The FBI is warning people to be alert to the threat of technical support scams, in which criminals pose as support staff from computer or software companies and try to trick unsuspecting PC users into giving up access to their bank accounts.
They contact victims by phishing email or by phone, warning that an annual subscription service is about to be renewed within hours at a cost which is commonly in the range of $300 to $500 – and that the victim should get in contact if they want to cancel the payment.
The scammers don't know what software the victim is subscribed to, but by convincing the victim they're about to lose a significant sum of money because of some random subscription, the aim is to scare them into contacting the false support scheme to cancel it, either by contacting a phone number, replying to the email or clicking a link that claims to offer help.
Once the victim contacts the scammers to explain they don't want the 'subscription' and want a refund, the 'support' operative persuades the victim to download remote desktop protocol software, to provide full access to their computer to help the 'tech support' issue a cancellation and refund.
Installing this software provides the scammer with full access to the victim's computer and the attacker tells the victim that they're refunding the subscription amount to their bank account, before encouraging the victim to log in to their online-banking service to check.
If the victim does this, the scammer sees their username and password and they can access the account.
Once this happens, the scammers lock the user out their system or show them a blank screen to hide the next step, which is making wire transfers to foreign bank accounts using the victim's account – a method used to help launder stolen money – or simply stealing money directly from the victim.
The information accessed in the victim's online bank account could also be used to conduct additional fraud.
These scams use a sense of urgency to panic victims. As a result, the FBI is urging anyone who sees an email claiming to be urgent and relating to a subscription or service renewal to resist pressure to act quickly, as it's the sense of time running out that scammers aim to take advantage of.
People are also urged not to be pressured into downloading software, particularly if it comes from unofficial sites and links as that carries the risk of allowing cyberattacks to gain access to your PC or even install malware.
And the FBI stresses that people shouldn't send wire transfers, especially to foreign banks, on the instruction of someone you've only spoken to online or via phone – especially as real banks will rarely ask for you to send sensitive information via email or enter it into an online form.
"When in doubt, search online for accurate financial institution information and initiate the communication from your end. If you are called by someone claiming to be an official institution, look up the contact information and call back," said the alert.
"Monitor your credit card and bank account transactions for any unauthorized activity and immediately contact your financial institution if you observe irregular or unauthorized activity," it added.