Criminals are posing as IT support staff, calling unsuspecting U.K. internet users to push rogue antivirus software. GetSafeOnline.org reports this as part of their Internet safety week campaign.
These scam operations often involve up to 400 people using sales techniques and social engineering to deceive victims. The goal is to obtain credit card information through the sale of rogue antivirus software or gain remote access to the victim's system for future use.
Typically, the scam begins with an unexpected call. The caller, pretending to be an IT helpdesk technician, builds rapport with the victim, presenting themselves as trustworthy by using personal information available online. The victim is then questioned about computer problems like slow email or internet browsing. Once the victim admits to an issue, the caller exaggerates the problem and offers a solution for a small fee.
The caller might say, “For a small fee, we can install something to fix your system and clean it completely. No more slow startups, your web surfing will speed up, and email will arrive nearly instantly.” If the victim agrees, the scammer collects their credit card details and charges anywhere from $50 to $79 USD. The rogue antivirus software is then installed, and the caller moves on to the next victim. If the victim resists, the caller ends the call and moves on quickly, adhering to a cold-calling strategy that values rapid turnover.
Cold calling itself is not illegal; it is a legitimate marketing and sales tool. However, using it to sell fraudulent items like rogue antivirus software is illegal. The scam works because even legitimate cold-calling operations know that persistence pays off: after several rejections, someone will eventually say yes.
Recent research indicates that 80% of UK internet users have never heard of these scams, yet nearly a quarter have been approached by them. Baroness Neville-Jones, the Minister of State for Security, emphasized the importance of raising awareness about this threat.
Webmasters are also targeted by scammers, who add them to an affiliate system that pays for each successful installation of rogue antivirus software. This scheme mirrors how the criminals themselves are paid, indicating a profitable operation where criminals invest up to $150,000 USD per month in payouts.
Despite improvements in computer security, over a third of U.K. internet users have experienced malware attacks, 22% have faced phishing scams, and over 21% have been victims of identity fraud, according to GetSafeOnline.org.
To avoid falling for these scams, trust your instincts. If an offer sounds too good to be true, it probably is. Never agree to sales over the phone, especially from unsolicited calls requiring immediate payment. Ask for time to think, or stall the caller with random questions. If they press harder, hang up.