Tech Support Scammers Increase Success with Call Optimization



Like legitimate call centers, tech support divisions, and organizations with inbound calling, scammers are using call optimization to improve callback success rates in tech support scams.

For years, organizations have used web code to localize phone numbers based on the location of the visitor. An 800 number in the US, a 0800 number in the UK, and so on helps to ensure customers and prospects alike can easily make contact. Call optimization allows legitimate businesses to properly track, route, and analyze calls to further improve the customer experience.

Scammers focused on Tech Support scams are levering the same methods to improve their odds that not only will you call but will also be more likely to pay. Here’s how it works:

Malvertising on a compromised website brings you to a page not unlike the one below

tech-support-scam

Image Source: Symantec

Note the phone number – scammers use code designed to identify where the visitor is coming from and provide an in-country toll-free number to call. In many cases, they even go as far as to identify the appropriate language used by the visitor and provide a number to someone that speaks their local language.

This effort is made to not only make the page look more legitimate (because, if you hit a page that wanted you to call another country, you would know immediately it’s fake), but to also improve their  “customer experience”, as it were.

It’s a numbers game: the more people that dial the number, and the more people that can communicate with the scammer on the other end of the call, the greater the chances of scamming the victim out of their hard-earned money. Call optimization is merely the latest evolution to improve the scammers odds.

Your greatest defense against scams like this is to educate your users to never fall for them, regardless of all the contextual indicators (such as a toll-free phone number) that it may be legitimate. Security Awareness Training is the most effective way to keep users current on the kinds of scams they will see in the wild, knowledgeable on how to spot them, and empowers on how to avoid becoming a victim.


Topics: Cybercrime



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews