Online fraud is a big source of revenue for cyber criminals. Unfortunately, these campaigns often leverage trusted, legitimate company names and sophisticated social engineering tactics to make their attacks convincing enough to dupe unsuspecting users. That’s exactly what has been happening in a recycled Microsoft tech-support scam involving panic-inducing browser lockers, which Malwarebytes recently uncovered.
Interestingly, this operation is technically “recycled” because a similar version was spotted and shut down by Malwarebytes a few years ago. But, the latest incarnation incorporated a few new elements. According to a report from SC Magazine, here’s how it works:
“A computer with no problem receives pop-up ads that are facilitated with a browser locker to make it appear to the victim that there truly is something wrong with their computer. The malicious actors generally pose as an authorized Microsoft support team, but some have also pretended to be from Malwarebytes. This is ironic since Malwarebytes helped uncover the original scam two-years ago and is the firm that once again spotted the threat.
The scammers go by the names GeeksHelp and AmericaGeeks, and were previously known as Geeks Technical Solutions LLC. The actual attack has not changed. Once the target calls the number on the pop-up ad they are encouraged to download an app giving the criminals the ability to control their computer and they are then given a hard sell to purchase a “support plan” from the fake company, Malwarebytes said.”
The social engineering aspect of the swindle includes an explanation of why the call is being obviously routed to a non-Microsoft or Malwarebytes team. The pop-up states that all calls originally go through the company before being forwarded to their external authorized support teams.”
For more information on this attack, read the full report on SC Magazine. Sadly, this is just one example of the many online fraud operations users need to watch out for. Learn about best practices for identifying and avoiding cyber scams, and solutions for preventing phishing attempts delivered via email here on Secplicity.