Fake Tech Support Calls Spreading Ransomware

How Fake Tech Support Calls Spreading Ransomware Works

Overview: Fake tech support calls are a common scam preying on Indian internet users. Scammers pose as representatives from prominent service providers such as Microsoft, Google, or local broadband companies. Claiming your system is infected or needs updating, they trick you into granting remote access, after which ransomware is silently installed, encrypting your files and demanding payment. How It Works: You receive a call—sometimes in Hindi or a regional language—from someone claiming there’s a virus in your system. They offer to fix it remotely and guide you to install a software tool. This tool (often masquerading as AnyDesk or TeamViewer) allows them remote control, after which they deploy ransomware and ask for a ransom to unlock data or restore services. India Angle: Scammers use names of popular Indian ISPs (Jio, Airtel, BSNL) or reference UPI-linked security updates to gain trust. Targets include senior citizens, homemakers, and small business owners, especially in urban and semi-urban regions. Real Examples: A Pune shopkeeper received a call saying, "We are from Microsoft security. Your internet will be blocked unless you update your system. Please open AnyDesk and give me the code." Hours later, all files were locked with a ransom demand of ₹32,000. Red Flags: Unsolicited tech calls, requests for remote access, urgency to act, poor language or generic greetings, and payment demands after remote access. Protective Measures: Never share remote access codes with anyone calling unexpectedly. Verify independently by contacting your service provider’s official number. Keep your antivirus updated and educate all family members about such scams. Never share your Aadhaar, OTP, or bank details over the phone. If Victimised: Disconnect your device from the Internet, contact the 1930 helpline, raise a complaint at cybercrime.gov.in, and inform your bank if personal details were compromised. Related Scams: Remote access scam for UPI fraud, fake IRS/IT department callers demanding payments, and phishing via WhatsApp tech support.

How This Scam Works — Detailed Explanation

Scammers are leveraging digital platforms and communication tools to reach potential victims for fake tech support scams in India. They often purchase or obtain databases containing phone numbers and contact details of individuals, targeting a diverse audience that includes the tech-savvy and the less informed. Popular platforms such as WhatsApp or even social media channels serve as tools for scammers to initiate contact. These threats can emerge as unsolicited calls, particularly during peak internet usage times when users are likely to be online, making them susceptible to manipulation. In this context, they're not just reaching out randomly but are instead executing targeted campaigns, often in local languages like Hindi, to enhance their credibility and approachability.

The tactics employed by these scammers focus on psychological manipulation and urgency. When a victim answers the call, the scammer poses as a representative of a major tech company such as Microsoft or Google. The caller often assures the victim that their system has been compromised or infected with malicious software. They create a sense of panic by stating that immediate action is required to prevent damage or data loss. Once the victim is convinced of the threat, they are asked to provide remote access to their computer using tools like AnyDesk or TeamViewer. This accesses the victim's system, allowing scammers to install ransomware. By invoking emotions of fear and urgency, scammers successfully mislead victims into compliance.

After granting access, the scam continues in a chilling step-by-step fashion. The scammer will typically start by claiming to perform diagnostics, showing fake warnings and error messages to substantiate their threats. The victim is led to believe that they must pay a sum to resolve the issue and unlock the system. For example, several victims in major urban centers have reported losing thousands of rupees after being tricked into transferring money via UPI to recover their files. In some cases, they are even asked to share their Aadhaar details for identification purposes, unwittingly risking their identity and finances. The desperation to retrieve lost data leads many individuals to comply and pay, often through UPI transactions to the scammer’s account.

The real-world impact of such scams is staggering. Cybersecurity incidents linked to fake tech support calls have led to losses amounting to a few hundred crores in India in the past few years alone. According to reports from the Ministry of Home Affairs and advisories by CERT-In, the proliferation of ransomware attacks has caused not just financial damage but has also raised concerns about trust in digital financial transactions like UPI. The RBI has called for stricter measures to monitor and combat these scams, highlighting the importance of public awareness. It’s sobering to consider that many individuals have been financially robbed of their life savings through these deceitful schemes, with easily accessible channels like WhatsApp enabling scam distribution.

To differentiate between genuine communications and scams, it’s crucial to maintain a vigilant mindset. Authentic tech support companies will never make unsolicited calls asking for remote access to your devices or demanding immediate payment for software fixes or repairs. Always verify the caller's identity by contacting the company directly using official numbers. Legitimate communication will be through verified corporate channels, and they will encourage you to protect your personal data rather than share it with strangers. If you receive an unsolicited call, hang up and treat it with suspicion, especially if the caller creates urgency about a nonexistent issue. Understanding these differences can protect you from falling into this trap, ensuring that you remain safe in the digital world.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Fake Tech Support Calls Spreading Ransomware Target?

General public across India

Red Flags — How to Identify Fake Tech Support Calls Spreading Ransomware

• Unsolicited tech support calls
• Requests for remote access codes
• Urgent claims your device is infected
• Demands for payment post remote access

What To Do If You Encounter Fake Tech Support Calls Spreading Ransomware

1. Report the call immediately by dialing 1930 or visiting cybercrime.gov.in.
2. Do not share any personal or financial information with the caller.
3. Uninstall any suspicion software that may have been installed on your device.
4. Alert family and friends about the scam to raise awareness.
5. Contact your bank’s helpline (e.g., SBI 1800-11-1109 or HDFC 1800-202-6161) to secure your finances.
6. Enable security features on your device, like antivirus software and firewalls.

How to Report Fake Tech Support Calls Spreading Ransomware in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?

Immediately inform your bank through their helpline number (e.g., SBI 1800-11-1109) to block your account and secure your funds.

How can I identify a fake tech support call?

Legitimate tech companies do not initiate unsolicited calls or request remote access to fix problems. Always verify their identity.

How to report this type of scam in India?

You can report the scam by calling the cybercrime helpline at 1930 or visiting cybercrime.gov.in.

What steps should I take to recover money or protect accounts after this scam?

Contact your bank immediately to report the incident, change your passwords, and monitor your accounts for unusual activity.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.