{"id":1757,"date":"2026-03-13T09:00:00","date_gmt":"2026-03-13T13:00:00","guid":{"rendered":"https:\/\/servitiq.ca\/articles\/faux-support-technique-arnaque-pme\/"},"modified":"2026-03-13T12:47:08","modified_gmt":"2026-03-13T16:47:08","slug":"fake-tech-support-scam-smb","status":"publish","type":"post","link":"https:\/\/servitiq.ca\/en\/articles\/faux-support-technique-arnaque-pme\/","title":{"rendered":"Fake tech support: the only thing they fix is your bank account"},"content":{"rendered":"<p><strong>An employee receives an alarming pop-up: \"Your Windows system is infected! Call technical support immediately.\"<\/strong> In a panic, they call the number displayed. A professional \"technician\" asks them to install remote access software to \"diagnose\" the issue. Minutes later, dozens of fake viruses appear. They're asked to pay $375 to \"clean\" their computer. They pay by credit card. The following week, their bank contacts them: fraudulent transactions were made with their card.<\/p>\n\n\n\n<p>This story, from the newsletter <a href=\"https:\/\/www.sans.org\/newsletters\/ouch\/fake-tech-support-fixing-your-bank-account\" target=\"_blank\" rel=\"noopener\">OUCH! by SANS Institute (January 2026)<\/a>, illustrates a scam that is increasingly common in Quebec. Here's how to recognize it and protect your business.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What is a fake tech support scam?<\/h2>\n\n\n\n<p>Fake tech support scams occur when criminals convince a person that something is wrong with their computer, phone or online accounts \u2014 and that they need urgent help from \"tech support.\" The scammers impersonate well-known companies like Microsoft, Apple, Google or even your bank.<\/p>\n\n\n\n<p>These scams often start with:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Alarming pop-ups<\/strong> in the browser claiming your system is infected<\/li>\n\n\n\n<li><strong>Unsolicited phone calls<\/strong> claiming to be from Microsoft support or an IT provider<\/li>\n\n\n\n<li><strong>Emails or text messages<\/strong> claiming your account has been compromised<\/li>\n\n\n\n<li><strong>Fake update alerts<\/strong> from the browser or operating system<\/li>\n<\/ul>\n\n\n\n<p>Regardless of the method, the goal is always the same: <strong>create panic and force you to act immediately<\/strong>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What the scammers want<\/h2>\n\n\n\n<p>According to the SANS Institute, fake tech support scammers target three things:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. Your money<\/h3>\n\n\n\n<p>They charge for \"fixing\" nonexistent problems. Payments are often requested via gift card, wire transfer or cryptocurrency \u2014 methods that are hard to trace and impossible to reverse.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. Your personal information<\/h3>\n\n\n\n<p>Under the pretext of \"verifying your identity\" or \"processing a refund,\" they ask for your name, address, passwords or banking details.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3. Access to your devices and accounts<\/h3>\n\n\n\n<p>By convincing you to install remote access software (TeamViewer, AnyDesk, etc.), scammers can spy on your activity, steal your files or install real malware for future attacks. Even if you realize it's a scam and disconnect, they may already have your data.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How the scam works \u2014 in 3 steps<\/h2>\n\n\n\n<p>These scams rely on<strong>social engineering<\/strong> : the manipulation of emotions to create fear and urgency.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>The hook (fear):<\/strong> A pop-up, text message or call alarms you with threatening language \u2014 \"Your data will be lost!\", \"Your account will be suspended!\"<\/li>\n\n\n\n<li><strong>Trust:<\/strong> The scammer presents themselves as a professional from a well-known company, using official logos and spoofed phone numbers.<\/li>\n\n\n\n<li><strong>Control and payment:<\/strong> You're asked to install software or click a link. The scammer takes control of your device, then charges for \"repairs\" or \"protection services.\"<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">How to protect your business<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. Stay calm and think<\/h3>\n\n\n\n<p>Legitimate companies <strong>never display pop-ups with phone numbers<\/strong> and never call you unsolicited to report a problem. If something seems urgent or scary, take a pause and verify independently.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. Never call a number displayed in a pop-up<\/h3>\n\n\n\n<p>If an alert message appears in your browser, <strong>close the browser<\/strong> (use Ctrl+W or Alt+F4 if necessary). Never interact with the number or link displayed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">3. Never give remote access<\/h3>\n\n\n\n<p>Never <strong>ever<\/strong> allow an unknown person to remotely access your devices or accounts. If someone contacts you pressuring you to give them access, it's a scam. Your real IT provider will never ask you this way.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">4. Secure your accounts immediately if you are a victim<\/h3>\n\n\n\n<p>If you think you interacted with a scammer:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Change all your passwords immediately<\/li>\n\n\n\n<li>Contact your bank to report suspicious transactions<\/li>\n\n\n\n<li>Uninstall any remote access software installed during the incident<\/li>\n\n\n\n<li>Have your workstation analyzed by your trusted IT provider<\/li>\n\n\n\n<li>Report the fraud to the <a href=\"https:\/\/www.antifraudcentre-centreantifraude.ca\/index-fra.htm\" target=\"_blank\" rel=\"noopener\">Canadian Anti-Fraud Centre<\/a><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Advice for SMB leaders<\/h2>\n\n\n\n<p>This type of scam doesn't just target individuals. Your employees can receive these pop-ups and calls during work hours, on workstations containing sensitive company data. Here's what you can do:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Train your employees<\/strong> with regular social engineering awareness training<\/li>\n\n\n\n<li><strong>Establish a clear procedure<\/strong> : when in doubt, contact the IT department or your MSP provider \u2014 never a number displayed in a pop-up<\/li>\n\n\n\n<li><strong>Deploy DNS filtering<\/strong> to block malicious websites before they display these pop-ups<\/li>\n\n\n\n<li><strong>Enable multi-factor authentication (MFA)<\/strong> on all critical accounts to limit damage in case of credential theft<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">FAQ<\/h2>\n\n\n\n<details class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\"><summary>Can Microsoft or Apple really call me to report a problem?<\/summary>\n<p>No. Microsoft, Apple, Google and other major tech companies do not make <strong>ever<\/strong> unsolicited calls to report technical problems. Any such call is a scam.<\/p>\n<\/details>\n\n\n\n<details class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\"><summary>Can a pop-up in my browser be a real security warning?<\/summary>\n<p>Real security warnings come from your antivirus or operating system \u2014 not from your web browser. A browser pop-up asking you to call a number is always fraudulent.<\/p>\n<\/details>\n\n\n\n<details class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\"><summary>What should I do if an employee has already given remote access to a scammer?<\/summary>\n<p>Immediately disconnect the workstation from the network, change all passwords from another device, and contact your IT provider for a complete analysis of the workstation. Report the incident to the Canadian Anti-Fraud Centre.<\/p>\n<\/details>\n\n\n\n<details class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\"><summary>How can a managed IT provider (MSP) help prevent these scams?<\/summary>\n<p>An MSP deploys DNS filtering, awareness training, proactive monitoring and policies that prevent the installation of unauthorized software. If an employee has a doubt, they contact the MSP rather than an unknown number.<\/p>\n<\/details>\n\n\n\n<p><em>This article is inspired by the newsletter <a href=\"https:\/\/www.sans.org\/newsletters\/ouch\/fake-tech-support-fixing-your-bank-account\" target=\"_blank\" rel=\"noopener\">OUCH! by SANS Institute (January 2026)<\/a>, published under Creative Commons BY-NC-ND 4.0 license. <a href=\"https:\/\/sansorg.egnyte.com\/dd\/yw3GH9bCmcmM\/\" target=\"_blank\" rel=\"noopener\">Download the full PDF (FR)<\/a>.<\/em><\/p>","protected":false},"excerpt":{"rendered":"<p>Un employ\u00e9 re\u00e7oit un pop-up alarmant : \u00ab Votre syst\u00e8me Windows est infect\u00e9 ! Appelez le support technique imm\u00e9diatement. \u00bb Pris de panique, il appelle le num\u00e9ro affich\u00e9. Un \u00ab technicien \u00bb professionnel lui demande d&rsquo;installer un logiciel d&rsquo;acc\u00e8s \u00e0 distance pour \u00ab diagnostiquer \u00bb le probl\u00e8me. Quelques minutes plus tard, des dizaines de faux [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1758,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_swpsp_post_exclude":false,"footnotes":""},"categories":[16],"tags":[],"class_list":["post-1757","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-securite"],"_links":{"self":[{"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/posts\/1757","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/comments?post=1757"}],"version-history":[{"count":2,"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/posts\/1757\/revisions"}],"predecessor-version":[{"id":1760,"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/posts\/1757\/revisions\/1760"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/media\/1758"}],"wp:attachment":[{"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/media?parent=1757"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/categories?post=1757"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/servitiq.ca\/en\/wp-json\/wp\/v2\/tags?post=1757"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}