• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Unoriginal Tech Support Scammers Resurface

March 12, 2018 By The Editor

Online fraud is a big source of revenue for cyber criminals. Unfortunately, these campaigns often leverage trusted, legitimate company names and sophisticated social engineering tactics to make their attacks convincing enough to dupe unsuspecting users. That’s exactly what has been happening in a recycled Microsoft tech-support scam involving panic-inducing browser lockers, which Malwarebytes recently uncovered.

Interestingly, this operation is technically “recycled” because a similar version was spotted and shut down by Malwarebytes a few years ago. But, the latest incarnation incorporated a few new elements. According to a report from SC Magazine, here’s how it works:

“A computer with no problem receives pop-up ads that are facilitated with a browser locker to make it appear to the victim that there truly is something wrong with their computer. The malicious actors generally pose as an authorized Microsoft support team, but some have also pretended to be from Malwarebytes. This is ironic since Malwarebytes helped uncover the original scam two-years ago and is the firm that once again spotted the threat.

The scammers go by the names GeeksHelp and AmericaGeeks, and were previously known as Geeks Technical Solutions LLC. The actual attack has not changed. Once the target calls the number on the pop-up ad they are encouraged to download an app giving the criminals the ability to control their computer and they are then given a hard sell to purchase a “support plan” from the fake company, Malwarebytes said.”

The social engineering aspect of the swindle includes an explanation of why the call is being obviously routed to a non-Microsoft or Malwarebytes team. The pop-up states that all calls originally go through the company before being forwarded to their external authorized support teams.”

For more information on this attack, read the full report on SC Magazine. Sadly, this is just one example of the many online fraud operations users need to watch out for. Learn about best practices for identifying and avoiding cyber scams, and solutions for preventing phishing attempts delivered via email here on Secplicity.

Share This:

Related

Filed Under: Editorial Articles, Featured

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • 3CX Supply Chain Attack
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use