The tech support scam is essentially about social engineering a mark over the phone by making up non-existent problems and extorting money, is evolving.
According to Malwarebytes the scammers were also targeting Apple Mac users in a similar fashion to what they do to their Windows counterparts. Now, those same crooks are going after smart phone and tablet users.
This is not too surprising since the market for mobile is surpassing that of the traditional desktop computer.
Companies involved in these scams can use one of two methods (or both) to reach out to potential victims: cold calling and/or online advertising.
This type of cold-calling scam has become common in recent years, especially in English-speaking countries, and prompted warnings from consumer protection groups, government agencies and security companies.
The scammers use professional and technical language to gain users’ trust and ask them to download and install remote access programs on their computers.
They then connect to those computers and open various system utilities like the Windows event viewer or registry editor to show victims errors in an attempt to prove their computers have a problem.
Segura recently searched for “Android slow tech support” on Bing from his Android tablet and the first two sponsored results—paid ads—led to sites from companies offering tech support for tablets and smartphones. He called the toll-free number listed on one of the sites and, according to him, what followed was clearly a tech support scam.
The alleged support technician asked Segura to connect his phone to his computer and then install remote access software on the PC so he can access the phone. After connecting through the software and browsing through the internal storage of the phone, the technician claimed a malware infection on the PC was actually causing problems on the whole network and affecting the Android phone when using Wi-Fi.
He then claimed a file called rundll32.exe, which is actually a legitimate Windows system file, was the problem and claimed it had also been installed to the phone. From a technical point of view, this doesn’t make sense since Windows executable files can’t run on Android.
”It’s quite hard to keep your composure when hearing such blatant lies,” Segura said. “It’s not that the technician is poorly informed but he is in fact fully aware of what he’s doing and yet does not have a problem with it at all.”
The technician then proceeded to delete some files from the Windows Prefetch folder and then restored them using a keyboard shortcut, claiming this was a sign of the infection reappearing. He then told Segura that he needed to buy a 12-month tech support subscription that cost $299.
”The scary thing is that many people that aren’t too tech-savvy will believe these words at face value and end up paying several hundred dollars for dubious services from rogue technical support companies,” Segura said.
While in this particular case scammers used online ads to target smartphone and tablet users, Segura believes they will most certainly use unsolicited phone calls as well. They might also ask users to install remote access software directly on their mobile devices in the future, he said.
Segura’s report comes after the U.S. Federal Trade Commission warned consumers about a different scam targeting users who might have previously been tricked by tech support scammers.
According to Malwarebytes the scammers were also targeting Apple Mac users in a similar fashion to what they do to their Windows counterparts. Now, those same crooks are going after smart phone and tablet users.
This is not too surprising since the market for mobile is surpassing that of the traditional desktop computer.
Companies involved in these scams can use one of two methods (or both) to reach out to potential victims: cold calling and/or online advertising.
This type of cold-calling scam has become common in recent years, especially in English-speaking countries, and prompted warnings from consumer protection groups, government agencies and security companies.
The scammers use professional and technical language to gain users’ trust and ask them to download and install remote access programs on their computers.
They then connect to those computers and open various system utilities like the Windows event viewer or registry editor to show victims errors in an attempt to prove their computers have a problem.
Segura recently searched for “Android slow tech support” on Bing from his Android tablet and the first two sponsored results—paid ads—led to sites from companies offering tech support for tablets and smartphones. He called the toll-free number listed on one of the sites and, according to him, what followed was clearly a tech support scam.
The alleged support technician asked Segura to connect his phone to his computer and then install remote access software on the PC so he can access the phone. After connecting through the software and browsing through the internal storage of the phone, the technician claimed a malware infection on the PC was actually causing problems on the whole network and affecting the Android phone when using Wi-Fi.
He then claimed a file called rundll32.exe, which is actually a legitimate Windows system file, was the problem and claimed it had also been installed to the phone. From a technical point of view, this doesn’t make sense since Windows executable files can’t run on Android.
”It’s quite hard to keep your composure when hearing such blatant lies,” Segura said. “It’s not that the technician is poorly informed but he is in fact fully aware of what he’s doing and yet does not have a problem with it at all.”
The technician then proceeded to delete some files from the Windows Prefetch folder and then restored them using a keyboard shortcut, claiming this was a sign of the infection reappearing. He then told Segura that he needed to buy a 12-month tech support subscription that cost $299.
”The scary thing is that many people that aren’t too tech-savvy will believe these words at face value and end up paying several hundred dollars for dubious services from rogue technical support companies,” Segura said.
While in this particular case scammers used online ads to target smartphone and tablet users, Segura believes they will most certainly use unsolicited phone calls as well. They might also ask users to install remote access software directly on their mobile devices in the future, he said.
Segura’s report comes after the U.S. Federal Trade Commission warned consumers about a different scam targeting users who might have previously been tricked by tech support scammers.
No comments:
Post a Comment