As the world becomes more reliant on technology, scammers have wormed their way into IT services and support. Technology has made life a lot easier. Billions of people, industries, and governments rely on tech for almost everything these days – from computers to IoT devices to medical equipment. When there’s an unexpected power interruption or internet service disruption, countless people can’t seem to work or entertain themselves. Life grinds to a halt when technology stops working, and many feel helpless that they can’t check their email, post on social media, or play their favorite video game.
Scammers take advantage of people’s reliance on technology and exploit the panic one feels when his or her computer suddenly stops working. Tech support scams have always been the bread and butter of criminal groups in the tech industry. Still, there is another nefarious type of fraud out there that isn’t as big but has victimized a lot of people over the years: data recovery scams.
Not All Data Recovery Services Are Scams
Before we go into the details of what a data recovery scam is, let’s explore the real business model, these scammers are trying to exploit. There are legitimate IT companies that offer genuine data recovery services done by professional technicians if you somehow manage to brick a hard drive that contains important files.
Characteristics of a legitimate data recovery business:
- These businesses are mostly local and will have a physical address you can verify by paying a visit.
- They won’t ask for any upfront fees or pull your strings by saying they already begun the process but need parts that cost extra.
- You can either mail your broken hard drive to them or deposit it in person.
- They have real ISO5/Class Cleanrooms – controlled environments that have a low level of pollutants like dust, chemical vapors, aerosol particles, and airborne microbes.
Recommended for you: Cybersecurity Threats: COVID-19 Scams You Need to Avoid.
Real Data Recovery is Complicated
Data recovery is a complex process that has services at multiple levels, usually ranging from Tier 1 to Tier 3. These tiers require different equipment, technician skills, time to complete, and a cost equal to the level of data recovery involved.
- Tier 1 service involves lightly damaged hard drives that usually include bad sectors or errors on the media surface that the computer can no longer read or access, making the HDD unrecognizable.
- Tier 2 service is when the internal parts of a hard drive need to be replaced due to hardware failure or faulty firmware. The inner components of a hard drive are sensitive and must be taken apart inside a cleanroom to minimize damage from external pollutants.
- Tier 3 service is reserved for worst-case scenarios such as fire and water damage due to accidents or other disasters.
And here lies the problem: people who crash their hard drive without backing it up suddenly find themselves in a frantic race against time to recover the files. Last-minute research on what to do and who to call may lead them to illegal and unethical data recovery services that will not only charge them an arm and a leg multiple times but won’t be able to recover most of the data they got paid for.
What is a Data Recovery Scam?
A data recovery scam is when a person pays an upfront fee for hard drive recovery services and is asked to pay more for parts, laboratory use, and shipping with little to no data recovered in the process. They also secretly lock your hard drive to force you to work with them. Scammers will also make you sign a waiver that absolves them from giving refunds if they can’t recover your data. It’s a win-win for them because they get paid to do nothing, and you can’t get your money back. Based on the latest identity fraud facts and statistics, these scammers can also tell you they weren’t able to recover anything when they did. Your stolen data can now be sold or used for identity theft.
Common Data Recovery Scams
If you’ve haven’t heard of data recovery scams, it’s because they pretty much operate under the radar. Unlike tech support scams that offer a plethora of bogus services from virus removal to PC cleanup and are aggressive at calling their targets, data recovery scammers wait for you to come to them. Fake data recovery services aren’t based locally and will “boast” of a swanky looking headquarters located somewhere else. These scammers offer mail-in data recovery on the cheap, usually $150 for a problem that they haven’t even adequately diagnosed yet. Here are the most common.
You may like: 10 Best Ways to Protect Your Business Against Cyber-Attacks.
Bait and Switch Data Ransom
An unethical data recovery service provider advertises a low price online for Tier 1 drive failures, and they’re conveniently located in another state. Hence, you have to ship your hard drive to them. Most of these scammers will even send you a box in the mail with an attached prepaid shipping label for a hassle-free experience. However, it isn’t as hassle-free as advertised. The moment they get their hands on your faulty hard drive, they’ll clone it so that they’ll have the only existing copy of your data anywhere and hold it for ransom.
They then purposely damage your hard drive, effectively “killing” it, and will call to let you know that the job is more than a Tier 1 and will quote you for Tier 2 or even Tier 3 recovery costing several thousand dollars. If you can’t or refuse to pay, they’ll ship your hard drive back to you, but since they killed it, nobody else will be able to recover anything. Now you won’t have a choice but to deal with the scammers if you want your data back.
Lock and Load
Another scam is when a customer sends his damaged hard drive by mail for a quote and gets a figure too steep for comfort, usually $2,000 0 $3,000. The customer then asks for the device back so he can check with other data recovery services. These other providers inform the customer that data recovery is impossible because the con artists illegally locked the hard drive, and their technicians won’t be able to access it without a username and password. The customer is now forced to work with the scammers to get his data back.
Window Shopping Cleanroom Scam
A customer shops around for data recovery service providers and contacts several, one of them a bogus IT company. The scammers give her a quote that’s high enough to seem legit but purposely lower than all the other providers – without even inspecting the actual drive yet. After the customer shops around and decides that the con artist’s quote seems reasonable, they’ll ask her to mail them the hard drive. The scammers will now claim that other providers opened the customer’s hard drive in an “unclean environment,” and they have to charge an additional $1,000 fee on top of the original quote for the use of their cleanroom.
How to Avoid Getting Scammed By Data Recovery Con Artists
If your hard drive failed and you need your data recovered, here are a few tips on how to find a legitimate service provider.
Choose Local
When searching for an IT service business to recover your data, it pays to go local. Choosing a local company lets you visit them and talk to a qualified technician in person, who can give you the rundown on how their process works and an actual quote for the job. You can bring your hard drive in person, and some companies even offer free diagnostic tests to see the current state of your hard drive.
Read Reviews on the Better Business Bureau (BBB) Website
Google and social media reviews are not enough because online surveys can be manipulated or influenced easily. You need to dig deeper and search for the company you want to do business with on the BBB’s review website. If a data service provider has a lot of negative reviews, stay away.
Call Them
The most natural step you can take to avoid getting scammed is to call a data service provider first and ask them basic questions such as where they are located and what type of cleanroom they have. If the person you’re speaking with avoids answering your questions and wants to lock you into a price for recovering your data without even hearing what your issue is, the company is most likely a scam.
You may also like: Cybersecurity Risk Assessment & Management Tips for Small Businesses.
Conclusion
There’s no better con than trying to hold people’s data for ransom and asking them to pay for damages you caused yourself because there’s nothing they can do about it. The investment is virtually nil. All a scammer needs is a forwarding address, a phone, a website, and a computer to pass himself off as a data recovery expert. While some victims were able to get their money back, the damage to their already faulty hard drive and lost data has already been done. What’s worse is that when these scammers sell the contents of the cloned hard drives, exposing the privacy of their victims.
Don’t be a victim. Always do your due diligence when choosing a data recovery service provider. Don’t forget to back up all your files on a separate hard drive and in the cloud.
This article is written by Daniel William. Daniel is a Cyber Security Expert. His great passion is to maintain the safety of the organization’s online systems and networks. He knows that both individuals and businesses face the constant challenge of cyber threats. Identifying and preventing these attacks is a priority for Daniel. You can reach Daniel at LinkedIn.
This article is written by Daniel William. Daniel is a Cyber Security Expert. His great passion is to maintain the safety of the organization’s online systems and networks. He knows that both individuals and businesses face the constant challenge of cyber threats. Identifying and preventing these attacks is a priority for Daniel. You can reach Daniel at 
Web Developer & SEO Specialist with 15+ years of experience in Open Source Web Development specialized in Joomla & WordPress development. He is also the moderator of this blog "RS Web Solutions".