FBI Warning—Do Not Call Any Of These Phone Numbers
You must never make these calls.
NurPhoto via Getty Images
Republished on August 24 with a new federal agency warning on phone attacks.
A stark FBI warning has just come to life on social media, with an attack on Microsoft users going horribly wrong — at least from the hacker’s perspective. Sometimes it really is good to put a face to a name, and that’s the case with this viral story of the week.
“Legitimate companies will never call you and offer tech support out of the blue,” the bureau says. “If you get a call like this, hang up.” And even more critically, “never let someone claiming to be tech support have remote access to your device.”
If you do, then you risk your device being infected with malware, your security credentials and data being stolen, and ultimately you bank account being “drained.” But there’s now a twist on this warning. Attackers don’t call you — you call them.
It starts with a popup. A warning that there’s a fault with your device or your security or an account issue. The popup includes a number to call and a message urging you to make that call immediately before the problem gets worse. You are now under attack.
Just as companies like Microsoft, Google, Apple and Meta won’t call you, they won’t trigger a popup on your screen with a number to call. they won’t email, you with account warnings alongside sign-in links or helpdesk numbers. This is always an attack.
Meet Gaurav Trivedi, who runs exactly this scam “out of his apartment complex in Raebareli, India.” His attack starts with one of these popups “that locks your screen, blares a loud warning sound” and voices a warning that a restart will spread a virus. The popup “tells you to call ‘Microsoft’ immediately or risk losing all your data.”
Unfortunately for Mr Trivedi, one of his intended victims was NanoBaiter, who has now shared his table-turning story with 42 million X users. “When Gaurav tried it on me… I gave him access to my virtual machine and used it to hack into his system instead.”
The OpSec deployed by Mr Trivedi was non-existent, somewhat surprisingly given his chosen trade. NanoBaiter says that by reversing the remote viewing software pushed out to him, “I accessed his webcam and snapped a clear shot of his face. He pulled up the softphone dialer and boom, his real name appeared on the screen: Gaurav Trivedi. The wifi card on his laptop was active, letting me trace his exact location.”
This apparently enabled NanoBaiter to get “a front-row seat to his life, watching him eat, sleep, and then scam innocent people… all through his webcam.”
Microsoft has just issued a longform warning about such popup attacks, the most common form of which is ClickFix, which tricks you into running a script on your PC to install malware, rather than calling a number. The social engineering is the same.
Google has warned specifically about these tech support scams, whether or not you call them or they call you. If you see a popup on your screen, exit the popup or app if you can. If you can’t exit, then do not hesitate to force restart the device.
The FBI says variations on this theme include the following:
- Unsolicited phone calls or text messages claiming to be from tech support
- Internet pop-up windows telling you to call a tech support number
- Websites or online ads advertising a tech support number
- Financial institutions, utility companies, or cryptocurrency exchanges
All of these are scams, and it’s now made worse with AI. The latest ruse is to plant fake numbers online such that when an AI assistant is asked to find a phone number for technical or customer support, it retrieves a fraudulent one. Do not do that either.
If you’ve been hit by one of these attacks. The FBI says you should file a report, run an “up to date virus scan” on your device, contact your financial institutions immediately, and of change all passwords for any accounts that might be compromised.
It’s easier just to make a rule — never call any of these phone numbers. Meanwhile the police in India have been notified.
Stateside, sometimes it’s not just big tech impersonated by tech support scams, it’s the U.S. Government itself. That’s the crux of a new Federal Trade Commission (FTC) warning, as “scammers pretending to be with the FTC” are calling citizens.
The lure might be different but the attack is the same. “Their goal is to make you think you are moments away from getting money that’s owed to you – and, to get the money, all you need to do is allow them to connect to your computer.”
Just as with Mr Trivedi and Microsoft, in the case of the FTC scam, the “imposters ask for remote access to your computer” before “tricking you into installing malware, selling you software that’s worthless, or directing you to websites and ask you to enter your credit card number and other personal information. They may also ask you to pay them by buying gift cards or prepaid debit cards at local stores or online.”
The FTC advises anyone called to report the scam, and to note that “in the case of the FTC’s Advanced Tech Support refund program, all checks have already been mailed to those affected. The FTC is no longer accepting any new claims.”
It’s the same theme with the Phantom Hacker scam, which has promoted multiple FBI warnings and which is also making headlines this weekend.
This is where someone impersonating a member of staff from your bank calls to warn that your device has been hacked and your money is at risk. They helpfully offer to install some software on your PC or phone to diagnose the issue and to help keep you safe. They then direct you to move your money to a safe account.
The viewing software lets them view your accounts to determine what to target, and the safe account is one of their own. There is no hacker beyond the scammer you are talking to. This the “phantom”monicker. This is now a particular threat to seniors.
“Pete Nicoletti, CISO at Check Point, told Fox News Digital the scam has become ‘devastating’ for seniors, and said families need to have discussions with their loved ones to keep them protected. Nicoletti said scammers are now getting personal with some of their tactics, targeting people with specific interests they have.”