November 21, 2022
Hanging Up on Tech Support Scams
On this episode of Inside the FBI, learn how to protect yourself from tech support scammers trying to get access to your wallet and your computer.
Steve Lewis: Your computer has a virus. You owe money to the IRS. Your grandchild is in trouble halfway across the world and needs cash.
Nearly everyone has gotten a scam call like this—and we keep getting them because they work. Some people panic and send money or give the caller access to their computer, compromising their identities and financial information in the process.
On this episode of Inside the FBI, we learn about how these scams operate, how the FBI partners with law enforcement all over the world to disrupt and prosecute them, and how you can protect yourself.
I’m Steve Lewis, and this is Inside the FBI.
Scammer: Your call is very important to us. Please stay on the line and you'll be transferred to the next available agent.
Thank you for calling support. You are speaking to...How may I help you?
Victim: Yeah, I got a screen showing this number.
Scammer: Okay. Can you tell me what exactly the screen says, or how did you called us?
Victim: The screen space says there’s a hacking risk or something.
Scammer: Okay. And when did you get this alert on the computer?
Victim: A half-hour ago.
Lewis: This seems like any other customer service call, right? Someone has a technical problem, so they call tech support to get it fixed.
But that’s not what’s happening here. Hackers actually put that alert on the man’s computer specifically to get him to call them.
Scammer: You...the alert that you read it to me, it seems it's a hacking, and it's a network-compromising issue, you know what I mean?So, do not take a chance with that. If you have heard the news, you are aware of this, if you have more than this, there are a lot of attacks that are going on, and we are getting a lot of calls in a day. Like, we get approximately 30 to 40 calls in a day where people are attacked with ransomware attacks. That happened recently. You may have heard about that. Yeah? So, these things are really growing. So, I just want you—
Scammer: —not to take—
Scammer: —any chances and to not—
Victim: Let me, uh, let me...
Scammer: —be skeptical about it.
Victim: Yeah, let me think about it, and I'll give you a call back.
Scammer: But sir, at that point of time, the computer might end up, you might lose any of your financial data. Your information can be different.
Scammer: But, sir, still the time, you will think the computer might not work.
Scammer: The network might be damaged. Your banking, emailing, Facebook. Anything can damage. That's what I'm saying.
Victim: I understand you. So let me think about it. I'll call, I'll call you back. I appreciate it. Thank you...for... okay, bye.
Lewis: What you just heard is a recording of an actual scam call that the FBI got as part of an investigation. The saleswoman, operating from a fraudulent call center in India, tries to convince this unsuspecting man that his computer has a virus.
She would’ve taken the money from him to “fix” the non-existing problem, or worse, hack his computer, potentially drain his bank account. Luckily, despite the hard sell, the man thought better of it and hung up.
Unfortunately, many people in this situation don’t realize they're being scammed until it’s too late.
Lewis: Imagine how the recipient of that call must’ve felt. Scared and confused. He was probably interrupted from his daily routine, and told he had to take immediate action or face dire consequences.
This happens all the time: an unsuspecting victim gets a call that seems legitimate. They panic and wire cash or send the caller a gift card or even cryptocurrency. By the time they realize they’ve been fooled, their money’s traveled halfway across the world. Law enforcement often can’t get it back.
Lewis: As Rachel Yurkovich, who works at the FBI’s Internet Crime Complaint Center, explains about these scams:
Rachel Yurkovich: The call centers have it down now to where they can convey this urgency. You know, “Your account has been hacked. Your personal information has been hacked. If you don't do something now, well, your money's gonna be gone.” They're great at scaring people into thinking that they have to do something now.
Lewis: The Internet Crime Complaint Center, known as IC3, tracks internet-enabled scams, and the statistics they’ve have collected are shocking.
Yurkovich: So, last year, we had about $347 million reported to the IC3 in tech support losses. This year, we are already at 90% of that, just in the first five months of 2022. So, we're going to see losses far surpass what we've seen the last couple of years. And we estimate we only get about 10% to 15% of what is actually happening out there. Now, I do attribute some of this increase, I think, to the word getting out. People are becoming more aware. They're reporting it more. However, we do know that we're just getting a small sliver of what's actually happening.
Lewis: And these scams have evolved over time. When the FBI first started seeing these scams about 10 years ago, victims would send cash or checks in the mail.
Yurkovich: Payment methods now have evolved also—not just checks and cash through the mail. They're using wire transfers, ACH transfers, prepaid cards, cryptocurrency. Any method of payment now that you can come up with, they're using it.
Lewis: These new payment methods have presented new challenges for law enforcement trying to find and stop these scammers. But we are using partnerships—including with law enforcement all over the world— and other investigative approaches to stop these criminals.
While public awareness and education are key—the scammers can’t take your money if you hang up on them—the FBI and our partners are working diligently to investigate and break up these groups of criminals.
You may have heard the term, “follow the money,” and that’s exactly what we do in these cases—even as it often takes elaborate journeys to help keep it out of the reach of U.S. law enforcement.
Nearly all groups that commit this type of crime also engage in “money laundering.” “Money laundering” simply means moving money around to make it appear legitimate, or clean. This often helps move ill-gotten money out of the reach of law enforcement. To do this, criminals use elaborate networks of “money mules,” people who illegally transfer money from one bank account to another.
Matt Reynolds: Most of the scams, particularly the ones that that target our elderly citizens, involve the extensive usage of what we call money mules. And “money mules” is just another way of saying money- laundering facilitators. And these folks can either be victims of a different type of scam, or folks who are willing and complicit in, you know, assisting with money movement. And so, while we know that there are extensive money- mule networks operating within the United States, similarly, there are the same networks operating internationally.
Lewis: That was Matt Reynolds, a supervisory special agent in the FBI’s Economic Crimes Unit. His team oversees FBI investigations into these types of scams. Reynolds emphasizes that these scammers go to great lengths to appear legitimate, and that includes even having U.S. bank accounts to receive money.
Following the money, wherever it goes in the world, is a big part of the FBI’s work to find and disrupt these large groups of scammers. Another key piece is stopping these criminals at the source by preventing future calls and future pop-up alerts.
That means taking a trip more than 7,000 miles from Matt Reynolds’ office in Washington, D.C., to the FBI’s office in New Delhi, India.
Suhel Daud: My name is Suhel Daud. I am the legal attaché here at the FBI office in New Delhi.
A legal attaché is a fancy term for an FBI office abroad. So, the FBI has 56 offices in the U.S., but we also have 60-plus offices—a lot of people don’t know this—all over the world. These are fairly small offices. Offices are headed by a legal attaché, and we have assistant legal attachés in the office.
Lewis: In these international offices, our agents don’t have jurisdiction to investigate and arrest suspected criminals like they do here in the U.S. Instead, their role is to share information and partner with the host country’s government on cases that have some connection to the U.S.
Daud: The role of the legal attaché, or the legat, is to coordinate between the FBI and the host government’s law enforcement and security services for exchange of information. So, to further FBI investigations or to assist the local government with their investigation, which might have a nexus to U.S.—either victims, subjects, or data. So, just move cases forward from both sides.
Lewis: Working closely with the host country’s law enforcement is exactly what the FBI does to stop tech support and other call center scammers at the source. The vast majority of tech support and other phone-based scams that target Americans originate in India. Daud explains…
Daud: India is a population of 1.3 billion people. There is a large number of English-speaking individuals here, young population in this country. The internet is quite accessible, and the population is very entrepreneurial. So, when if you add all this, and you add to that the legitimate call center business that India provides to the West, all of this makes up for a good recipe for the individuals working in call centers or other citizens in India using this to dupe U.S. citizens.
Lewis: When a fraudulent call center scams people in the U.S., the FBI gets that information and can pass it along to the Indian authorities.
Daud: Our job here is to identify the call centers, identify the location of these call centers, and then interact with the Indian law enforcement to cause some sort of disruption, and then eventually, assist the Indian government, Indian law enforcement with the prosecution of these cases. So that's kind of how we're going about dealing with call center fraud in India.
Lewis: Rather than extradite the scammers to the U.S., which could take years, the FBI works closely to support the Indian government in seeing the case through within the Indian justice system.
Daud: What we have to keep in mind is that the victims are in the U.S. So, the police agencies here, which are busting these call centers, they would need victim statements, they would need documents from the U.S., and that's where we come in to help prosecute the case because in the end. It's of the interests of the U.S. government to assist the Indian law enforcement in disrupting these call centers.
Lewis: This partnership between the FBI and the Indian authorities has paid off in terms of disrupting and prosecuting those who run fraudulent call centers. In 2018, Microsoft agreed to partner with law enforcement in taking down a call center that pretended to be Microsoft in order to scam unsuspecting victims.
Daud: On one night, we took down 16 call centers. So, that was an example of FBI working with our local law enforcement partners and a private company to form a team. And Microsoft was able to provide experts to the local law enforcement to actually go through the evidence, point out where the evidence is, and really, just triaging the terabytes of data that was collected.
Lewis: Additionally, the Indian authorities recently asked for help from the FBI in locating a fraudulent call center operator who fled after posting bail. The Legat New Delhi team gathered intelligence and passed this along to the police, who found the suspect.
Assistant Legal Attache Lovjit Curran continues the story.
Lovjit Curran: They invited us down to their police station where I personally interviewed the subject and found out kind of how they... how he operated the call center, what his role was, the different roles within the call center. This is just intimate knowledge that we didn't have, we don't regularly receive because they're always changing their methodology. They’re trying to stay one step ahead of law enforcement, so they’re constantly changing.
Lewis: That’s why intelligence gathering, not just arresting and prosecuting subjects, is crucial in stopping these scammers. They are constantly evolving. The FBI has to do the same, and that’s exactly what Daud and his team in the New Delhi office are doing.
Daud: So, we have to stay ahead of it and we have to educate everyone regarding when you get a phone call regarding tech support or someone impersonating a government employee. You have to be very careful in how you deal with it. And before you give out any sort of financial information or you give anyone any money, you need to verify and be vigilant.
Lewis: So, now that you’ve learned a bit about these scams and how we’re combatting them, how can you protect yourself and your family from them?
Most importantly, know that legitimate companies will never call you and offer tech support out of the blue. If you get a call like this, hang up.
Here are some additional tips from Rachel Yurkovich and Matt Reynolds.
Yurkovich: Mostly, the biggest thing we ever say is just to slow down and think. Like I said earlier, the scammers are really good at creating the sense of urgency and panic within people. And if most people would just stop to think about what they were doing or what was occurring, they would realize that what is happening isn't normal, shouldn't be happening.
Also, we always say to keep your virus scan software up to date on your computers. That will help eliminate pop-ups. That will help eliminate malicious software being installed on your computer.
That's the two biggest things, is if people just stop and think, take a breath, go ask somebody else, "You know, hey, this is happening. What do you think is happening? What do you think this is about?" Many times, a scammer will tell people, “Don't tell anybody this is happening. You know, you can't let anybody know.” That's a big clue.
Lewis: Another thing to keep in mind is never let someone claiming to be tech support to have remote access to your computer or other device. Reynolds explains that often, these fake call centers will get a victim on the phone and send them a link to download malicious software on their computer. Once that scammer is in your computer, they have access to all of your personal information and files, and can even drain your bank accounts.
Reynolds: And so, that's where it becomes really a big dollar-loss game where not only are victims paying a couple hundred bucks to, you know, for non-existent tech support services. But at times, their financial accounts are being depleted at a moment's notice. And so, that's what is really concerning because of that that, you know, remote access, that's being granted to the bad actors.
Lewis: Reynolds adds that if you or someone you know is victimized by one of these scams, don’t be afraid or ashamed to come forward and report it. You can report fraud to your local police department and the FBI at ic3.gov. The FBI believes that these crimes often go underreported.
Reynolds: We know that there is a bit of a barrier to reporting because of the fact that many victims are just quite honestly embarrassed or they, you know, are, you know, feel shame from having been defrauded in this way. And they would rather conceal their victimization than speak up and bring it to the attention of law enforcement.
And so that's why the FBI and some of our other, you know, federal partners try to put out as much messaging as we can, so as to say, hey, you know, this is very, very common. And we wanna know about it. And please know that you're not the only one out there. And so that's why we are, you know, trying to ramp up our outreach campaigns.
Lewis: If you’d like to know more about scams and how to protect yourself, visit fbi.gov/scams. You can learn more about money mules, including how to avoid becoming an unwitting participant, at fbi.gov/moneymules.
If you want to report an Internet-enabled scam, visit ic3.gov. Reporting helps the FBI track and combat these crimes.
This has been another production of Inside the FBI. You can follow us on your favorite podcast player, including Spotify, Apple Podcasts, and Google Podcasts. You can also subscribe to email alerts about new episodes at fbi.gov/podcasts.
I’m Steve Lewis from the FBI’s Office of Public Affairs. Thanks for tuning in.