Symantec warns that tech support scams are getting more sophisticated by the month: "These scams remain one of the major and evolving forces in the computer security landscape. Between January 1 and April 30 this year, the Internet Crime Complaint Center (IC3) received 3,668 complaints related to tech support scams, which amounted to adjusted losses of almost US$2.27m."
Recently, Symantec has observed a new feature in the tech support scams it is detecting – the use of code obfuscators. Early tech support scams had their entire malicious code clearly visible. Now code obfuscation, which was mostly seen with Exploit Kits, has made its way to tech support scams.
So, what is this new scam?
A warning that a victim's hard drive will be wiped of all data... unless, of course, they call the fake customer support number. This scam kicks off when a user visits a compromised website. Immediately, it tries to scare the victim with an unusual tactic, Symantec explains:
"The web page displays a fake 'hard drive delete timer' that warns the user that their hard drive will be deleted within five minutes. A warning audio tone is also played in the background, which again warns the user that their system is infected."
The scam also displays a pop-up alert in the browser that the user's computer has been infected by a virus and that they must call a support number to resolve the issue.
I suggest you send this to your employees, friends and family
"Bad guys are coming up with new ways to scam you out of your money all the time. Their latest trick is a Tech Support scam that puts a big warning screen on your computer, claiming that if you do not call the support number, your whole hard disk will be deleted in 5 minutes.
There are variations of this scam, that claim they are your Internet Service Provider, or claim to be Microsoft and you need an urgent update you need to call in for, or they show you a blue screen that claims your computer needs to be repaired. There is always a number to call, and these scammers will try to put hundreds of dollars on your credit card.
Don't fall for it! If you see error messages on the screen, follow policy and contact the person in your organization responsible for IT problems. If you see this on a computer at the house, ignore these messages and do not call the fake tech support number!"
From January 1 2016 through October, Symantec’s IPS blocked more than 157 million tech support scams. Their figures also showed that the countries targeted the most by tech support scams were the US, UK and Canada.
PS: For KnowBe4 Customers, did you know we have a new campaign that takes the most recent Scam Of The Week, and sends this automatically to your users? Set-it-and-forget-it! And there is also another new campaign; we take the Top 10 real phishing attacks of the last week we received through our Phish Alert Button, de-fang them, and send random ones to your users to inoculate them.
Free Phish Alert Button for Outlook
When new spear phishing campaigns hit your organization, it is vital that IT staff be alerted immediately. One of the easiest ways to convert your employees from potential targets and victims into allies and partners in the fight against cybercrime is to roll out KnowBe4's free Phish Alert Button to your employees' desktops. Once installed, the Phish Alert Button allows your users on the front lines to sound the alarm when suspicious and potentially dangerous phishing emails slip past the other layers of protection your organization relies on to keep the bad guys at bay.
Don't like to click on redirected links? Cut & Paste this link in your browser:
https://www.knowbe4.com/free-phish-alert?