Back in February, experts warned Internet users of a campaign in which cybercriminals not only tricked people into handing over their login credentials, but also lured them to bogus tech support services. More variations of the scam have surfaced.According to Malwarebytes researchers, scammers are using various methods to trick people into calling fake tech support services. In some cases, they advertise their sites via sponsored ads on search engines.
In other cases, they first lure victims to a phishing page. The phishing sites target the customers of various services, including Netflix, AT&T, AOL, online gaming site Pogo, Comcast and CenturyLink.
After unsuspecting internauts enter their username and password on the phishing site, they’re informed that their accounts have been temporarily suspended. Victims are instructed to call a certain number to regain access to their accounts.
The phishing sites also host pages containing a live chat that’s also used to lure victims. The so-called support technicians ask for various amounts of money for allegedly fixing some non-existent security issues.
The phishing sites are hosted on legitimate-looking domains. The list includes aolrisk.com, aolfix.com, affiliatedhelp.com, myscreenname.com and login-emails.com. Experts highlight the fact that targeted advertising is much more efficient than random cold calls.
Check out the video in which Malwarebytes shows how the tech support scammers operate: