Skip to content

How Tech Support Scam Calls Work and How to Spot Them

Jim Browning talks about his experiences about tech support scam calls and what he's learned.

Most of us have received calls claiming to be from Microsoft Tech Support. But these tech support scam calls are evolving. Tech support scams are a big and profitable business, and scammers are working hard to steal your money. The best way to protect yourself from these scams is to learn how to spot them before they catch you.


See Scam Baiting with Jim Browning for a complete transcript of the Easy Prey podcast episode.

Jim Browning can’t stand scammers, so he’s doing something about it. He’s been investigating and exposing scammers and doing “scambaiting” on his YouTube channel for over five years. The channel now has over 2.3 million subscribers, and many of his videos on how scams work have been watched millions of times.

Getting Curious About Scams

Jim never intended to be a YouTuber. In fact, he has a day job working in IT. The only reason he did it was because he received a lot of tech support scam calls. Jim is an engineer at heart. He wanted to find a solution for the annoying cold calls. Maybe there was something he could do about it, or some way to report them. He was also curious about how the scams actually worked.

One day he received yet another tech support scam call. This time, he went along with it. He did what the scammer asked him to do and recorded it all. Now he knows that it was naive, but at the time, he thought if he could put it on YouTube and show what they were doing to their internet service providers (ISPs), the ISPs would kick the scammers off the network. But of course it was not that easy.

It’s very difficult, as it turns out, to actually do something about these [scammers].

Jim Browning

Many tech support scammers are calling from overseas. Even if you have very detailed information about the scammers, it can be difficult to get anyone do do anything about someone in a foreign country. Jim has gone as far as getting names, addresses, and locations of the people running these scams and reporting them to the relevant authorities. It’s only recently that law enforcement has been moving to stop these people. The CBI – India’s equivalent of the United States’ FBI – carried out a number of raids on major scammers. Some of their information came from Jim and other YouTubers. There’s still a ways to go, but Jim keeps putting that evidence out there so it might get used later.

The Tech Support Scam Call Process

Not everyone knows to hang up on tech support scam calls.

Tech support scam calls almost always start with a cold call – a call you weren’t expecting from someone you don’t know. They will claim to be Microsoft, your ISP, Amazon, or a wide variety of other legitimate companies. All they want is an excuse to have you turn on your computer and do things. All tech support scam calls have a computer involved somewhere.

In the past, you used to be able to put them off by saying that you don’t have a computer. But that doesn’t work as well anymore. Tech support scam calls are perfectly happy to use your smartphone, , iPad, or any other device to run their scam. As long as it’s connected to the internet and they can get you to follow their instructions, they can steal your money.

It doesn’t have to be a computer or a laptop. It could be any device.

Jim Browning

How Tech Support Scam Calls Get Access

Tech support scam calls will give you all kinds of reasons for what they want you to do. The classic version is that they’re with Microsoft Tech Support or your ISP and there’s a problem that has to be fixed. Nowadays there’s variations on that. They might also claim they’re giving you a refund but you have to follow some instructions to receive it. Recently, a variation claims to be from Amazon calling about suspicious activity on your account.

Whatever the reason, the goal of the scammer is the same. They want remote access to your device. Sometimes they will tell you this and give you a reason to need that access. But most of the time they won’t. They get you to type stuff out or download things. What you’re doing is giving them direct access to your computer.

Ultimately, they’re after money, as pretty much all scammers are. Their way of getting money from you is to get you to follow a few instructions on your computer.

Jim Browning

How Access Lets Scammers Steal Your Money

Here’s a scenario: A scammer calls and tells you that you’ve been charged for an Amazon Prime subscription. You respond that you don’t want it, or that you already paid for your subscription so you shouldn’t be charged again. The scammer promises to help you fix it. They have you log into your computer. They give you instructions to “check on the issue,” but those steps really give them access to your computer. Then they tell you it looks like it’s been fixed, but they want you to check your bank account to make sure.

So you log into your bank account. At that point, the screen goes black. The scammer can see the screen, but you can’t. Now they manipulate the screen to look like they put a refund back in your account. A very common way to do this is if you have multiple accounts at the same bank, they transfer some money from another account into the one you’re looking at.

Then the scam moves into the end goal. The scammer tells you that they accidentally refunded you too much. They need you to return some of the refund or they will get fired. Most people are trusting and honest. They’re happy to follow the scammer’s instructions to return the refund. But the money they are “returning” to the scammer was their own money.

Falling for a Scam Increases Risk of Future Scams

Tech support scam calls make their money by remotely accessing your computer. Now your device has been compromised. Should you be worried?

Occasionally, these scammers retain access to your computer. But most of the time, they are looking for a one-time payout. They don’t want to go through the trouble of harvesting and selling your data. They just want to steal your money and move on. However, once you’ve been caught by a tech support scam call, they know you’re a good target. You are significantly more likely to get targeted again.

If you fall victim to a scam, you are far more likely than an average person to fall victim again.

Jim Browning

Jim has seen some scammers call victims a month later and do the scam again claiming to be from a different company. Or they call saying they’re the person who helped you a few months ago, but the company is going out of business so they want to give you a refund. Scam organizations also sell lists of people who’ve fallen for scams. These lists get bought and sold across many organizations. Jim gives fake details to every scam caller, and he hears those details echoed back to him months later from a different call center. They pass the data around. If they think you are a good target, they’re going to keep targeting you.

Tech Support Scam Calls are a Big Business

There may be only three or four people running a tech support scam. But they often hire employees and run it like a business. One of the big tech support scam call operations that was recently raided employed three hundred people on multiple floors of a call center. They brought in almost two million dollars a month just from these scams. They even taught their call center employees foreign languages so they could do tech support scam calls in English, Spanish, and Japanese.

From the very beginning, it may not be obvious to these employees that it’s a scam operation. Most of these organizations recruit recent graduates and don’t advertise they’re hiring people to make tech support scam calls. They set up a good front. To the outside world, they may be a travel agency, taking calls to help people book hotels and change flights. But behind the scenes, they’re a scam operation. It may take days or even weeks for some employees to figure out out. We can’t blame people who are there only a short amount of time. But eventually, there’s no way to hide it.

Some of these organizations, though, blatantly advertise what they do. They disguise and cloak the real terms, but it’s still very obvious. If they say they’re a pop-up business, for example, they put malware on people’s computers with very loud popups and fake Microsoft Support numbers that really call the scammers. Most people who apply for these jobs know exactly what they’re getting into.

How Jim Does Scambaiting with Tech Support Scam Calls

Jim is an engineer, and a curious one at that. He has enough computer knowledge to do a little bit more than average. When he gets tech support scam calls, he deliberately lets scammers connect to his computer. But he sets it up so that the access goes both ways. They can access his computer, but he can also access theirs.

Chances are, if they have some files on their computers, Jim can see who they are. He’s even seen some call centers where the scammers have their own CCTV feeds and film their own offices. Since the servers where the CCTV footage is kept are connected to the internet, Jim could watch them while running the scam. At one point, Jim was able to call a scammer and watch him answer the call through his own CCTV.

These scam organizations also record audio of every call. Because these recordings are internet-accessible, Jim was able to access them. Not only could he see them, he could hear examples of other people being scammed. Working with a documentary show, the BBC’s Panorama, Jim got footage of people being scammed by combining CCTV footage and audio recordings. It was very clear evidence that a particular call center was involved in scams.

In scambaiting tech support scam calls, Jim sometimes got access to CCTV to watch the scammers.

Why Scam Call Centers Record Their Calls

It seems odd that a scam call center would record their tech support scam calls. Isn’t that just evidence if someone decides to prosecute them? But they do audio recordings because they are operating just like a legitimate call center business. They treat their scam callers like legitimate employees. The calls get reviewed and they keep track of how much money each employee steals. There are even incentives for people who steal a lot of money.

For those who don’t manage to steal enough money, there are improvement plans. Someone reviews the calls and tells them how they could have been a better scammer. If they don’t steal enough, or if an angry person calls back and asks for their money back, they could be fired. In a big Indian call center with lots of demand, they are very replaceable. Except for the fact that the employees are making tech support scam calls, it operates just like a legitimate large call center.

There are some smaller tech support scam call organizations. Jim has seen some that are just a few brothers and their friends. But the big ones treat it like a business. And it can be a very profitable business. They make massive amounts of calls to get one or two victims who they can convince. People who are older or not familiar with tech support scam calls are especially vulnerable, but with the right story, they can catch anyone. That’s why these scams are so profitable.

Literally anyone can fall for these sorts of scams.

Jim Browning

Tech Support Scams Don’t Always Call You

This type of scam is most common through tech support scam cold calls and malware popups on your device. But there are other ways they can get you to come to them. One way is through search engines. Say you are having an issue with your printer. You Google “printer tech support” or “HP tech support” and call the number that Google gives you. That number may lead to a scam call center. Scammers manipulate search engines so that their fake numbers show high in the results, even though their numbers are fake.

If you call one of these fake tech support numbers, it will sound legitimate. They’ll ask for the make and model, and other stuff that normal tech support would ask. Then they will tell you that to fix the problem, they need access to your computer. Once they get in, they’ll tell you that you have hackers or malware or something else and you have to pay for software to fix it. If you think you called a genuine help desk, it’s even easier for them to manipulate you.

Search engine results, don’t always trust them … Is this the genuine thing? Sometimes it’s very hard to tell.

Jim Browning

If you’re going to find a tech support number through a search engine, look very closely. Watch for signs that the website is fake or imitating a real site. One obvious tell is external links like Facebook and Twitter. If you click on those and they go nowhere, it’s probably a scam site. There is even a software you can install with your antivirus that will tell you if a website is legitimate or not. If you’re not using a software like that, be very diligent and confirm it’s real before you call.

What to Do if You Are a Victim of Tech Support Scam Calls

If you think you’ve been a victim of tech support scam calls, go to your bank or credit card company. Tell them first. If it happened recently, they may be able to get some of that money back if you can prove it’s a scam. That’s not always the case, though. Jim got information from scammers about eight hundred victims. He contacted them, and only three percent of them got money back. In most cases, the money went overseas, where it’s almost impossible to get back. But sometimes banks and credit card companies can catch it before it leaves the country. Talk to your bank as soon as possible.

If you paid the scammer with gift cards, be aware that you won’t be able to get that money back. Gift cards are the currency of scams for a reason. They’re anonymous, as good as cash, and impossible to get back. Once you read that code to the scammer, it’s gone. That’s why gift cards are a huge red flag. No legitimate business accepts payment in gift cards.

If anyone says “gift card” to you, that should be ringing alarm bells. That’s pretty much always a scam.

Jim Browning

If someone got remote access to your device, the safest thing to do is to back up your data, completely wipe the device, and reinstall the operating system. But in practice, all the scammers really want is payment. The remote access usually only happens once, and there’s no repeat compromise. In most cases, it’s probably okay just to remove the remote access software. There are different variants, but it’s usually called something like TeamViewer, AnyDesk, UltraViewer, or ScreenConnect. Just uninstalling that software usually makes your computer safe from scammers again.

Jim’s Best Advice to Spot Scams and Protect Yourself

Always be wary of cold calls. No legitimate company would have a problem with you asking questions about a phone call, or hanging up and calling back on a number you know is legitimate. If it sounds odd, trust your gut and check it out. And always be suspicious of a sense of urgency. A legitimate business will be happy for you to take your time and verify that they’re legitimate. Only a scam wants you to rush ahead without taking time to think and verify.

Caller ID can be spoofed and forged very easily. Jim does it every time he calls scammers. There’s nothing in the phone system that verifies the number you see on Caller ID is the real number o the caller. Jim advises never trusting it, ever. Also be careful of search engines. Their results are not always your friend. Pay attention and take the time to verify the site is legitimate before you make any calls.

Ultimately, Jim’s best advice is to always be a little skeptical. Don’t take things at face value. Do some research and look at the details. There’s nothing wrong with asking basic questions with any phone call you make or receive. And know what a scam looks like so that you can spot a tech support scam call or any other scam call before you get caught. If you know what a scam looks like, you should be able to recognize them even when they evolve.

Watch Jim Browning’s videos on tech support scams, scambaiting, and other scams on his YouTube channel. If he can help anyone identify when they’re being scammed, that’s a success. There are also entertaining videos where he winds scammers up and even occasionally gets them arrested. You can also connect with Jim on Twitter.

Listen to the full episode on YouTube

Related Articles

All
  • All
  • Easy Prey Podcast
  • General Topics
  • Home Computing
  • IP Addresses
  • Networking Basics: Learn How Networks Work
  • Online Privacy
  • Online Safety
  • Uncategorized
The effects of internet addiction can be devastating to children and teens.

The Effects of Internet Addiction on Kids: What Parents Need to Know

In the modern world, we need the internet for daily life. Work, school, banking, shopping, social connection,…

[Read More]
Are those signs declaring we buy houses scams? Not always - but you should definitely be careful.

“We Buy Houses” Signs – Legitimate House Buyers or Scams?

You’ve probably seen them somewhere. A sign by the road, an ad on a billboard, or even…

[Read More]
Student loan scams steal billions - here's what to watch out for.

Student Loan Scams to Watch for As Payments Resume

Student loans came out of their forbearance period and payments resumed towards the end of last year….

[Read More]
Titania Jordan talks about virtual kidnapping and what parents can do about this new scam.

Virtual Kidnapping: A New Threat for Parents and Kids Online

A virtual kidnapping call can be terrifying - that's why it's important to be prepared in advance.

[Read More]

The Hidden Risks of QR Codes

In today’s digital age, Quick Response (QR) codes have become a ubiquitous feature of modern life. From…

[Read More]
Kurt Long talks about balancing privacy vs. security in messaging and why it's so important.

Balancing Privacy vs. Security is the Key to Safer Online Messaging

If someone asked you if you want the messages you send and receive to be private, you’d…

[Read More]