Dennis Fisher at OnThe Wire reported on some fascinating research by three PhD candidates at Stony Brook University.
He wrote: "Fake tech support schemes have been a scourge on the Internet for years, with scammers using scare tactics and intimidation to goad victims into paying for worthless "computer repair" services. To find out how these scams work, who's running them, and how to defeat them, a team of researchers recently spent eight months gathering data and analyzing the scammers' tactics and techniques.
What the researchers from Stony Brook University found is an ecosystem comprising large, organized call centers staffed by trained workers, support by a system of malicious web ads and ad-supported URL shorteners that is all designed to push victims to call. The three doctoral candidates built a custom tool called RoboVic that collected data on the domains and phone numbers these scammers use, and then they actually called 60 separate scam numbers and spent a total of 22 hours interacting with the scammers.
“We discovered that scammers abuse popular remote administration tools (81% of scammers rely on two specific software products), to gain access to user machines where they then patiently attempt to convince users that they are infected with malware. We found that, on average, a scammer takes 17 minutes, using multiple social engineering techniques mostly based on misrepresenting OS messages, to convince users of their infections and then proceeds to request an average of $290.9 for repairing the ‘infected’ machines,” the authors said in their paper.
The study is the first of its kind and gives a fascinating inside look at how these schemes operate and the extent of the infrastructure that supports them. The researchers collected more than 25,000 domains used by various scammers and said that they don't see an end to these operations anytime soon.
“Technical support scam is a multi channel scam that benefits from both the telephony channel and web channel to spread and perform the attack and it makes it difficult to track it and take it down.” said study co-author Najmeh Miramirkhani, a PhD computer science student at Stony Brook." Here is the story:
https://www.onthewire.io/inside-the-tech-support-scam-ecosystem/
Clear as daylight that stepping employees through new-school security awareness training to inoculate them against scams like this is a must today.
Image: Greyweed, CC By license.