14 DAY TRIAL // Cybercriminals attempt to find the perfect lure for their victims and in one tech support scam they used Microsoft Security Essentials’ familiar interface to alert of malware presence on the computer and direct unsuspecting users to a fake support desk.
During a malvertising investigation, Chris Larsen at Blue Coat, a company providing security solutions for enterprises, discovered a website that alerted the visitor that malware was detected on their computer and offered a free scan using Security Essentials tool.
If the visitor complies and initiates the fake scan, they are displayed a scan window very much resembling the one in the original product from Microsoft.
As a general characteristic for this type of fake alerts, scammers resort to all sort of tricks to make the matter seem urgent, so that the victim follows their lead.
This is achieved by displaying messages in red color and plastering a worrying number of detected infections, hundreds and sometimes even thousands, depending on the type of scan. In this case, the fake antivirus found only a few dozen infections.
Also particular to such alerts is to offer a download link for a free security product that would propose purchasing a more feature-rich version in order to eliminate all malware detected on the system.
However, as Larsen reports, the operators behind this scam run a different type of business, that requires interaction with the victim via a web chat application. This could be more lucrative for the crooks because most of the times they have the necessary skills to persuade the individual at the other end to purchase one of their products.
Although it may not seem so, tech support scams are very lucrative operations that can rake in hundreds of thousands of dollars by selling overpriced or pirated software to the victims.
In a recent investigation, Jerome Segura at Malwarebytes discovered that, contrary to popular belief that most support desk scams are operated from overseas, several American companies offering technical assistance also practice this type of fraud.
In a regular discussion with a fake support technician, they would lie about the current state of the computer and offer sufficient information that would brush off any suspicions the victim may have about the legitimacy of the service.
They can be very persuasive in their talk, even claiming to be affiliated with Microsoft or other reputable tech company.
Larsen says that the group behind this scam is most likely from Eastern Europe because when he tried to contact a technician via the legitimate LiveChat web app, he was returned a message saying that no operators were on duty at that moment.