'We've got to put somebody in jail for these folks to take us seriously,' counters Sen. McCaskill (D-Missouri) Microsoft’s best advice to combat tech support scams? Hang up the phone.“You get a call from someone that’s unsolicited, talking about technical support, hang up,” said David Finn, the executive director of Microsoft’s Digital Crime Unit, during a hearing held by the U.S. Senate last week. “That’s the first thing. That is not a legitimate effort to sell something to you.”Finn was one of several people who testified last Wednesday before the Senate’s Special Committee on Aging, which held a hearing on technical support scams, which disproportionately target the elderly.[ ALSO ON CSO: From start to finish, inside a PayPal Phishing scam ] Such scams, Finn said during his prepared testimony, are the “single largest consumer fraud perpetrated in America today.” They victimize an estimated 3.3 million people and rake in $1.5 billion annually. “This translates to a victim nearly every 10 seconds, with an average loss of $454 per consumer,” Finn said.Those scams come in several forms, and from several directions. Some rely on massive spam campaigns that promise a faster, more secure Windows PC, and draw readers to a URL; others seed websites with pop-ups that falsely claim the user’s machine is infected with malware; still others take out search ads that appear when consumers frantically look for help online after their computers go south. But the classic tactic involves cold calls — unsolicited telephone calls — where callers pose as computer support technicians, frequently from Microsoft itself, and try to convince victims that their computers are infected, often by having them look at a Windows log that shows scores of harmless errors. At that point, the sales pitch starts, with the caller urging the consumer to download software or let the “technician” remotely access the PC.The con artists charge for their bogus “help” and often get people to pay hundreds for worthless support plans or software. Frequently, the scammers use their temporary access to plant malware on the PC, which later surreptitiously steals online account information and passwords.Finn’s recommendation to hang up — his answer when asked what consumers could do to battle back — was not new advice. Nor has it always been successful, according to Computerworld readers, who have provided a regular stream of emailed experiences over the past two years.“How can I stop them?” asked one reader in an email last month. “They call three to four times a day all weekend. I even told them that I was tracing the call. They keep calling back.”“These fools have become so aggressive they are trying every trick in the book to get you to pick up the phone,” wrote Steve Hinds in August. “I picked it up because the calls needed to stop.”“Discovered I also have been scammed by the Windows tech support,” echoed Sharon Minehart, also last month. “Of course I let them in after several weeks of nonstop calls.” When even those who know of the scams’ intent weary of the constant calls to the point where they surrender by picking up the phone — violating Finn’s don’t-engage rule — the frustration level has clearly hit the high side of the meter.While the Federal Trade Commission (FTC) has sued several alleged scammers — some in India, a hotbed for the racket, some in the U.S. — and Microsoft has done likewise, there’s no sign that those spotty actions have had any impact.Sen. Claire McCaskill (D-Missouri), the ranking member on the committee, was frustrated, too, by the lack of progress against scammers, who have been targeted with civil, not criminal, lawsuits. “We’ve got to put somebody in jail for these folks to take us seriously,” McCaskill said during the hearing.She compared the efforts put into finding and prosecuting robberies with the lackluster actions against tech support scammers. “Compare and contrast [that with] the amount of time and energy we spend going after robbers that are depriving seniors of their money, their dignity and, more importantly, isolating them,” McCaskill said. “What they’re doing is beyond cruel. If you are a senior and you feel that you can’t answer your phone, then your life can become incredibly lonely. Your life can be so limited … to the walls of your home. “It is so frustrating to me that we can’t collectively get the political will to decide that some of these people need to go to prison,” McCaskill added. Related content news analysis DHS unveils one common platform for reporting cyber incidents Ahead of CISA cyber incident reporting regulations, DHS issued a report on harmonizing 52 cyber incident reporting requirements, presenting a model common reporting platform that could encompass them all. By Cynthia Brumfield Sep 25, 2023 10 mins Regulation Regulation Regulation news Chinese state actors behind espionage attacks on Southeast Asian government The distinct groups of activities formed three different clusters, each attributed to a specific APT group. By Shweta Sharma Sep 25, 2023 4 mins Advanced Persistent Threats Cyberattacks feature How to pick the best endpoint detection and response solution EDR software has emerged as one of the preeminent tools in the CISO’s arsenal. Here’s what to look for and what to avoid when choosing EDR software. By Linda Rosencrance Sep 25, 2023 10 mins Intrusion Detection Software Security Monitoring Software Data and Information Security feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Data and Information Security IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe