Scammers always find new routes to scam innocent people. Scams like Tech Support Scams, Amazon Scams, and others are still common. You should be aware of a similar scheme but take different routes.
The scams that we will be talking about are known as Refund Scams. Let’s take a look at how these Refund Scams work so that you may understand what path the scammer takes and what you can do to ensure your safety.
The Refund Scam
The Refund Scams starts with a call or an email from a well-known organization. The scammers will persuade you to log into your bank account. The user would have been promised a certain amount, but the attacker will edit the HTML file, so it looks like an extra amount has been transferred. He will then ask the victim to return the money in the form of Amazon, Apple, or Google Gift cards.
Step-By-Step Procedure of Refund Scams
First Interaction Via Email or Call
Like every other scam, Refund scams often start with a phone call or an Email. You may receive a recorded phone call that tells you that one of the companies you are subscribed to is going out of business, and they would like to refund the amount of your purchase. You might have to press some key to get back to the Support Agent.
Similarly, you might receive an email claiming that you are owed a refund because you haven’t used a service you have purchased in a while. The email contains a phone number for you to contact to get your refund.
The scammer will try to make the email look authentic by adding logos or using Microsoft-related domains. All of this is just to get a hold of your curiosity and make you call the telephone number provided in the email. Legitimate companies never keep track of your app usage and offer you a refund via mail or automated calls.
Sometimes, if you call these numbers and be discreet about the application or hardware they provide you the refund for, the scammer might get uncertain and drop the call, which is a red flag.
Scammer’s Connect To Your PC
If you follow up on the call or email, you will be connected to the Refund Department of any renowned company. They will tell you that they need to connect to your device to process the refund. To do so, they will prompt you to install remote control software like TeamViewer, AnyDesk, or similar.
Once they have remote access to your device, they will ask you to log in to your bank account to process the refund.
Again, this is a Red Flag. Why should someone need to access your bank account for them to process the refund? You should never allow anyone to have remote access to your device you don’t know and don’t trust for safety purposes.
Black Screen and the Fake Refund
Once you are logged in to your bank, the scammer will ask you to write down the amount present in your bank account on a piece of paper. Also, the total refund amount needs to be written on that paper.
Next, they will use the Teamviewer Black Screen feature to black out your screen so that you can not see what they are doing. The scammer might give you lame excuses that the Blackout is due to security concerns or as a privacy measure, all of which is nonsense. While you cannot see your screen, they will ensure you that they are processing your refund. Instead, all they would be doing is that they would be change the HTML code of the webpage and deceive you.
If your bank has a secondary account like a saving account, what they will do during the blackout is that they will simply transfer money from one account to another. However, the core of the scam is that they will send you extra money by mistake. If the refund amount was $399.99, they might transfer $4,399.99 instead.
To obfuscate the fact that your primary account is nearly depleted, the scammers edit the Web page’s HTML coding to ensure that you have received money from the refund department instead of transferring between accounts.
Editing an HTML webpage is a simple operation that you can do in any browser. All you need to do is right-click on any text and Choose Inspect; a Developers menu will pop up. By choosing the text and editing allows the scammers to type in what suits them best. However, it never changes the balances in your bank account. If you want to reassure yourself while this scam is going on, you can refresh the page as soon as you see any anomaly, and all the changes the scammers did would revert except the transfer of an amount from your Current account to your Saving Account.
Even if you only have one account, they would use the same trick to change your account balance.
The Overpayment Demands
Once the scammer has edited the HTML coding of the webpage, they will disable the Black screen feature to see the available balance for yourself. The scammer will prompt you to verify the refund amount that you have received. For a moment, you would be confused as thousands of Dollars are excess in your Bank account and indeed, you will tell the scammer that they have sent extra amounts of money to their account – This is the reason the scammers asks you to write the balance during the start of the call.
The scammers will act surprised and realize that they have made a mistake and sent you too much. The scammer will then ask you to send the extra money back to them; as a caring human, you might ask for their bank account to transfer the amount back to them. (remember that you haven’t refreshed the webpage yet, cause if you would have, then the amount will be the same as before the call).
The answer would be a NO from the scammers that they can not provide you with a bank account number, and instead, you should go over to a gift card store and purchase Amazon, Apple, or Google Gift Cards worth the extra amount and share the codes with them. Also, a little trick the scammers use is informing you that they might lose their jobs if you don’t send the money right away.
Payment by Gift cards is one of the Signs of a Scam call. Legitimate Organizations never ask for any amount, especially not on calls or emails, not in GIft Cards. Scammers want you to buy Gift Cards and claim the codes over the phone so that they can redeem the funds and likely use them to make money through their apps. Gifts Cards are also impossible to trace compared to Bank transfers.
If you did like to see what a real refund scam looks like, we recommend watching the below video:
How To Stay Safe From Refund Scams?
If you refresh the page every single time the scammer turns off the Black-Screen features, the scammer will get pissed and might cut off the call or may threaten you. If you refuse to return the excess amount in the form of gift cards, you will face similar emotions from his end. They might tell you that you have stolen their money, or they plan to sue you over this, which is absurd. However, the scammers might do other harmful things with your device while they still have control over it.
They might try to lock your computer account by adding a password to it if it hasn’t been password protected. Also, if you are still using Windows 7 or lower, they might add an SYSKEY to block you from using any Windows file, and you need to reinstall the Windows once more.
To prevent all this hassle, you need to ensure that you do not provide remote access to your device to someone you can not trust. Also, to blackout, your screen scammers mostly use Teamviewer. The scammers first ask you to connect to their system and then flip the connection to connect to Teamviewer. According to scammers, this tactic is used to build trust; instead, if the scammers try to connect to your device directly, you will be prompted by a scam alert based on the scammers’ location, and Team Viewer might hinder their remote access.