Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Scammers are using fake tech support pages to steal thousands from unsuspecting users - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Scammers are using fake tech support pages to steal thousands from unsuspecting users
Quoting Yahoo Security: While most topics in the tech world tend to engender impassioned debate, there's one issue that everyone can unanimously agree on: tech scammers who prey on and take advantage of unsuspecting Internet users are the scourge of the earth. And while most people are familiar with scams that rely upon adware or ransomware, scammers have recently started using a new strategy that's as clever as it is loathsome. According to Malwarebytes Labs , a group of scammers who call themselves 'Tech Kangroos' have started putting up tech support webpages designed to look nearly identical to webpages from known software companies. In turn, when unsuspecting users undertake to seek out tech support help via search engines like Google or Bing, they're naturally tricked into clicking on fraudulent websites. In short order, users are coerced and manipulated into paying hundreds of dollars for non-existent tech support. DON'T MISS:  New unlimited VPN app for iPhone is designed to bypass censorship Highlighting the degree to which these scammers will go to trick users, below are a few screenshots of ostensibly official tech support webpages. Note how the font and styling of the pages below are spot-on replicas of the real thing. Malwarebytes Labs notes that the scam, once an unsuspecting user lands on a fraudulent page, usually involves the following steps: The next phase of the con consists of taking remote control of people’s computers and performing a fake security scan as a scare tactic. We called the number and went through the process; it was hard not to notice the constant stream of voices from the boiler room where those so-called technicians operate from. Within minutes, we were presented with a bill for over one thousand dollars. In fact, a friend's father called me up a few weeks ago after almost falling prey to such a scam. Somehow, he was browsing the web when a pop up emerged alerting him to the fact that his Mac may have been infected. The pop up strongly urged him to call Apple support at a listed 1-800 number. Upon calling, the "support technician" on the other end of the line wanted to initiate a screen sharing session in order to figure out which "virus" had infected the computer. Thankfully, my friend's father became suspicious and hung up. Others, however, may not be so lucky, especially if scammers become even more adept at sweet talking less tech savvy customers into believing that their machines have been compromised. Speaking to the growing sophistication of these scammers, Malware Bytes points us to the following support comment found on Norton's support website. Hi, I was having problems changing my Norton Password and at some point I got a screen that looked very much like a Norton webpage where I was encouraged to call a tech support number. Number was 800-277-6232. I spoke to a tech who had me install a program called Team Viewer. The tech performed some tests, essentially using my computer logs, and demonstrated that my computer had been hacked. He then encouraged me to buy an upgrade from norton that would allow me unlimited tech support. The costs were rater steep. $149.00 for two years and $199 for three years. I was going to buy the service but hesitated when the tech stated that the charge to my credit card would show up as Tech Kangaroos. I asked why it would not be Norton. He explained that they were not technically Norton, but a company contracted by Norton to handle their support. The tech was very professional and extremely helpful and understanding. He provided me with his call back number and extension. I stated I needed to check this out before I paid for anything. He expressed understanding of my concern. By this point I am thinking I am a royal idiot for allowing access to my computer. I immediately began to look at my Norton Security, but found that I could not see the program window. I uninstalled Norton Security, rebooted, re-installed Norton Security and changed my computer's password. Am I belatedly too concerned about this process? Does Norton Support make use of Team Viewer? It it a common practice for Norton to sell upgrades to their products via 3rd Parties who operate out of Bangkok and especially a company called Tech Kangaroos? Looking at this Software, Norton Security, it seems that it already does much of what the tech was trying to sell me. Basically, a anti-hacker protection. (mind this would have entailed allowing their techs to have control over my computer for several hours while they did a cleanup and re-installed Norton.) This has only made me more suspicious. I have also deleted TeamViewer. Oh he created this text file during our conversation. No doubt, this was an attempt to ensure that I understood exactly what I was being sold. And doing so, it did lend an air of respectability to the process. I would hope if you could verify that this was legit, or tell me otherwise. I did just google that phone number and the number is found on several sites informing people of scams. MalwareBytes did a bit of digging in order to find out who exactly is behind the aforementioned scam, so make sure to hit the source link below for the full scoop on the trash who have no problem stealing the hard-earned money of innocent and trusting users.
Yahoo Security
Though users are becoming victim of fake tech support scammer, to overcome this situation users should:

•Hang-up the call if they say that they are from tech support and they have found threat or virus on your PC
•If you find any type of infection then it is recommended that you must show up your PC to someone you know. Someone means person whom you know personally.

Recently, I have found that Ivan Kwiatkowski – a security researcher whose parent’s PC (which was just 30 minutes older) got infected with Zeus Malware. When he calls tech support for help they insisted him to pay money in order to install software that will automatically fix the computer problems. But remember the Ivan Kwiatkowski is a security expert. Find out how he tricked tech support scammer to install ransomware on their PC - https://www.pcthreatremoval.net/tech-support-scammer-tricked-installing-ransomware
Anonymous

Sign Up for Free or Log In to start participating in the conversation!