Cyber Security

Cybersecurity for small business: Tech support scams

used with permission from FTC.gov
Andrew Smith, Director, FTC Bureau of Consumer Protection

An employee gets a phone call, pop-up, or email warning about a problem with the office computer. In an effort to be helpful – or perhaps concerned they clicked on something that caused the glitch – the employee follows instructions to send money, turn over personal information, or provide access to your system. As a small business owner, you know it’s a tech support scam, but are you sure every member of your team has the savvy to spot it? The FTC has new resources to help protect your company from cybersecurity risks, including tech support scams.

How the Scam Works

Scammers often pretend to be from a well-known computer-related company. They use confusing tech talk and smoke-and-mirrors chicanery – perhaps a bogus “scan” of your system – to convince your employee that emergency action is necessary.

The next step varies depending on what the scammer is after. Data thieves may propose a “fix” that gives them remote access to your network. Once in, they steal sensitive data or install malware to facilitate future invasions.

Others just care about the cash. They may try to convince your employee to enroll in a worthless computer “maintenance” or “warranty” program. Or they’ll ask for a credit card number so they can bill your business for bogus repairs. In a variation on the scam, they may direct your staffer to a website where they ask for account information, passwords, or personal data.

How to Protect Your Business

If someone calls your employee and says there’s a problem with the computer – even if it looks like a local number or the caller ID says it’s from a well-known company – instruct your staffer to hang up.

If it’s an email that appears to come from a trusted business, don’t respond. Don’t click on any links. Don’t share passwords. And don’t call a phone number in the message.

If it arrives as a pop-up, the advice is the same: Don’t respond. Don’t click. Don’t share. Don’t call. Tech support scammers are experts at falsifying caller IDs, email addresses, URLs, etc. So those aren’t reliable methods for separating the tricky from the trustworthy.

Of course, some pop-up messages about computer issues are legitimate and sometimes your IT people need to talk to a staffer. Train your employees to respond by calling or emailing a co-worker you designate, using a number or address you have provided in advance.

What To Do If You’re Scammed

If someone at your business has shared a password with a scammer, change it on every account that uses that password. Insist on unique passwords for each account.

To protect against malware, use legitimate security software and keep it current. Use the software’s scan feature and delete anything it flags as a problem. If you need help, consult a trusted security professional in your community. If a computer infected by malware is connected to your network, you or a security professional should check the entire network for intrusions. Report an attack right away at FTC.gov/complaint.

If an employee bought bogus services from a tech support scammer, ask your credit card company to reverse the charges. Keep checking your monthly statements to make sure the scammer doesn’t try to go back for seconds – and report it to the FTC.

To learn more, contact us today.

Bryan Antepara

Bryan Antepara: IT Specialist Bryan Antepara is a leader in Cloud engagements with a demonstrated history of digital transformation of business processes with the user of Microsoft Technologies powered by the team of eMazzanti Technologies engineers. Bryan has a strong experience working with Office 365 cloud solutions, Business Process, Internet Information Services (IIS), Microsoft Office Suite, Exchange Online, SharePoint Online, and Customer Service. He has the ability to handle the complexity of moving data in and out of containers and cloud sessions, makes him the perfect candidate to help organizations large and small migrate to new and more efficient platforms.  Bryan is a graduate of the University of South Florida and is Microsoft Certification holder.

Recent Posts

Introduction to Microsoft Copilot

Microsoft Copilot is a tool, powered by AI, that aims to boost your productivity within…

21 hours ago

Project Management: Why is it important?

Making things happen is the art and science of project management. The process involves managing…

6 days ago

Enhancing Website Performance and User Experience Through Caching Strategies

In today's fast digital life, website performance is important, as it holds visitors and ensures…

6 days ago

Protecting Municipal Data: Security Tips for City Officials

The FBI reported that cyber attacks against government facilities saw an increase of almost 36…

7 days ago

The Advantages of Collaborating with a Managed Services Provider

In today’s fast-paced, technologically advanced world, businesses of all sizes increasingly rely on digital systems…

7 days ago

Technology Buzzwords: Demystifying the Jargon of the Digital Age

You likely hear terms like "blockchain," "machine learning," and "cloud computing" without considering their real…

7 days ago