoft said it increasingly hearing about pop ups, which encourage people to call a number that appears in a box on screen.
This article was originally published by WIRED UK
