SmartLab

New Twist On The Popular Tech Support Scam Has Surfaced

Written by Sherlogix Holmes | 11/13/2017

Phishing attacks are always evolving and trying to force us into ignoring our own good sense. A common attack is the infamous technical support scam. Historically, this involved a phone call from someone claiming you need help with your computer, an email message that directed users to fake sites where malware was installed, or a fake tech support popup message requesting payment card numbers. While those are still common, Microsoft researchers have discovered a new play on this scam.

Lately, modified phishing email messages appear to be from reputable and well-known companies. They’ve used Amazon, LinkedIn, and Alibaba so far, but more are likely around. They use social engineering to trick the user into clicking on links that take them to fake technical support websites. Some of the ruses are that an order was cancelled or there is a LinkedIn notification waiting. In some cases, users give up payment card information, but in others, popup windows keep appearing. Another one is a never-ending dialogue loop throwing up fake tech support warnings with fake phone numbers where the user can get “help.”

Never fall for these. They are getting more popular as technology perhaps gets more technical. According to some figures, 3 million people are victims of these each month.

Remember that no one has a clue if you need technical support for any item unless you say so first. While it’s a good guess that someone at any given time probably does need help with a computer or mobile device, a random caller or emailer won’t have any idea. Don’t let them convince you otherwise. If you have a legitimate support request open with a vendor, go to their support site and check in with the ticket number or other identifier. Don’t trust just anyone.

If you get a message claiming your Amazon or Alibaba order was cancelled, or that there is a LinkedIn notification waiting, for example, go to those websites and check rather than clicking links in email messages.

For additional articles on identity theft and more, visit the Logix Security Center.

© Copyright 2017 Stickley on Security
____________________________
 
Logix is proud to partner with Stickley on Security to help ensure our staff and members are well informed about current fraud avoidance best practices. The content above was provided by Stickley on Security and may not always represent the views of Logix.