The con artists behind tech support scams impersonate reputable technology companies to interact with would-be victims over telephone, via websites or by means of rogue software. The logic of such schemes is to persuade the user that their computer is infected with viruses, generating suspicious network activity or having system activation issues. The goal is to trick victims into paying for troubleshooting services they don’t need.
There are several variations of the modern tech support scam. Whereas the common denominator always boils down to manipulation, the specific mechanisms of achieving this objective may vary and allow security analysts to single out three main tactics of these scammers.
The evolution of tech support scams has spawned new techniques that make these hoaxes more effective and increasingly elusive.
Cybercrooks have recently devised a method to prevent their scams from being detected by antivirus software. It revolves around hiding malicious scripts behind several layers of obfuscation – usually backed by encryption. Following this is an intricate sequence of technical processes that keeps security software from identifying the scam.
Some of the newer frauds mimic the activity of legitimate call centers. The scammers employ call optimization services that normally facilitate the process of routing calls by distributing the load and generating relevant phone numbers based on the user’s location.
When a user is redirected to a scam page, they see a stubborn popup alert that cannot be easily closed due to persistent code. This notification includes a phone number for the visitor to dial in order to take care of the issue. With automatic call optimization in place, the attackers make sure the contact details inserted in the page align with the user’s geographic location. Furthermore, the service can dynamically generate new phone numbers that haven’t been blacklisted.
Another recent tech support scam stands out from the crowd as it disrupts computer performance via the user’s web browser.
The scam drags the web browser into a traffic loop that uses up all CPU power of the target machine. A warning message on the page maxes out the CPU and keeps it there, thus causing the browser to crash. Naturally, this also impacts the stability of the whole computer system and makes regular applications unresponsive. This tactic is used to pressure the victim into giving the feigned support agents a phone call as soon as possible.
Not only are tech support scams prolific, but they are also becoming increasingly sophisticated and evasive. The exploitation of legitimate services make these hoaxes look convincing. To stay on the safe side, users should treat any online warnings with a fair degree of suspicion. The rule of thumb is to refrain from calling the phone numbers listed on such pages.