tech support scam Sneaky Tech Support Scammers Invent New Tricks to Fool Google Chrome Users

[vissha]

Sneaky Tech Support Scammers Invent New Tricks to Fool Google Chrome Users

 

 

Tech support scammers have devised a slew of new tricks with which they hope to trick unsuspecting Google Chrome users.

 

Jérôme Segura, lead malware intelligence analyst at Malwarebytes, explains that one of the techniques works against a time-tested piece of anti-spam advice: check the URL in the address bar to see if the site is legitimate.

 

This particular spam looks like it originates from Microsoft's tech support channel. The only indication that something's off is the "ru-ru" (Russian part) of its domain.

 

 

Or so Segura believed. As he explains in a blog post:

Quote

"We notice that the address bar is nothing but a JPEG picture that is placed at the right spot to look like an actual address bar when the page is loaded in full-screen mode. To make matters more confusing this particular scam is hosted on Amazon, and that is the correct address bar."

 

 

But it gets even sneakier.

 

One version of the scam displays a pop-up window that warns the user their computer has been infected with spyware. If the user looks all the way at the bottom of the window, they'll see a checkbox that says, "Prevent this box from creating additional dialogues."

 

 

Fantastic! That's...hey, wait a second. Dialogues? Don't they mean dialog?

 

They do, but that's little consolation if you check the box and hit "Okay." Doing so will actually have the opposite effect, that is, the scam will load up a series of additional dialog boxes until the user is annoyed to the point that they'll call the scam phone number.

 

By contrast, other versions of the scam use the correct spelling:

 

 

But those versions bank on the user clicking "Esc," which will also load up a series of additional alerts regardless.

 

These are just some of the latest tricks invented by tech support scammers. In the past few months alone, fraudsters impersonated a user's internet service provider (ISP) and the Global Privacy Enforcement Network to infuse their scams with a sense of legitimacy. They also developed scams that mimic ransomware in that they lock a user's computer. (This tactic could have partly inspired the developers of Fantom, a form of ransomware which encrypts your files while it masquerades as a Windows update.)

 

Given the persistent threat of tech support scams, some security researchers took matters into their own hands when fraudsters made the mistake of targeting those they love.

 

Users should always be on the lookout for random alerts that direct them to call a 1 (800) number for tech support, and they should never listen to tech representatives that call them up and claim they need to purchase anti-malware solutions to clean up their computer. Tech support is a user-driven activity; it's rarely if ever initiated by the vendor. With that being said, if you are experiencing problems with your computer, which might include a suspicious alert, call the company directly and speak to a representative. Doing so could very well prove the alert is a fake.

 

Source