Tag: tech-support scams

ISPs another vector for tech-support scams

Article

Tech support scams target victims via their ISP | BBC News

Fraudsters impersonate victims’ ISPs in new tech support scam | Graham Cluley Blog

My Comments

Previously, as I have known from close friends’ experiences, there have been the fake tech-support phone calls claiming to be from Microsoft or another major software vendor. This was with me congratulating a person who wasn’t computer-literate immediately hanging up on one of these calls along with someone else asking another of these scammers for their Australian Business Number (equivalent to a VAT number in Europe).

These scams have evolved to a pop-up message pretending to be from one of the major software firms but asking them to call a number listed on that message. Typically this comes in the form of a virus or pirated-software alert as the message and some of these messages even appear on the lock screen that you normally enter your password.

Now the messages are appearing to come from ISPs, typically the ones who have most of the Internet business in the US, UK and Canada. But this is about the ISP detecting malware on the customer’s system with a requirement to call a fake customer-support number.

In this case, they identify a customer’s ISP based on a “spy pixel” ad on a site infected with malware or a “malvertisement”. The ads are typically served through large ad networks offering low-risk advertising products. This is used to identify the customer’s “outside” or WAN IP address which effectively is the same for all computers accessing the Internet from the same router.

Here, most residential and small-business Internet services have this IP address automatically determined upon login or at regular intervals and is obtained from a pool of known IP addresses that were assigned to that ISP to give to their customers. There is logic in the malware used to identify which ISP a customer is with based which IP address pool the IP address is a member of.

In these cases, call the ISP using the number they have provided you for technical support: typically written on their own Website which you should type in the URL for; written on any documents that you receive from them like accounts or brochures, as part of doing business with them; or by looking them up in the phone book. As well, don’t give any account numbers or personally-identifiable information to unsolicited approaches for technical support that you are not sure about.

But in all cases, you are most likely to initiate the call for personal or business tech support yourself when you need this support because you know your computer and network and how these systems perform. Typically you will approach one of the computer experts in your community, your workplace’s IT department if they have one, or your computer supplier for knowledge or assistance.

Cleaning up online advertising: Google and Bing make life hard for undesirable advertisers

Article

Advertising of predatory financial services

Google Will Start Banning All Ads From Payday Lenders | Mashable

Advertising of online tech-support scams

Bing brings in blanket ban on online tech support ads | Naked Security

My Comments

Google clamps down on advertising of predatory financial services

An issue that has caused a lot of concern with the Global Financial Crisis is the existence of predatory sub-prime financing services like payday and other short-term loans. This issue has been raised as a civil rights issue as well as a consumer-protection issue because predatory lending occurs more with disadvantaged communities and the kind of loan products charge exorbitant amounts of interest.

Google has attacked this issue by prohibiting payday and similar lenders from advertising through their Adwords search-advertising platform. As far as I know, it doesn’t affect any of Google’s display advertising services like Adsense or Admob. This follows similar action that Facebook had taken concerning their online advertising platform, with both these companies being the biggest online advertising platforms encompassing both their own properties and the ad networks that serve other publishers and mobile app developers. It is part of Silicon Valley’s reaction to contemporary issues of concern like civil rights.

This will effect the advertising of loan products that are due within 60 days or have an interest rate of 36% or more in the USA. But the issue that may surface is whether Google will apply this rule to their display advertising networks and if other online advertising services will follow suit and apply it across their products.

Bing clamping down on online tech-support scams

I have given a fair bit of airtime on HomeNetworking01.info about the online tech-support scams due to hearing from people in my community who have had near misses with these scams.

This typically manifested in the form of the phone calls that people received from someone pretending to be the tech-support team associated with a respected IT or telecommunications name, stating that the user’s computer has a virus or something else is wrong with the user’s computer hardware or software.  But they lead you to establish a remote-access path to your computer so they can “fix” the perceived “problem” or “threat” for a fee, with these scammers making off with a large sum of money or installing software of questionable provenance and relevance on your computer.

Most of us have become aware of these scams through the various customer-education efforts by the IT community and consumer-protection organisations, encouraging us to seek IT support from people whom you know and have met in person like your business’s IT department or the IT experts in your household, family or community.

This has led to computer users not answering these calls or simply hanging up when they receive those calls. Now the scammers’ MO has changed towards cost-per-click Web ads or popups that flash up warning messages saying that your computer has problems and instructing you to call a toll-free number. This plays on the fact that you are seeking a problem to be rectified by placing that phone call.

Bing Ads, which is part of Microsoft’s Bing search platform, have banned the advertisement of third-party tech-support services because of the quality issues that are affecting end-users’ data safety. There has been an unintended consequence from this ruling which has made it hard for honest IT-support providers to advertise their services on that platform.

Conclusion

I see it as one of many efforts by the online advertising industry to clean up its act and gain the same level of respect as traditional advertising but there could be a more uniform approach to the problem of questionable online and mobile advertising.

The only way I see this coming about is for the industry to adopt a code of practice with conformance being indicated to end-users, publishers, content-filter software and others through distinct trademarks and symbols. This could address issues like advertising that is allowed, the kinds of ad contracts offered including the tenure of these contracts and the kind of payment received, due-diligence requirements, and liaison with law enforcement, customer protection and other authorities.

Tech support scams now affecting the Macintosh platform

Article

Mac users: Beware of increased tech support scam pop-ups | MalwareBytes Unpacked blog

My Comments

The Apple Macintosh has been seen by its users as a safe regular-computer (desktop / laptop) platform mainly because it didn’t have as much of a foothold as the MS-DOS / Windows platform. Now this platform is starting to appeal to malware authors due to the fact that more people are heading towards it as a regular-computer option along with the fact that Microsoft has been continually hardening the Windows platform.

Windows users had suffered the bane of various unsolicited “tech-support” scams ranging from Website popups through to phone calls. Now the Mac platform is under attack because these scams implement JavaScript to take over the machine in a similar way to what happens with Windows. Also the same scam targets iOS devices due to their use of Safari with the same codebase and JavaScript implementation.

Of course, don’t follow through with the prompts to call these numbers or download the software because this involves activities like malware downloads or paying exorbitant fees to dodgy overseas-based businesses. But what do you do to close these nag screens?

On the Macintosh, you would have to kill the browser session by using the Force Quit routine. The best way IMHO to do this is to press Command+Option+Shift+ESC together if the browser has the foreground. You can also press Command+Option+ESC to bring up the Force Quit menu and use the mouse or trackpad to select the application to stop. The reason I suggest using the keyboard shortcuts is because some of the nuisance dialog boxes can effectively “take over” the pointing device.

iOS users can stop the browser by double-clicking the Home button and swiping the window representing the troublesome app to kill that app.

On both platforms, you clear out the browser cache and history to stop the fake tech-support Website cropping up. This is more important for the iOS platform because if you open up Safari, it will come up with the last-opened Website. For the OS X implementation, you click the “Clear History” option in the “History” menu, which also clears the cache. For the iOS implementation, you go to the Safari option in the Settings app and then tap the Clear History button to stop it from reopening.