The FTC Is Cracking Down Harder on ‘Tech Support’ Scammers
Toggle Dark Mode
The US Federal Trade Commission (FTC) has made some significant amendments to its Telemarketing Sales Rule (TSR) that will offer better protection for those who fall victim to “tech support” scams.
For those unfamiliar, a common scam has been making the rounds for over a decade where fraudsters try to convince unsuspecting non-technical users that they need computer-related services so they can extort money from them to provide those “services.”
The exact nature of the scams takes several forms. In the early days, criminals often made cold calls or sent emails from “Microsoft” or “Apple” representatives claiming there were crucial “security fixes” that needed to be installed on their computer and offering to provide those fixes—for a fee. However, it’s much more common these days for folks to be duped into calling fake support numbers that come from invasive popups on malware-infested websites that suggest their computer has been infected with a virus.
In most cases, the only “virus” on the computer is the malware from the website that provides the popup. However, these are designed to frighten people into thinking they need to take action, and it’s sadly all too common for folks to be scared into responding.
To add insult to injury, these cybercriminals don’t just take money from their victims. In the process of providing “tech support,” they also get the person to install remote control software so the scammer can access their computer to “fix” the non-existent problem. This gives them complete access to take a joyride through their target’s personal files, which can lead to identity theft.
This remote control software is also usually left installed, potentially allowing the scammer to reconnect again as often as they like — at least until the victim of the scam has their computer investigated by a legitimate tech support service (when I worked part-time in remote tech support for a major service provider a few years ago, nearly a third of my calls involved investigating and cleaning up malware from the PCs of folks who had fallen prey to these scams or were worried they might have).
Unfortunately, while the FTC has had policies in place for a few years to go after these scammers, the rules only allowed it to do so when the scammer initiated the call. Since most tech support scams no longer work that way, the FTC’s hands were tied due to some legal issues stemming from a 2021 Supreme Court ruling:
The Supreme Court’s decision in AMG Capital Management, LLC v. FTC, held the Commission could not obtain monetary relief under section 13(b). As a result, the Commission is now constrained in its ability to redress consumers harmed by tech support scams whose deceptive business practices arguably fall beyond the reach of the Rule.
The FTC explains that it was able to overcome this by amending the Telemarketing Sales Rule (“the Rule”) to add “tech support services” to the list of calls that are excluded from the TSR’s “inbound call exemption.”
While that sounds like a bit of doublespeak, the loophole existed because the TSR broadly exempts calls that consumers make to telemarketers. After all, if the person calls a telemarketing company in response to an ad or direct mail solicitation, there’s usually no need to regulate that.
However, that exemption doesn’t apply to types of calls that are “often deceptive,” such as “investment opportunities, debt relief services, and prize promotions.” Technical support services have now been added to this list, meaning these calls can be treated in the same way, offering additional protections for consumers.
This includes both the kind of blatant fraud described above and marketing scams in which customers who call to activate legitimate security apps end up reaching telemarketers who try to sell them additional unnecessary products and services instead of just activating their software.
The rules allow the FTC to take action against these and other scammers regardless of whether money has changed hands. A 2015 amendment to the TSR made it illegal for telemarketers to ask for payment using non-reversible payment methods such as “remotely created checks and payment orders, cash-to-cash money transfers, and cash reload mechanisms.”
This means that even if you’ve encountered and avoided one of these tech support scams, it’s still a good idea to report it to the FTC. This will hopefully help ensure the scammers are caught and prevent more vulnerable and less tech-savvy folks from becoming their next victims.