Tech Support Scams Are Getting More Sophisticated

For years, scammers have phoned unsophisticated computer users claiming to be from software companies and internet providers and charging hundreds of dollars to fix nonexistent technical problems.

Last September, Microsoft warned customers not to fall for fraudsters claiming to work for the company, estimating 3.3 million U.S. users would pay $1.5 billion to tech support scammers in 2015 alone. Now, according to security vendor Malwarebytes, such scammers are getting more sophisticated then ever, placing online ads that generate fake error messages adapted to each victim’s computer setup.

“The evolution of this scam is leading to more victims and much greater consequences for the general public,” the company warned in a report issued this week.

The error messages urge users to call hotlines operated by the scammers for help fixing bogus computer problems, and call center workers charge them inflated prices for basic services like running antivirus scans and clearing software caches, or for essentially nothing at all, says Malwarebytes CEO Marcin Kleczynski.

Often, the scammers use JavaScript to generate a series of popup error windows that make it hard for unskilled users to even close their browsers. And in roughly the last six months, Malwarebytes researchers have seen scammers taking a page from ransomware attackers, installing malware to lock victims out of their computers until they pay to have it removed.

“We’re going to see more aggressive techniques,” says a Malwarebytes researcher who asked not to be named because he’s involved in active investigations of the scams. “In particular, I wouldn’t be surprised if they started using ransomware and encrypting people’s files.”

But unlike with traditional ransomware attacks, where users are openly blackmailed into paying to have their computers repaired, victims of tech support scams may not even realize they haven’t paid for real tech support service, says Kleczynski. That’s enabled scammers to operate through seemingly legitimate companies in the U.S. and abroad, accepting credit cards for payments without immediately generating suspicious numbers of complaints to banks.

Workers at fraudulent call centers may not even realize they’re part of a scam, since they’re often isolated from the parts of the company deploying malware or fraudulent ads. And scam operators often deliberately hire employees incentivized not to ask too many questions, even advertising in classified ads that they’re willing to hire employees with criminal records who might have a difficult time finding work.

“The upper management is aware that they’re hiring people who may not find a job elsewhere and may be easier to manipulate,” says the Malwarebytes researcher.

Malwarebytes has worked with the Federal Trade Commission to shut down some scam operations and provided experts to testify in one case in which an alleged scam company called OMG Tech Help agreed earlier this year to surrender its assets to a court-appointed receiver. But even as regulators strike back, other fraudsters continue to take advantage of users who don’t know to watch out for the scams, Kleczynski says.

“We’ve got to keep screaming this from the rooftops,” he says.

The scammers have also gotten adept at evading detection, switching IP and web addresses to evade blocking by browser vendors and security software. And to get around filtering by the online advertising networks they use to deploy misleading pop-ups, they’ll often purchase legitimate ads for a time, then begin injecting nefarious content.

“These things are embedded in real time,” Kleczynski says of internet ads. “You’ve got criminals serving good advertising for a while and then swapping it out for bad advertising.”

Sometimes the scammers will even filter calls from unknown numbers or numbers tied to government investigators or security firms, he says, in an effort to evade detection.

For internet users looking to dodge scams, Kleczynski advises following typical online security advice: Keep operating systems patched and use security software to filter out malware that could be used by scammers; avoid browsing dodgy websites that are more likely to allow unsavory advertisers; and be skeptical of unsolicited messages or calls from anyone claiming to represent companies like Microsoft or Apple.

Microsoft has worked with AARP to help inform seniors about the scams, but elderly users remain more likely to fall for the fraudulent messages and cold calls.

“I would not pick up a random phone call. My grandmother would,” Kleczynski says. “I think that just [effectively] selects who’s going to be talking to a lot of these scammers.”

Fast Company , Read Full Story

(39)